Abstract
Smart Grid technology with the help of Information Technology (IT) adds many benefits to the traditional grids, but security concerns and especially privacy preserving of users is still a major practical issue. Establishing a secure and reliable communication channel between smart meters and service provider can guarantee data privacy in AMI network. This secure channel can be established with data encryption using a session key which is generated during an authentication scheme. This scheme should be enough lightweight to implement on resource constrained smart meters in delay sensitive AMI network. In this work, we analyze proposed PUF-based authenticated key agreement scheme by Gope et al. and show that their scheme is vulnerable in CK-adversary model and does not provide session key secrecy and backward secrecy. We propose an end-to-end PUF-based key agreement scheme between smart meters and service provider in AMI network which is secure against physical tampering attack and also it provides security in CK-Adversary model for ephemeral leakage attack. Our scheme imposes low communication and computational costs to smart meters. We analyze the security of our proposed scheme against popular attacks and verify its security by using widely accepted scyther tool.
Similar content being viewed by others
References
CEN/CENELEC/ETSI Joint Working Groupn.d., “Final report on Standards for Smart Grids”, [Online] Available : http://www.etsi.org/WebSite/document/Report_CENCLCETSI_Standards_Smart%20Grids.pdf
U.S. Department of Commerce, National Institute of Standards and Technology (2010,January) NIST Special Publication 1108, NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0 [Online] Available : http://www.nist.gov/public_affairs/releases/upload/smartgrid_interoperability_final.pdf
Wang W, Lu Z (2013) Cyber security in the smart grid: survey and challenges. Comput Netw 57(5):1344–1371
P. McDaniel and S. McLaughlin, “Security and privacy challenges in the smart grid,” IEEE Security Privacy, vol. 7, no. 3, pp. 75–77, May/Jun. 2009
Y. Yan, Y. Qian, and H. Sharif, “A secure and reliable in-network collaborative communication scheme for advanced metering infrastructure in smart grid,” in Proc. of IEEE Wireless Communications and Networking Conference (IEEE WCNC), 2011, pp. 909–914
Fang X, Misra S, Xue G, Yang D (2012) Smart grid the new and improved power grid: a survey. IEEE Commun Surv Tuts 14(4):944–980
DOE, “Advanced metering infrastructure,” US Department of Energy, Office of Electricity Delivery and Energy Reliability, Tech. Rep., 2008
Metke AR, Ekl RL (2010) Security technology for smart grid networks. IEEE Trans. Smart Grid 1(1):99–107
Fan Z, Kulkarni P, Gormus S, Efthymiou C, Kalogridis G, Sooriyabandara M, Zhu Z, Lambotharan S, Chin WH (2013) Smart grid communications: overview of research challenges, solutions, and standardization activities. IEEE Commun. Surveys Tuts. 15(1):21–38
J.Wang and V. Leung, “A survey of technical requirements and consumer application standards for IP-based smart grid AMI network,” in Proc.ICOIN, 2011, pp. 114–119
Liu J, Xiao Y, Li S, Liang W, Chen CLP Cyber security and privacy issues in smart grids. IEEE Commun Surveys Tuts. https://doi.org/10.1109/SURV.2011.122111.00145 in press
X. Wang, P. Yi, “Security framework for wireless communications in smart distribution grid” , IEEE Trans. Smart Grid, 2011, 2, (4), pp. 809–818
H. Nicanfar and V. Leung, “Multilayer consensus ecc-based password authenticated key-exchange (mcepak) protocol for smart grid system,” IEEE Tran. on Smart Grid, vol. 4, no. 1, 2013
Canetti R, Krawczyk H (2001) Analysis of key-exchange protocols and their use for building secure channels. In: Advances in cryptology– EUROCRYPT 2001. Springer, Innsbruck, pp 453–474
P. Gope and B. Sikdar,“ Privacy-Aware Authenticated Key Agreement Scheme for Secure Smart Grid Communication”, IEEE TRANSACTIONS ON SMART GRID. PP(99):1–1 · June 2018
Fouda MM, Fadlullah ZM, Kato N, Lu R, Shen X (2011) A lightweight message authentication scheme for smart grid communications. IEEE Trans Smart Grid 2(4):675–685
J. Xia and Y. Wang, “Secure key distribution for the smart grid,” IEEE Trans. Smart Grid, vol. 3, no. 3, pp. 1437–1443, Aug. 2012
D. Wu and C. Zhou, “Fault-tolerant and scalable key management for smart grid,” IEEE Trans. Smart Grid, vol. 2, no. 2, pp. 371–378, Jun.2011
Park JH, Kim M, Kwon D (Sep. 2013) Security weakness in the smart grid key distribution proposed by Xia and Wang. IEEE Trans. Smart Grid 4(3):1613–1614
Tsai JL, Lo NW (2016) Secure anonymous key distribution scheme for smart grid. IEEE Transactions on Smart Grid 7(2):906–914
V. Odelu, A. K. Das,M. Wazid, and M. Conti, “Provably Secure Authenticated Key Agreement Scheme for Smart Grid,” IEEE Trans. Smart Grid 2016, PP, 1
K. Mahmood, S. A. Chaudhry, H. Naqvi, S. Kumari, X. Li, and A. K. Sangaiah,"An elliptic curve cryptography based lightweight authentication scheme for smart grid communication,“Future Generat. Comput Syst , vol. 81, pp. 557–565, Apr. 2018
X.Tan, J. Zhang, Y.Zhang, Z. Qin, Y. Ding, and X. Wang, "A PUF-Based and Cloud-Assisted Lightweight Authentication for Multi-hop Body Area Network.", Tsinghua Science and Technology, 2019, DOI:https://doi.org/10.26599/TST.2019.9010048
J. Zhang, G. Qu, “Physical Unclonable Function-based Key-Sharing via Machine Learning for IoT Security,“IEEE Transactions on IndustrialElectronics, to be published. doi: https://doi.org/10.1109/TIE.2019.2938462
J. Zhang, X. Tan, Y. Zhang, et al., “Frequency offset-based ring oscillator physical Unclonable function,” IEEE Transactions on MultiScale Computing Systems, vol. 4, no. 4, pp. 711–721, Oct.-Dec. 2018
J. L. Zhang, G. Qu, Y. Q. Lv, and Q. Zhou, “A survey on silicon PUFsand recent advances in ring oscillator PUFs,“J. Comput Sci Technol,vol. 29, no. 4, pp. 664–678, 2014
Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
D. Moriyama, S. Matsuo, M. Yung, "PUF-based RFID authentication secure and private under complete memory leakage", Int. Assoc. Cryptologic Res. Cryptology ePrint Archive, 2013
Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other Noisy data. Proc Eurocrypt 2004:523–540
Elson J, Girod L, Estrin D (2002) Fine-grained network time synchronization using reference broadcasts. In: Proceedings of the 5th symposium on Operation System Design and Implementation (OSDI 2002)
Z. Zhang, S. Gong, A. Dimitrovski and H. Li, “Time synchronization attack in smart grid: impact and analysis,” IEEE Transactions on Smart Grid, vol. 4, no. 1, pp. 87–98, Mar. 2013
C. Cremers, “The scyther tool,” www.cs.ox.ac.uk/ people/cas.cremers/ scyther/ [Online; Accessed on June 10, 2016]
G. Lowe, “A Hierarchy of Authentication Specifications,” Proc. Computer Security Foundations Workshop, no. 10, 1997
Cremers C, Mauw S, Vink ED (2006) Injective synchronisation: an extension of the authentication hierarchy. Theor Comput Sci 367(1–2):139–161
“AVISPA-Automated Validation of Internet Security Protocols and Applications n.d.,” [Online]. Available: http://www.avispa-project.org
“HLPSL Tutorial- A Beginner’s Guide to Modeling and Analyzing Internet Security Protocols” n.d.. [Online]. Available: http://www.avispa-project.org
Van Herrewege A, Katzenbeisser S, Maes R, Peeters R, Sadeghi AR, Verbauwhede I, Wachsmann C (2012) Reverse fuzzy extractors: enabling lightweight mutual authentication for PUF-enabled RFIDs. In: Financial cryptography and data security. Springer, Berlin, pp 374–389
Y. Gao, Y. Su, L. Xu, D.C, Ranasinghe ,“ Lightweight (Reverse) Fuzzy Extractor with Multiple Referenced PUF Responses,” arXiv preprint arXiv:1805.07487, 2018 - arxiv.org
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Tahavori, M., Moazami, F. Lightweight and secure PUF-based authenticated key agreement scheme for smart grid. Peer-to-Peer Netw. Appl. 13, 1616–1628 (2020). https://doi.org/10.1007/s12083-020-00911-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-020-00911-8