Lianhai Liu,Yujue Wang,Jingwei Zhang,Qing Yang

DOI: https://doi.org/10.3390/s19030482

IF: 3.9

2019-01-01

Sensors

Abstract:A vehicular ad hoc network (VANET) is a special mobile ad hoc network that provides vehicle collaborative security applications using intervehicle communication technology. The method enables vehicles to exchange information (e.g., emergency brake). In VANET, there are many vehicle platoon driving scenes, where vehicles with identical attributes (location, organization, etc.) are organized as a group. However, this organization causes the issue of security threats (message confidentiality, identity privacy, etc.) because of an unsafe wireless communication channel. To protect the security and privacy of group communication, it is necessary to design an effective group key agreement scheme. By negotiating a dynamic session secret key using a fixed roadside unit (RSU), which has stronger computational ability than the on-board unit (OBU) equipped on the vehicle, the designed scheme can help to provide more stable communication performance and speed up the encryption and decryption processes. To effectively implement the anonymous authentication mechanism and authentication efficiency, we use a batch authentication scheme and a shared secret key mechanism among the vehicles, RSUs and trusted authority (TA). We design an efficient group secret key agreement scheme, which satisfies the above communication and security requirements, protects the privacy of vehicles, and traces the real identity of the vehicle at a time when it is necessary. Computational analysis shows that the proposed scheme is secure and more efficient than existing schemes.

Ting Liu,Yang Liu,Yashan Mao,Yao Sun,Xiaohong Guan,Weibo Gong,Sheng Xiao

DOI: https://doi.org/10.1109/TSG.2013.2264537

2014-01-01

Abstract:Integrating information network into power system is the key for realizing the vision of smart grid, but also introduces many security problems. Wireless communication offers the benefits of low cost, rapid deployment, shared communication medium, and mobility; at the same time, it causes many security and privacy challenges. In this paper, the concept of dynamic secret is applied to design an encryption scheme for smart grid wireless communication. Between two parties of communication, the previous packets are coded as retransmission sequence, where retransmitted packet is marked as “1” and the other is marked as “0.” During the communication, the retransmission sequence is generated at both sides to update the dynamic encryption key. Any missing or misjudging in retransmission sequence would prevent the adversary from achieving the keys. In our experiments, a smart grid platform is built, employing the ZigBee protocol for wireless communication. And a dynamic secret-based encryption demo system is designed based on this platform. The experiment results show that the retransmission and packet loss in ZigBee communication are inevitable and unpredictable, and it is impossible for the adversary to track the updating of the dynamic encryption key.

Chen Chen,Hua Guo,Yapeng Wu,Bowen Shen,Mingyang Ding,Jianwei Liu

DOI: https://doi.org/10.3390/s23083991

IF: 3.9

2023-04-15

Sensors

Abstract:The IoT-enabled Smart Grid uses IoT smart devices to collect the private electricity data of consumers and send it to service providers over the public network, which leads to some new security problems. To ensure the communication security in a smart grid, many researches are focusing on using authentication and key agreement protocols to protect against cyber attacks. Unfortunately, most of them are vulnerable to various attacks. In this paper, we analyze the security of an existent protocol by introducing an insider attacker, and show that their scheme cannot guarantee the claimed security requirements under their adversary model. Then, we present an improved lightweight authentication and key agreement protocol, which aims to enhance the security of IoT-enabled smart grid systems. Furthermore, we proved the security of the scheme under the real-or-random oracle model. The result shown that the improved scheme is secure in the presence of both internal attackers and external attackers. Compared with the original protocol, the new protocol is more secure, while keeping the same computation efficiency. Both of them are 0.0552 ms. The communication of the new protocol is 236 bytes, which is acceptable in smart grids. In other words, with similar communication and computation cost, we proposed a more secure protocol for smart grids.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Fan Wu,Lili Xu,Xiong Li,Saru Kumari,Marimuthu Karuppiah,Mohammad S. Obaidat

DOI: https://doi.org/10.1109/jsyst.2018.2876226

IF: 4.802

2019-01-01

IEEE Systems Journal

Abstract:Cyber-physical systems (CPSs) have attracted the attention of researchers from all disciplines. In such systems, physical devices collect data, interact with Internet, and send the gathered data to serve people. As one important part of such systems, a smart grid is accepted widely and has played a great role for information and communication technology (ICT) and power communities. Secure communication in the smart grid turns to be an urgent aim in the CPS. Several key agreement schemes have been devised in the literature for smart grids. Unfortunately, researchers are still searching for good ways to make the smart grid own anonymity and efficiency simultaneously. This study proposes a novel key agreement scheme for a smart grid with elliptic curve cryptography. Then, we use formal proof based on an authenticated key agreement to give the negligible probability of the attacker. The ProVerif code also proves that our scheme can withstand the simulated attackers under the Dolev-Yao model. By comparing of security properties and performance, our scheme is better than other recent competing schemes. Moreover, via simulation analysis using NS-3, it is found that our scheme is efficient and practical in communication.

Daojing He,Sammy Chan,Yan Zhang,Mohsen Guizani,Chun Chen,Jiajun Bu

DOI: https://doi.org/10.1109/MNET.2014.6724101

IF: 10.294

2014-01-01

IEEE Network

Abstract:It is expected that the smart grid will radically add new functionalities to legacy electrical power systems. However, we believe that this will in turn introduce many new security risks. With the smart grid's backbone communication networks and subnetworks, there are possible scenarios when these subnetworks can become vulnerable to attacks. Ensuring security in these networks is challenging because most devices are resource constrained. In addition, different protocols that are used in these networks use their own set of security requirements. In this article, the security requirements of smart grid communication networks are firstly identified. We then point out that although public key infrastructure (PKI) is a viable solution, it has some difficulties to satisfy the requirements in availability, privacy preservation, and scalability. To complement the functions of PKI, we introduce some novel mechanisms so that those security requirements can be met. In particular, we propose a mechanism to efficiently resist Denial-of-Service (DoS) attacks, and some suggestions to the security protocol design for different application categories.

Daojing He,Chun Chen,Maode Ma,Jiajun Bu

DOI: https://doi.org/10.1002/sec.284

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:To allow many users to hold a secure teleconference in mobile networks, a secure conference scheme with dynamic participation is necessary. However, designing a secure and efficient conference scheme is a difficult task because wireless networks are susceptible to attacks and wireless devices have limited resources. Recently, a lightweight and secure conference scheme has been suggested. Later, it has been found that this solution has security weaknesses and a modified version to overcome them has been presented. Compared with other conference schemes, these two schemes have many advantages. In this short paper, security study of these conference schemes in mobile networks has been performed with the following findings: (1) both the original scheme and the modified version are still vulnerable to our proposed impersonation attack; (2) they lack a mechanism to confirm the delivery of relevant messages, leading to protocol disruption. Therefore, these two schemes cannot be deployed for the real world applications without further development. Then, some efficient countermeasures are given for enhancing the security of both schemes. Further, the security properties of the improved protocol are formally validated by a model checking tool called AVISPA. Finally, several basic principles are suggested for the design of a secure conference scheme. Copyright (C) 2011 John Wiley & Sons, Ltd.

Hong-bin Tang,Xin-song Liu,Jian-ying Chen

DOI: https://doi.org/10.1002/dac.2534

2013-01-01

International Journal of Communication Systems

Abstract:SUMMARYThe extensive application of mobile commerce has led researchers to design more secure protocols for mobile devices during the recent years. In 2011, Chen et al. proposed a three‐factor mobile device‐based remote authentication scheme, which tackled the security risk imposed by the loss of both password and mobile device. Scheme of Chen et al., however, is still vulnerable to the privileged insider attack, the replay attack, the impersonation attack, and the denial of service attack. It is not feasible for real‐life implementation. Copyright © 2013 John Wiley & Sons, Ltd.

Yong-Jin Kim,Dok-Jun An,Son-Gyong Kim,Kum-Sok Sin,You-Jin Jong,Ok-Chol Ri

DOI: https://doi.org/10.48550/arXiv.2203.01504

2022-03-03

Cryptography and Security

Abstract:Smart grids are intelligent power transmission networks that monitor and control communication participants and grid nodes to ensure bidirectional flow of information and power between all nodes. To secure the smart grid, it is very important to design the key agreement protocol. The pairing-free certificateless two-party authenticated key agreement protocol has been widely studied and applied as a basic core protocol to protect the security of the smart grid. Until now, various protocols have been proposed, and these protocols are being introduced and operated not only in smart grid, but also in smart cities, healthcare, and vehicle ad hoc networks. In this paper, we analyzed the security properties of two recently proposed pairing-free certificateless two-party authenticated key agreement protocols for Smart grid. According to our analysis, these two protocols are insecure against basic impersonation attacks of malicious key-generator centers, man-in-the-middle attacks of malicious key generator centers, and key offset attacks. We also found and pointed out some errors in the descriptions of these protocols.

Mingping Qi,Jianhua Chen

DOI: https://doi.org/10.1109/jsyst.2020.2991174

IF: 4.802

2020-01-01

IEEE Systems Journal

Abstract:The design of an authenticated key agreement protocol for securing the smart meter communications in smart grid networks has attracted growing attention recently. Typically, realizing mutual authentication and key agreement without active involvement of a trusted third party is expected in this field. Thus, to achieve this aim, several authenticated key agreement schemes for smart grid have been presented; while as investigated in the following section of this work, most of these schemes remain vulnerable to various attacks. Therefore, to design a truly secure authenticated key agreement protocol for smart grid and make some contributions to this field, this work presents our new authenticated key agreement scheme for smart grid using Elliptic Curve Qu-Vanstone (ECQV) implicit certificate as the building block. Our scheme is pairing-free and just uses two passes to realize mutual authentication and key agreement as well as strong credential privacy, making it with high efficiency in both computation and communication overheads. Moreover, its security is formally proved under the widely accepted Canetti and Krawczyk (CK) security model, and is further confirmed by a heuristic security analysis.

Kehe Wu,Rui Cheng,Wenchao Cui,Wei Li

DOI: https://doi.org/10.1016/j.aej.2020.09.008

IF: 6.626

2021-02-01

Alexandria Engineering Journal

Abstract:With the increasing openness of smart grids, a large quantity of power terminals will be widely applied in systems of smart grids by various access modes (wired, wireless, satellite). In order to ensure the integrity and confidentiality of the data and the security of the communications between power terminals and the smart grid intranet, a lightweight security authentication and key agreement scheme is proposed in this article. The scheme provides mutual authentication based on the SM2 algorithm and key agreement which can prevent various attacks. Furthermore experimental evaluation and comparative analysis is conducted to indicate that the proposed scheme can resist many types of attacks with lower amounts of total computational resources and lower communications bandwidth. The analysis shows that the proposed scheme is suitable for smart grid.

engineering, multidisciplinary

Vincent Omollo Nyangaresi,Zaid Ameen Abduljabbar,Salah H. Abbdal Refish,Mustafa A. Al Sibahee,Enas Wahab Abood,Songfeng Lu

DOI: https://doi.org/10.1007/978-3-030-98002-3_24

2022-01-01

Abstract:The security and privacy protection of smart grid data exchanged over the open and public wireless communication channels is critical yet challenging in this environment. Conventionally, public key cryptography, group signatures, blind signatures, identity based schemes and elliptic curve cryptography could provide the much needed security and privacy. However, all these techniques either lack some smart grid security requirements or have intensive communication, storage and computation overheads. This obviously renders them inefficient for resource-constrained smart grid network devices. In this paper, an anonymous key agreement and authentication protocol to address some of these challenges is proposed. The simulation results showed that the proposed protocol is the most efficient in terms of bandwidth and computation requirements. It also required relatively less memory space during its entire execution than some of the related protocols. Further, it is demonstrated that it offers both backward and forward key secrecy, anonymity, and is robust against impersonation, session hijacking, privileged insider, side-channels, packet replays, packet injection and privacy leaks attacks.

Ya Zhang,Junhua Chen,Shenjin Wang,Kaixuan Ma,Shunfang Hu

DOI: https://doi.org/10.3390/en17184550

IF: 3.2

2024-09-12

Energies

Abstract:The smart grid (SG) is an efficient and reliable framework capable of controlling computers, automation, new technologies, and devices. Advanced metering infrastructure (AMI) is a crucial part of the SG, facilitating two-way communication between users and service providers (SPs). Computation, storage, and communication are extremely limited as the AMI's device is typically deployed outdoors and connected to an open network. Therefore, an authentication and key agreement protocol is necessary to ensure the security and confidentiality of communications. Existing research still does not meet the anonymity, perfect forward secrecy, and resource-limited requirements of the SG environment. To address this issue, we advance a lightweight authentication and key agreement scheme based on elliptic curve cryptography (ECC). The security of the proposed protocol is rigorously proven under the random oracle model (ROM), and was verified by a ProVerif tool. Additionally, performance comparisons validate that the proposed protocol provides enhanced security features at the lowest computation and communication costs.

energy & fuels

Zhengjun Cao

DOI: https://doi.org/10.1007/s11277-024-10881-2

IF: 2.017

2024-02-27

Wireless Personal Communications

Abstract:We show that the Kumari-Renuka key agreement scheme (Wirel Pers Commun 117:27–45, 2021) fails to keep user anonymity, not as claimed, because an adversary can retrieve the user's identity from the pseudonym . The loss of anonymity originates from the misuse of bitwise operator, which requires that both operands have an equal bit-length, otherwise the partial string in the long operand will be exposed. We also suggest a remedy method to fix the flaw by using a hash function to convert a point over the underlying elliptic curve into a random string with fixed length.

telecommunications

Jangirala Srinivas,Ashok Kumar Das,Xiong Li,Muhammad Khurram Khan,Minho Jo

DOI: https://doi.org/10.1109/tii.2020.3011849

IF: 12.3

2021-01-01

IEEE Transactions on Industrial Informatics

Abstract:Recent technological evolution in the Internet of Things (IoT) age supports better solutions to magnify the management of the power quality and reliability concerns, and imposes the measures of a smart grid. In smart grid environment, a smart meter needs to securely access the services from a service provider via insecure channel. However, since the communication is via public channel, it imposes various security threats by an adversary. To deal with this, in this article we design a new anonymous signature-based authenticated key exchange scheme for IoT-enabled smart grid environment, called AAS-IoTSG. The dynamic smart meter addition phase is also permissible in AAS-IoTSG after initial deployment. The security of AAS-IoTSG has been tested rigorously using formal security analysis under the real-or-random (ROR) model which is one of the broadly-accepted standard random oracle models, formal security verification under the broadly-used automated validation of Internet security protocols and applications (AVISPA) tool and also using informal security analysis. Finally, an exhaustive comparative study unveils that AAS-IoTSG supports better security and functionality features and requires less communication and computation overheads as compared to the existing state-of-art authentication mechanisms in smart grid systems.

Cong Wang,Peng Huo,Maode Ma,Tong Zhou,Yiying Zhang

DOI: https://doi.org/10.1007/s00607-023-01188-4

2023-06-28

Computing (Vienna/New York)

Abstract:With the gradual maturity of Smart Grid (SG), security challenges become the most important issues that need to be addressed urgently. In recent years, many schemes adopt mutual authentication and key agreement to ensure secure communication in SG. However, most existing methods have their own shortcomings in either security or efficiency which make them difficult to satisfy the security requirements of SG. In this paper, we propose a provable secure and lightweight authenticated key agreement scheme based on the Elliptic Curve Cryptosystem (ECC) for the cloud-edge-end collaboration SG communication network. The proposed scheme can guarantee the security of the communication and provide anonymity for both the edge server and the smart meters. The anonymity of the smart meters can be provided by a pseudonym mechanism. By rigorous security analysis, the proposed scheme can resist to the typical attacks including replay attacks and identity forgery attacks. The security properties are also evaluated by using the Canetti and Krawczyk (CK) adversary model. The performance simulation results denotes that the proposed scheme not only owns stronger security functions but also improves computation efficiency by 24.5% on average than other four schemes. By simulation results, the proposed scheme has been shown to hold high efficiency.

Chen Tianzhou,Mao Haixia,Dai Hongjun

2006-01-01

Abstract:This paper briefly analyzes the security mechanisms of GSM/UMTS and finds their security defects, such as unidirectional authentication and cipher key transmission without encryption. For these defects, existing mobile communication systems can not prevent hostile attacks to satisfy high-level security demands. To solve these problems, we propose the robust Middleware Architecture for Mobile Communication Security (MAMCS), which employs new Authentication and Key Agreement (AKA) protocols, chooses different encryption algorithms for different applications and implements integrity control mechanism. In the end, we analyze the performance of MAMCS and show that MAMCS gets a 200%~2% improvement in security only at the cost of 1.51% descent in bandwidth and 18.14 ms extra latency.

Chi-Chun Lo,Yu-Jen Chen

DOI: https://doi.org/10.1109/30.809184

1999-01-01

IEEE Transactions on Consumer Electronics

Abstract:With the advance of wireless communications technology, mobile communications has become more convenient than ever. However, because of the openness of wireless communications, the protection of the privacy between communicating parties is becoming a very important issue. We focus on the security of the Global System for Mobile communication (GSM) networks. A secure communication architecture for the GSM network is proposed. In the proposed architecture, we use public-key cryptography for user authentication and stream cipher for message encryption and decryption. An authentication protocol and a key generation method are presented in conjunction with the proposed architecture. Cryptanalysis and operational analysis show that the authentication protocol is secure and efficient. Simulation results indicate that the key generation method can always produce key strings of evenly distributed 0s and 1s and with infinite period.

telecommunications,engineering, electrical & electronic

Yunxia Han,Chunxiang Xu,Debiao He,Kefei Chen

DOI: https://doi.org/10.1109/tifs.2020.2986881

IF: 7.231

2020-01-01

IEEE Transactions on Information Forensics and Security

Abstract:We point out that the key agreement and key protection scheme (published in IEEE Transactions on Information Forensics and Security, doi: 10.1109/TIFS.2018.2850299) fails to achieve the two-factor security. We demonstrate that in the scheme, if an adversary can control the master device of a target user, he can impersonate the user to pass the server's authentication.

Jie Wang,Shengbao Wang,Kang Wen,Bosen Weng,Xin Zhou,Kefei Chen

DOI: https://doi.org/10.3390/electronics13061109

IF: 2.9

2024-03-19

Electronics

Abstract:Dynamic wireless charging emerges as a promising technology, effectively alleviating range anxiety for electric vehicles in transit. However, the communication between the system's various components, conducted over public channels, raises concerns about vulnerability to network attacks and message manipulation. Addressing data security and privacy protection in dynamic charging systems thus becomes a critical challenge. In this article, we present an authentication protocol tailored for dynamic charging systems. This protocol ensures secure and efficient authentication between vehicles and roadside devices without the help of a trusted center. We utilize a physical unclonable function (PUF) to resist physical capture attacks and employ the elliptic curve discrete logarithm problem (ECDLP) to provide forward security protection for session keys. We validated the security of our proposed scheme through comprehensive informal analyses, and formal security analysis using the ROR model and formal analysis tool ProVerif. Furthermore, comparative assessments reveal that our scheme outperforms other relevant protocols in terms of efficiency and security.

engineering, electrical & electronic,computer science, information systems,physics, applied

Hongyu Ding,Qingqiang Meng,Lihua Sun,Ming Liu,Xu Chen,Chang Liu,Duanjie Leng

DOI: https://doi.org/10.1088/1742-6596/2384/1/012048

2022-01-01

Journal of Physics Conference Series

Abstract:Abstract With the acceleration of the pace of the national electricity reform and the wide application of the micro-service architecture, various network threats in the field of information security are increasing, and the power industry has become the “hardest hit area” for cyber attacks. In order to improve the safe implementation of the National Power Grid’s electronic projects and effectively resist the “malicious exploration” of various network threats, this paper proposes a microservice secure communication framework based on the combination of dynamic keys and national secret algorithms for a high concurrency web system based on microservices. The framework uses the national secret SM2 algorithm to generate session-level paired keys and then generates a digital signature through the SM3 algorithm, which effectively guarantees the integrity of the communication. Finally, it extracts the encryption key and encryption offset from the paired keys and uses the SM4 algorithm to encrypt the original request text payload. Timestamps and random numbers are added to each request to prevent tampering and replay attacks effectively. The system framework has been practically applied on the State Grid’s digital capability open platform, which ensures the security of micro-service communication and the safety and efficient transmission of data.