A Replay Attack-Resistant 0-RTT Key Management Scheme for Low-Bandwidth Smart Grid Communications

With the increasing digitization of different components of Smart Grid, there is an ongoing effort to design secure protocols and deploy them for different applications. A major need along with these efforts is to deal with key management for a large number of devices which are resource constrained and deployed within a very legacy communication environment. As the utilities rightly request to build the new systems on top of the legacy systems with limited investment, the research community needs to re-think the adaptation of the existing security approaches to such non- traditional environments. Assuming a legacy (i.e., 2G) radio communication infrastructure with bandwidths in the order of kilobits, the goal of this study is to enable basic security services in Smart Grid via a lightweight key management scheme. Specifically, the proposed scheme provides mutual authentication, key agreement, and key refreshment by utilizing a 0-RTT message exchange that relies neither on PKI or session resumption. It depends on dynamic hash chains to enable authentication and prevent any replay attacks. The evaluations results show that the proposed scheme out-performs other conventional approaches such as TLS and IKE and is suitable for Smart Grid legacy environments.

[1]  Simon Blake-Wilson,et al.  SEC 1: Elliptic Curve Cryptography , 1999 .

[2]  Britta Hale,et al.  0-RTT Key Exchange with Full Forward Secrecy , 2017, EUROCRYPT.

[3]  Thomas Watteyne,et al.  Understanding the Limits of LoRaWAN , 2016, IEEE Communications Magazine.

[4]  Cristina Nita-Rotaru,et al.  How Secure and Quick is QUIC? Provable Security and Performance Analyses , 2015, 2015 IEEE Symposium on Security and Privacy.

[5]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.3 , 2018, RFC.

[6]  Marc Fischlin,et al.  Multi-Stage Key Exchange and the Case of Google's QUIC Protocol , 2014, CCS.

[7]  Abhijit Choudhury,et al.  AES Galois Counter Mode (GCM) Cipher Suites for TLS , 2008, RFC.

[8]  Paul E. Hoffman,et al.  Internet Key Exchange Protocol Version 2 (IKEv2) , 2010, RFC.

[9]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[10]  Daniel Slamanig,et al.  Bloom Filter Encryption and Applications to Efficient Forward-Secret 0-RTT Key Exchange , 2018, Journal of Cryptology.

[11]  H. Farhangi,et al.  The path of the smart grid , 2010, IEEE Power and Energy Magazine.

[12]  Rami Rosen,et al.  Linux containers and the future cloud , 2014 .

[13]  Taskin Koçak,et al.  Smart Grid Technologies: Communication Technologies and Standards , 2011, IEEE Transactions on Industrial Informatics.

[14]  Yi Qian,et al.  An advanced key management scheme for secure smart grid communications , 2013, 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[15]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[16]  Shahid Raza,et al.  Lightweight Security Solutions for the Internet of Things , 2013 .

[17]  Britta Hale,et al.  Simple Security Definitions for and Constructions of 0-RTT Key Exchange , 2017, ACNS.

[18]  Huy Hoang Ngo,et al.  Dynamic Key Cryptography and Applications , 2010, Int. J. Netw. Secur..

[19]  Paul E. Hoffman,et al.  Algorithms for Internet Key Exchange version 1 (IKEv1) , 2005, RFC.