Secure and privacy-preserving concentration of metering data in AMI networks

The industry has recognized the risk of cyber-attacks targeting to the advanced metering infrastructure (AMI). A potential adversary can modify or inject malicious data, and can perform security attacks over an insecure network. Also, the network operators at intermediate devices can reveal private information, such as the identity of the individual home and metering data units, to the third-party. Existing schemes generate large overheads and also do not ensure the secure delivery of correct and accurate metering data to all AMI entities, including data concentrator at the utility and the billing center. In this paper, we propose a secure and privacy-preserving data aggregation scheme based on additive homomorphic encryption and proxy re-encryption operations in the Paillier cryptosystem. The scheme can aggregate metering data without revealing the actual individual information (identity and energy usage) to intermediate entities or to any third-party, hence, resolves identity and related data theft attacks. Moreover, we propose a scalable algorithm to detect malicious metering data injected by the adversary. The proposed scheme protects the system against man-in-the-middle, replay, and impersonation attacks, and also maintains message integrity and undeniability. Our performance analysis shows that the scheme generates manageable computation, communication, and storage overheads and has efficient execution time suitable for AMI networks.

[1]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[2]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[3]  George Danezis,et al.  Privacy-preserving smart metering , 2011, ISSE.

[4]  Rongxing Lu,et al.  PDA: a privacy-preserving dual-functional aggregation scheme for smart grid communications , 2015, Secur. Commun. Networks.

[5]  Fengjun Li,et al.  Preserving data integrity for smart grid data aggregation , 2012, 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm).

[6]  Peng Liu,et al.  Secure and privacy-preserving information aggregation for smart grids , 2011, Int. J. Secur. Networks.

[7]  Peng Liu,et al.  Secure Information Aggregation for Smart Grids Using Homomorphic Encryption , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[8]  Bart Jacobs,et al.  Privacy-Friendly Energy-Metering via Homomorphic Encryption , 2010, STM.

[9]  Klaus Kursawe,et al.  Structural Weaknesses in the Open Smart Grid Protocol , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[10]  Arif Sarwat,et al.  A survey on security assessment of metering infrastructure in Smart Grid systems , 2015, SoutheastCon 2015.

[11]  H. Farhangi,et al.  The path of the smart grid , 2010, IEEE Power and Energy Magazine.

[12]  Xiaohui Liang,et al.  EPPDR: An Efficient Privacy-Preserving Demand Response Scheme with Adaptive Key Evolution in Smart Grid , 2014, IEEE Transactions on Parallel and Distributed Systems.

[13]  Samuel Neves,et al.  Dumb Crypto in Smart Grids: Practical Cryptanalysis of the Open Smart Grid Protocol , 2015, IACR Cryptol. ePrint Arch..

[14]  Georgios Kalogridis,et al.  Smart Grid Privacy via Anonymization of Smart Metering Data , 2010, 2010 First IEEE International Conference on Smart Grid Communications.