Multilayer Consensus ECC-Based Password Authenticated Key-Exchange (MCEPAK) Protocol for Smart Grid System

This paper aims at providing a key agreement protocol for smart grid to cope with access control of appliances/devices located inside a Home Area Network (HAN) by a set of controllers outside the HAN. The commands/packets initiated by the controllers in crisis cases should be delivered fast and immune from any interruption. The HAN controller, which acts as a gateway, should not cause any delay by decrypting and re-encrypting the packets, nor should it has any chance to modify them. Considering the required level of security and quality of service, we design our protocol with an Elliptic Curve Cryptography (ECC) approach. We improve and implement the Password Authenticated Key Exchange (PAKE) protocol in two steps. First, we propose an auxiliary mechanism that is an ECC version of PAKE, and then extend it to a multilayer consensus model. We reduce the number of hash functions to one, and utilize a primitive password shared between an appliance and HAN controller to construct four valid individual consensus and authenticated symmetric keys between the appliance and upstream controllers by exchanging only 12 packets. Security analysis presents that our protocol is resilient to various attacks. Furthermore, performance analysis shows that the delay caused by the security process is reduced by more than one half.

[1]  Annabelle Lee,et al.  Guidelines for Smart Grid Cyber Security , 2010 .

[2]  Hamid Sharif,et al.  A Survey on Smart Grid Communication Infrastructures: Motivations, Requirements and Challenges , 2013, IEEE Communications Surveys & Tutorials.

[3]  Hung-Min Sun,et al.  Simple authenticated key agreement protocol resistant to password guessing attacks , 2002, OPSR.

[4]  Qinghua Li,et al.  Multicast Authentication in the Smart Grid With , 2011 .

[5]  Ding Xiao-fei,et al.  Password Authenticated Key Exchange Protocol with Stronger Security , 2009, 2009 First International Workshop on Education Technology and Computer Science.

[6]  Victor C. M. Leung,et al.  Specification-based Intrusion Detection for home area networks in smart grids , 2011, 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[7]  Kee-Young Yoo,et al.  A new elliptic curve diffie-hellman two-party key agreement protocol , 2010, 2010 7th International Conference on Service Systems and Service Management.

[8]  Lihua Liu,et al.  Improvement of One Password-Based Authenticated Key Exchange Protocol , 2009, 2009 Second International Symposium on Information Science and Engineering.

[9]  Carl H. Hauser Trust research to address uncertainty in security for the smart grid , 2012, 2012 IEEE PES Innovative Smart Grid Technologies (ISGT).

[10]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[11]  Zijian Zhang,et al.  Verifier-based password authenticated key exchange protocol via elliptic curve , 2010, 2010 IEEE International Conference on Information Theory and Information Security.

[12]  Boucif Amar Bensaber,et al.  A key management method based on an AVL tree and ECC cryptography for wireless sensor networks , 2011, Q2SWinet '11.

[13]  Rajaram Ramasamy,et al.  Password based remote authentication scheme using ECC for smart card , 2011, ICCCS '11.

[14]  Alfred Menezes,et al.  Elliptic Curve Cryptography: The Serpentine Course of a Paradigm Shift , 2011, IACR Cryptol. ePrint Arch..

[15]  Zhenfu Cao,et al.  Cryptanalysis and improvement of an elliptic curve Diffie-Hellman key agreement protocol , 2008, IEEE Communications Letters.

[16]  Nei Kato,et al.  Towards a light-weight message authentication mechanism tailored for Smart Grid communications , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[17]  Elaine B. Barker,et al.  SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised) , 2007 .

[18]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.

[19]  Maurizio Adriano Strangio,et al.  Efficient Diffie-Hellmann two-party key agreement protocols based on elliptic curves , 2005, SAC '05.

[20]  Wen-Shenq Juang,et al.  Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards , 2008, IEEE Transactions on Industrial Electronics.

[21]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[22]  Peter Sweeney,et al.  Simple authenticated key agreement algorithm , 1999 .

[23]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[24]  Gang Yao,et al.  A Group PAKE Protocol Using Different Passwords , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[25]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[26]  Victor C. M. Leung,et al.  Smart grid multilayer consensus password-authenticated key exchange protocol , 2012, 2012 IEEE International Conference on Communications (ICC).