PUF‐based solutions for secure communications in Advanced Metering Infrastructure (AMI)

In this paper, by considering the constraints of Advanced Metering Infrastructure (AMI) systems, we propose an authenticated key exchange protocol and an authenticated message broadcasting protocol. The proposed protocols are based on two well-known protocols, Okamoto and Schnorr, and inherit their security features. For providing the security of the system against physical attacks, we utilize the Physical Unclonable Function (PUF) technology in communication parties. Thus, there is no need to store the secrets in the smart meters which can easily be corrupted. We show that the proposed authenticated key exchange protocol meets all the security requirements such as secure key generation, backward and forward secrecy and explicit authentication. Also, it is shown that the authenticated message broadcasting protocol is secure against corrupted smart meters. The proposed schemes are practical and efficient for providing a secure communication between parties. We believe that our proposed protocols are the best fit for an AMI system.

[1]  Marimuthu Palaniswami,et al.  WAKE: Key management scheme for wide-area measurement systems in smart grid , 2013, IEEE Communications Magazine.

[2]  Robert H. Deng,et al.  Leakage-resilient password entry: Challenges, design, and evaluation , 2015, Comput. Secur..

[3]  Habib Youssef,et al.  MLCC: A new hash-chained mechanism for multicast source authentication , 2009 .

[4]  Yannick Seurin,et al.  On the Exact Security of Schnorr-Type Signatures in the Random Oracle Model , 2012, IACR Cryptol. ePrint Arch..

[5]  Victor C. M. Leung,et al.  Multilayer Consensus ECC-Based Password Authenticated Key-Exchange (MCEPAK) Protocol for Smart Grid System , 2013, IEEE Transactions on Smart Grid.

[6]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[7]  Ed Dawson,et al.  SKMA - A Key Management Architecture for SCADA Systems , 2006 .

[8]  Ali Emre Pusane,et al.  An efficient grouping method and error probability analysis for RO-PUFs , 2015, Comput. Secur..

[9]  Zuowen Tan An efficient pairing-free identity-based authenticated group key agreement protocol , 2015, Int. J. Commun. Syst..

[10]  Zhuo Lu,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[11]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[12]  Jar-Ferr Yang,et al.  Enhancement authentication protocol using zero‐knowledge proofs and chaotic maps , 2017, Int. J. Commun. Syst..

[13]  Annabelle Lee,et al.  Guidelines for Smart Grid Cyber Security , 2010 .

[14]  Chun Chen,et al.  A secure and efficient password‐authenticated group key exchange protocol for mobile ad hoc networks , 2013, Int. J. Commun. Syst..

[15]  Nancy A. Lynch,et al.  Cryptographic protocols , 1982, STOC '82.

[16]  Elisa Bertino,et al.  Scalable end-to-end security for advanced metering infrastructures , 2015, Inf. Syst..

[17]  Yan Zhang,et al.  RFID Security: Techniques, Protocols and System-On-Chip Design , 2008 .

[18]  Ueli Maurer,et al.  Unifying Zero-Knowledge Proofs of Knowledge , 2009, AFRICACRYPT.

[19]  Ben Smyth,et al.  Secure authenticated key exchange with revocation for smart grid , 2012, 2012 IEEE PES Innovative Smart Grid Technologies (ISGT).

[20]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[21]  Saifur Rahman,et al.  Communication network requirements for major smart grid applications in HAN, NAN and WAN , 2014, Comput. Networks.

[22]  Victor C. M. Leung,et al.  Efficient Authentication and Key Management Mechanisms for Smart Grid Communications , 2014, IEEE Systems Journal.

[23]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[24]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[25]  Souhwan Jung,et al.  HRP: A HMAC-based RFID mutual authentication protocol using PUF , 2013, The International Conference on Information Networking 2013 (ICOIN).

[26]  Ahmad-Reza Sadeghi,et al.  Automatic Generation of Sound Zero-Knowledge Protocols , 2008, IACR Cryptol. ePrint Arch..

[27]  Nei Kato,et al.  A Lightweight Message Authentication Scheme for Smart Grid Communications , 2011, IEEE Transactions on Smart Grid.

[28]  Cheryl L. Beaver,et al.  Key Management for SCADA , 2002 .

[29]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .

[30]  Dawu Gu,et al.  A Survey on Lightweight Entity Authentication with Strong PUFs , 2015, ACM Comput. Surv..

[31]  Yongge Wang,et al.  Secure Key Distribution for the Smart Grid , 2012, IEEE Transactions on Smart Grid.

[32]  Roel Maes,et al.  Physically Unclonable Functions , 2013, Springer Berlin Heidelberg.

[33]  Elisa Bertino,et al.  Authentication and key management for Advanced Metering Infrastructures utilizing physically unclonable functions , 2012, 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm).

[34]  Xuexian Hu,et al.  Universally composable three-party password-authenticated key exchange with contributiveness , 2015, Int. J. Commun. Syst..

[35]  Victor C. M. Leung,et al.  A survey on security issues in smart grids , 2016, Secur. Commun. Networks.

[36]  Xun Wang,et al.  Sensor network configuration under physical attacks , 2005, Int. J. Ad Hoc Ubiquitous Comput..

[37]  Martin D. F. Wong,et al.  System-of-PUFs: Multilevel security for embedded systems , 2014, 2014 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[38]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[39]  Victor C. M. Leung,et al.  Smart grid multilayer consensus password-authenticated key exchange protocol , 2012, 2012 IEEE International Conference on Communications (ICC).

[40]  Jinhua Zhao,et al.  Cryptanalysis and improvement of an efficient authenticated key exchange protocol with tight security reduction , 2016, Int. J. Commun. Syst..

[41]  Qinghua Li,et al.  Multicast Authentication in the Smart Grid With One-Time Signature , 2011, IEEE Transactions on Smart Grid.

[42]  Sattar Mirzakuchaki,et al.  A Ring Oscillator-Based PUF With Enhanced Challenge-Response Pairs , 2016, Canadian Journal of Electrical and Computer Engineering.

[43]  Sahil Ganguly,et al.  Efficient Encryption and Key Management in Advanced Metering Infrastructure , 2011 .

[44]  John Fuller,et al.  Light-weight key distribution and management for Advanced Metering Infrastructure , 2011, 2011 IEEE GLOBECOM Workshops (GC Wkshps).

[45]  Kristin E. Lauter,et al.  Security Analysis of KEA Authenticated Key Exchange Protocol , 2006, IACR Cryptol. ePrint Arch..

[46]  Dongho Won,et al.  Efficient Secure Group Communications for SCADA , 2010, IEEE Transactions on Power Delivery.

[47]  胡学先,et al.  Universally composable three-party password-authenticated key exchange with contributiveness , 2014 .

[48]  Hai Huang Authenticated key exchange protocol under computational Diffie-Hellman assumption from trapdoor test technique , 2015, Int. J. Commun. Syst..

[49]  Srinivas Devadas,et al.  Slender PUF Protocol: A Lightweight, Robust, and Secure Authentication by Substring Matching , 2012, 2012 IEEE Symposium on Security and Privacy Workshops.

[50]  Wenxia Liu,et al.  Toward Key Management for Communications of Wide Area Primary and Backup Protection , 2010, IEEE Transactions on Power Delivery.

[51]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[52]  Albert Levi,et al.  PUF-enhanced offline RFID security and privacy , 2012, J. Netw. Comput. Appl..

[53]  Florian Skopik,et al.  A Survey on Threats and Vulnerabilities in Smart Metering Infrastructures , 2012 .

[54]  Sangjin Kim,et al.  Sensor network-based AMI network security , 2010, IEEE PES T&D 2010.

[55]  Attila Altay Yavuz,et al.  An Efficient Real-Time Broadcast Authentication Scheme for Command and Control Messages , 2014, IEEE Transactions on Information Forensics and Security.

[56]  Dapeng Wu,et al.  Fault-Tolerant and Scalable Key Management for Smart Grid , 2011, IEEE Transactions on Smart Grid.

[57]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[58]  Victor C. M. Leung,et al.  Smart grid authentication and key management for unicast and multicast communications , 2011, 2011 IEEE PES Innovative Smart Grid Technologies.

[59]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[60]  Ayman I. Kayssi,et al.  A PUF-based ultra-lightweight mutual-authentication RFID protocol , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[61]  Peng Ning,et al.  Mitigating DoS attacks against broadcast authentication in wireless sensor networks , 2008, TOSN.

[62]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[63]  Markus Jakobsson,et al.  Almost Optimal Hash Sequence Traversal , 2002, Financial Cryptography.

[64]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[65]  Srinivas Devadas,et al.  Robust and Reverse-Engineering Resilient PUF Authentication and Key-Exchange by Substring Matching , 2014, IEEE Transactions on Emerging Topics in Computing.

[66]  Jen-Ho Yang,et al.  A source authentication scheme based on message recovery digital signature for multicast , 2014, Int. J. Commun. Syst..

[67]  Zubair A. Baig,et al.  An Analysis of Smart Grid Attacks and Countermeasures , 2013, J. Commun..

[68]  Hu Jin,et al.  An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security , 2012 .

[69]  Shenxing Shi,et al.  SKM: Scalable Key Management for Advanced Metering Infrastructure in Smart Grids , 2014, IEEE Transactions on Industrial Electronics.

[70]  Srinivas Devadas,et al.  A noise bifurcation architecture for linear additive physical functions , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[71]  S. Devadas,et al.  Design and Implementation of PUF-Based "Unclonable" RFID ICs for Anti-Counterfeiting and Security Applications , 2008, 2008 IEEE International Conference on RFID.

[72]  Klara Nahrstedt,et al.  SMOCK: A Scalable Method of Cryptographic Key Management for Mission-Critical Wireless Ad-Hoc Networks , 2009, IEEE Transactions on Information Forensics and Security.

[73]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[74]  Siddika Berna Ors Yalcin,et al.  Reliability and security of arbiter-based physical unclonable function circuits , 2013, Int. J. Commun. Syst..

[75]  Dongho Won,et al.  Advanced Key-Management Architecture for Secure SCADA Communications , 2009, IEEE Transactions on Power Delivery.