A Lightweight Privacy-preserving Authenticated Key Exchange Scheme for Smart Grid Communications



1 Iran- tehran

2 Department of Electrical Engineering, Sharif University of Technology, Tehran, Iran

3 Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India

4 Department of Mathematics, Motilal Nehru National Institute of Technology (MNNIT), Allahabad, Uttar Pradesh, India

5 Department of Mathematics, Ch. Charan Singh University, Meerut, Uttar Pradesh, India

6 Electrical engineering Department, Sharif University of Technology, Tehran, Iran


Smart grid concept is introduced to modify the power grid by utilizing new information and communication technology. Smart grid needs live power consumption monitoring to provide required services and for this issue, bi-directional communication is essential. Security and privacy are the most important requirements that should be provided in the communication. Because of the complex design of smart grid systems, and utilizing
different new technologies, there are many opportunities for adversaries to attack the smart grid system that can result fatal problems for the customers. A privacy preserving authentication scheme is a critical element for secure development of smart grid. Recently, Mahmood et al. [1] proposed a lightweight message authentication scheme for smart grid communications and claimed that it satisfies the security requirements. Unfortunately, we found that Mahmood et al.'s scheme has some security vulnerabilities and it has not adequate security features to be utilized in smart grid. To address these drawbacks, we propose an efficient and secure lightweight privacy-preserving authentication scheme for a smart grid. Security of our scheme are evaluated, and the formal security analysis and verification are introduced via the broadly-accepted Burrows-Abadi-Needham (BAN) logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Finally, the security and efficiency comparisons are provided, which indicate the security and efficiency of the proposed scheme as compared to other existing related schemes.


[1] K. Mahmood, S. A. Chaudhry, H. Naqvi, T. Shon, and H. F. Ahmad. A lightweight message authentication scheme for smart grid communications in power sector. Computers & Electrical Engineering, 52:114–124, 2016.

[2] Daniel M Kammen. The rise of renewable energy. Scientific American, 295(3):84–93, 2006. [3] W. Wang and Z. Lu. Cyber security in the smart grid: Survey and challenges. Computer Networks, 57(5):1344–1371, 2013.

[4] J. R. Minkel. The 2003 northeast blackout–five years later. Scientific American, 13, 2008. [5] S. Rohjans, M. Uslar, R. Bleiker, J. González, M. Specht, T. Suding, and T. Weidelt. Survey of smart grid standardization studies and recommendations. In ernational conference on Smart Grid Communications (SmartGridComm), pages 583–588. IEEE, 2010.

[6] D. Gan, F. Liu, L. Du, and Y. Liu. Research and implementation of on-line monitoring techniques for high voltage equipments in smart grid. In International Conference on High Voltage Engineering and Application (ICHVE), pages 236– 239. IEEE, 2010.

[7] H. Li, L. Lu, R.and Zhou, B. Yang, and X. Shen. An efficient merkle-tree-based authentication scheme for smart grid. IEEE Systems Journal, 8(2):655–663, 2014.

[8] NIST Framework. Roadmap for smart grid interoperability standards, release 2.0 (2012). Reproduced with permission of the copyright owner. Further reproduction prohibited without permission, 2012.

[9] J. Gao, Y. Xiao, J. Liu, W. Liang, and C. P. Chen. A survey of communication/networking in smart grids. Future Generation Computer Systems, 28(2):391–404, 2012.

[10] Sandhya Armoogum and Vandana Bassoo. Privacy of energy consumption data of a household in a smart grid. In Smart Power Distribution Systems, pages 163–177. Elsevier, 2019.

[11] RafaƂ Leszczyna. Standards on cyber security assessment of smart grid. International Journal of Critical Infrastructure Protection, 22:70–89, 2018.

[12] Kenneth Kimani, Vitalice Oduol, and Kibet Langat. Cybersecuritychallengesforiot-basedsmart grid networks. International Journal of Critical Infrastructure Protection, 25:36–49, 2019.

[13] Y. Xiao. Security and privacy in smart grids. CRC Press, 2013.

[14] Introduction to NISTIR 7628 guidelines for smart grid cyber security. 2010. Grid, NIST Smart Guideline.

[15] A. Hamlyn, H. Cheung, T. Mander, L. Wang, C. Yang, and R. Cheung. Network security management and authentication of actions for smart grids operations. In Electrical Power Conference (EPC), pages 31–36. IEEE, 2007.

[16] R. Merkle. Protocols for public key cryptosystems. In Proc. IEEE Symp.Security and Privacy, pages 122–134. IEEE, 1980.

[17] R. C. Merkle. A certified digital signature. In Conference on the Theory and Application of Cryptology, pages 218–238. Springer, 1989.

[18] D. Hankerson, A. J. Menezes, and S. Vanstone. Guide to elliptic curve cryptography. Springer Science & Business Media, 2006.

[19] M. Joye and G. Neven. Identity-based cryptography, volume 2. IOS press, 2009.

[20] F. Bao, R. H. Deng, and H. Zhu. Variations of diffie-hellman problem. In International Conference on Information and Communications Security, pages 301–312. Springer, 2003.

[21] M. C. Muñoz, M. Moh, and T. S. Moh. Improving smart grid authentication using merkle trees. In 20th IEEE International Conference on Parallel and Distributed Systems (ICPADS), pages 793–798. IEEE, 2014.

[22] Q. Li and G. Cao. Multicast authentication in the smart grid with one-time signature. IEEE Transactions on Smart Grid, 2(4):686–696, 2011.

[23] L. Zhang, S. Tang, Y. Jiang, and Z. Ma. Robust and efficient authentication protocol based on elliptic curve cryptography for smart grids. In International Conference on and IEEE Cyber, Physical and Social Computing, pages 2089–2093. IEEE, 2013.

[24] H. Nicanfar, P. Jokar, and V. C. Leung. Smart grid authentication and key management for unicast and multicast communications. In Proc. Innovative Smart Grid Technologies Asia (ISGT), pages 1–8. IEEE, 2011.

[25] M. M. Fouda, Z. M. Fadlullah, N. Kato, R. Lu, and X. S. Shen. A lightweight message authentication scheme for smart grid communications. IEEE Transactions on Smart Grid, 2(4):675–685, 2011.

[26] R. Sule, R. S. Katti, and R. G. Kavasseri. A variable length fast message authentication code for secure communication in smart grids. In Power and Energy Society General Meeting, pages 1–6. IEEE, 2012.

[27] Khalid Mahmood, Shehzad Ashraf Chaudhry, Husnain Naqvi, Saru Kumari, Xiong Li, and ArunKumarSangaiah. Anellipticcurvecryptography based lightweight authentication scheme for smart grid communication. Future Generation Computer Systems, 81:557–565, 2018.

[28] Dariush Abbasinezhad-Mood and Morteza Nikooghadam. Designandhardwareimplementation of a security-enhanced elliptic curve cryptography based lightweight authentication scheme for smart grid communications. Future Generation Computer Systems, 84:47–57, 2018.

[29] Yuwen Chen, José-Fernán Martínez, Pedro Castillejo, and Lourdes López. A bilinear map pairing based authentication scheme for smart grid communications: Pauth. IEEE Access, 7:22633–22643, 2019.

[30] M. Bayat and M. R. Aref. An attribute based key agreement protocol resilient to kci attack. International Journal of Electronics and Information Engineering, 2(1):10–20, 2015.

[31] M. Bayat, H. R. Arkian, and M. R. Aref. A revocable attribute based data sharing scheme resilient to dos attacks in smart grid. Wireless Networks, 21(3):871–881, 2015.

[32] AVISPA. Automated Validation of Internet Security Protocols and Applications, 2018. http://www.avispa-project.org/. Accessed on April 2018.

[33] D. von Oheimb. The high-level protocol specification language hlpsl developed in the eu project avispa. In Proceedings of 3rd APPSEM II (Applied Semantics II) Workshop (APPSEM’05), pages 1–17, Frauenchiemsee, Germany, 2005.

[34] S. Chatterjee and A. K. Das. An effective ECCbased user access control scheme with attributebasedencryptionforwirelesssensornetworks. Security and Communication Networks, 8(9):1752– 1771, 2015.

[35] A.K.Das. Asecureandefficientuseranonymitypreserving three-factor authentication protocol for large-scale distributed wireless sensor networks. Wireless Personal Communications, 82(3):1377–1404, 2015.

[36] A. K. Das. A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-toPeer Networking and Applications, 9(1):223–244, 2016.

[37] A. K. Das. A secure and effective biometricbased user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. International Journal of Communication Systems, 30(1):1–25, 2017.

[38] C. Lv, M. Ma, H. Li, J. Ma, and Y. Zhang. An novel three-party authenticated key exchange protocol using one-time key. Journal of Network and Computer Applications, 36(1):498–503, 2013.

[39] J. Srinivas, A. K. Das, N. Kumar, and J. Rodrigues. Cloud Centric Authentication for WearableHealthcareMonitoringSystem. IEEE Transactions on Dependable and Secure Computing, 2018. DOI: 10.1109/TDSC.2018.2828306.

[40] S. Challa, A. K. Das, P. Gope, N. Kumar, F. Wu, and A. V. Vasilakos. Design and analysis of authenticated key agreement scheme in cloudassisted cyber-physical systems. Future Generation Computer Systems, pages –, 2018. DOI: 10.1016/j.future.2018.04.019.

[41] M. Wazid, A. K. Das, V. Odelu, N. Kumar, and W. Susilo. Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment. IEEE Transactions on Dependable and Secure Computing, 2017. DOI: 10.1109/TDSC.2017.2764083.

[42] AVISPA. SPAN: Security Protocol ANimator for AVISPA, 2018. http://www.avispa-project.org/. Accessed on April 2018.

[43] M. Burrows, M. Abadi, and R. Needham. A logic of authentication. ACM Trans. Comput. Syst., 8(1):18–36, 1990.

[44] AM Mathuria, Reihaneh Safavi-Naini, and PR Nickolas. On the automation of gny logic. Australian Computer Science Communications, 17:370–379, 1995.