Revisiting the Security and Efficiency of SP2DAS, 3PDA, and EPPA Smart Grid Security Protocols

Amiryousefi, Hamid; Ahmadian, Zahra

doi:10.22042/isecure.2022.275064.645

Revisiting the Security and Efficiency of SP2DAS, 3PDA, and EPPA Smart Grid Security Protocols

Document Type : Research Article

Authors

Hamid Amiryousefi

Zahra Ahmadian

Department of Electrical Engineering, Shahid Beheshti University, Tehran, Iran.

https://doi.org/10.22042/isecure.2022.275064.645

Abstract

This paper analyses the security and efficiency of some notable privacy preserving data aggregation schemes, SP2DAS, 3PDA, and EPPA. For SP2DAS and 3PDA schemes, We show that despite the designers’ claims, there are efficient forgery attacks on the signature scheme used. We present a
selective forgery attack on the signature scheme of SP2DAS in the key-only attack model and a selective forgery attack on the 3PDA’s signature scheme in the known-message attack model,
requiring only two pairs of message-signature. These attacks enable the attacker to inject any arbitrary faulty data into the data aggregated by the network, without being detected, which is a serious threat to the performance of the whole network.
We also present an improved version of the broadcast encryption scheme used in EPPA scheme, in which the decryption key is half, the decryption complexity is half, and the ciphertext size is 3=4 of the original one. The semantic security of the proposed scheme is proved under the same assumption as the original scheme.

Keywords

Smart Grid

Privacy

Data Aggregation

Digital Signature

Forgery Attack

20.1001.1.20082045.2022.14.2.4.6

[1] Rongxing Lu. Differentially private data aggregation with fault tolerance. In Privacy-Enhancing Aggregation Techniques for Smart Grid Communications, pages 129–151. Springer, 2016.
[2] Gergely Acs and Claude Castelluccia. I have a ´dream!(differentially private smart metering). In International Workshop on Information Hiding, pages 118–132. Springer, 2011.
[3] Rongxing Lu, Xiaohui Liang, Xu Li, Xiaodong Lin, and Xuemin Shen. Eppa: An efficient and privacy-preserving aggregation scheme for secure smart grid communications. IEEE Transactions on Parallel and Distributed Systems, 23(9):1621–1631, 2012.
[4] Fabian Knirsch, G¨unther Eibl, and Dominik Engel. Error-resilient masking approaches for privacy preserving data aggregation. IEEE Transactions on Smart Grid, 9(4):3351–3361, 2016.
[5] Asmaa Abdallah and Xuemin Sherman Shen. A lightweight lattice-based homomorphic privacypreserving data aggregation scheme for smart grid. IEEE Transactions on Smart Grid, 9(1):396–405, 2016.
[6] Erfaneh Vahedi, Majid Bayat, Mohammad Reza Pakravan, and Mohammad Reza Aref. A secure ecc-based privacy preserving data aggregation scheme for smart grids. Computer Networks, 129:28–36, 2017.
[7] Chun-I Fan, Shi-Yuan Huang, and Yih-Loong Lai. Privacy-enhanced data aggregation scheme against internal attackers in smart grid. IEEE Transactions on Industrial informatics, 10(1):666–675, 2014.
[8] Xuefeng Liu, Yuqing Zhang, Boyang Wang, and Huaqun Wang. An anonymous data aggregation scheme for smart grid systems. Security and communication networks, 7(3):602–610, 2014.
[9] Jianhong Zhang, Liying Liu, Yuanbo Cui, and Zhipeng Chen. Sp2das: self-certified pkc-based privacy-preserving data aggregation scheme in smart grid. International Journal of Distributed Sensor Networks, 9(1):457325, 2013.
[10] Zhiyuan Sui and Hermann de Meer. Bap: a batch and auditable privacy preservation scheme for demand response in smart grids. IEEE Transactions on Industrial Informatics, 16(2):842–853, 2019.
[11] Shaohua Li, Kaiping Xue, David SL Wei, Hao Yue, Nenghai Yu, and Peilin Hong. Secgrid: A secure and efficient sgx-enabled smart grid system with rich functionalities. IEEE Transactions on Information Forensics and Security, 15:1318–
1330, 2019.
[12] Xiangjian Zuo, Lixiang Li, Haipeng Peng,
Shoushan Luo, and Yixian Yang. Privacypreserving multidimensional data aggregation scheme without trusted authority in smart grid. IEEE Systems Journal, 15(1):395–406, 2020.
[13] Jiawei Qian, Zhenfu Cao, Xiaolei Dong, Jiachen Shen, Zhusen Liu, and Yunxiu Ye. Two secure and efficient lightweight data aggregation schemes for smart grid. IEEE Transactions on Smart Grid, 12(3):2625–2637, 2020.
[14] Yong Ding, Bingyao Wang, Yujue Wang, Kun Zhang, and Huiyong Wang. Secure metering data aggregation with batch verification in industrial smart grid. IEEE Transactions on Industrial Informatics, 16(10):6607–6616, 2020.
[15] Zhiyuan Sui and Hermann de Meer. An efficient signcryption protocol for hop-by-hop data aggregations in smart grids. IEEE Journal on Selected Areas in Communications, 38(1):132–140, 2019.
[16] Weifeng Lu, Zhihao Ren, Jia Xu, and Siguang Chen. Edge blockchain assisted lightweight privacy-preserving data aggregation for smart grid. IEEE Transactions on Network and Service Management, 18(2):1246–1259, 2021.
[17] Yining Liu, Wei Guo, Chun-I Fan, Liang Chang, and Chi Cheng. A practical privacy-preserving data aggregation (3pda) scheme for smart grid. IEEE Transactions on Industrial Informatics, 15(3):1767–1774, 2019.
[18] Jan Camenisch, Susan Hohenberger, and Michael Østergaard Pedersen. Batch verification of short signatures. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 246–263. Springer,
2007.
[19] Hamid Amiryousefi and Zahra Ahmadian. Cryptanalysis of sp 2 das and 3pda, two data aggregation schemes for smart grid. In 2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), pages 45–48. IEEE, 2019.
[20] Anna Lysyanskaya, Ronald L Rivest, Amit Sahai, and Stefan Wolf. Pseudonym systems. In International Workshop on Selected Areas in Cryptography, pages 184–199. Springer, 1999.