1. INTRODUCTION:
With the rapid increase in IoT devices and with the emergence of a variety of sensors and devices, various platforms and services using them are provided. One of the representative platforms is Smart Grid. A smart grid makes it possible to use power efficiently and provide diverse services in the way of transmitting various types of data and information between a power supplier and consumers in real time through the convergence of power system and IT infrastructure. In the conventional power grid system, demanders like households and buildings need to prepare 20\% standby power always. If the standby power is not used, it can get wasted all. The smart grid increases the efficiency of the waste power to enable each user to have the effect of cost saving and experience the organic system to generate, consume, and manage electricity automatically without any personal intervention, and provides various utility services. The data collected with Smart Meter in each demander includes information which makes it possible to infer the information of the demander. In other words, such a data message has a user’s personal information or living pattern, the charging information offered by Server or a variety of service information. Therefore, if the message is modified and fabricated, is reused or stolen by a malicious attacker, or is exposed to other security attacks, it is expected to face availability invasion and trigger massive financial and physical damage to a supplier and a demander.[1][2][3]
In the proposed method of this study, a session key is shared through Server–DCU authentication, and in the process, DCU obtains User Table for Smart Meter from Server. Based on the obtained User Table, DCU shares the authentication and session key with each Smart Meter, creates an IV value, an identification value used for session key generation, in the hash chain type, and uses the IV value to update the session key constantly in a certain cycle. In case of the group communication between multiple nodes which completed authentication with DCU and Smart Meter, this study proposes the procedure to create and update a group key (to join or leave a group). In order for the verification of the data in transmission, the hash value of Low Data and the collected data on the basis of hash tree are applied.
2. MATERIALS AND METHODS:
A smart grid makes it possible to use power efficiently and provide diverse services in the way of transmitting various types of data and information between a power supplier and consumers in real time through the convergence of power system and IT infrastructure.
Figure 1. Smart Grid Structure
As shown in [Figure 1], data are collected from various Appliances, and are transmitted to the final Server via Smart Meter and DCU. A smart grid has five security functions: access control, message authentication, data encryption, traffic protection, and intrusion prevention.[1][4]
In each classification, there are standards. Services should be used and offered in accordance with the standards.
A smart grid is used in integration with conventional information communication infrastructure so that it has the security vulnerabilities of the conventional information and communication infrastructure.[5] Therefore, it is necessary to come up with security measures. According to TTAK.OT-04.0006 which is the standard document of smart grid communication requirements of Telecommunications Technology Association (TTA), it is necessary to take into account the securities of confidentiality, integrity, availability, responsibility, and privacy over communication network, to provide safe communication network, to include authentication and encryption, and provide access control function.
3. RESULTS AND DISCUSSION:
The protocol proposed in this study makes it possible to share a session key through Server–DCU–Smart Meter authentication and update the shared session key in a certain cycle. Also, regarding key update, the session key shared at the time of key generation and an IV value are used to create a hash chain typed value constantly which is applied to key update. In order for the integrity verification of the data in transmission, a hash tree is used to synchronize the initial data of DCU and Smart Meter, and a parent hash value is compared for integrity verification. The acronyms of the proposed protocol are presented in [Table 1].
Table 1 : Abbreviation
|
약어 |
설명 |
|
|
DCU’s ID |
|
|
DCU’s UniqueValue |
|
|
User’s ID |
|
|
User’s PW |
|
|
Server’s ID |
|
|
Group’s ID |
|
|
DCU’s Session Key |
|
|
SmartMeter’s Session Key |
|
|
Group’s Session Key |
|
|
Initial Vector Value |
|
|
Count |
|
|
Data Length |
|
|
Natural Number |
|
|
Timestamp |
|
|
UserTable |
|
|
Acknowledgement code |
|
|
Hasn Function |
|
|
Key Generate Function |
3.1. Server–DCU authentication and key generation/update:
3.1.1. Server–DCU authentication and key generation:
In order for safe communication between Server, DCU, and Smart Meter of each household, Server and DCU perform authentication and key generation. Server manages each DCU’s ID, Unique Value, and IV value. After receiving the identification values of DCU, Server searches for in its Database to authenticate the requested DCU. More detailed authentication procedure is illustrated in [Figure 2].
1. For authentication, DCU transmits its identification value ID, UV, and h(IV) to Server.
2. The Server searchers form the received identification values in its Database to check if the requested DCU is autheticated.
3. If the authentication of the DCU is verified, the Server transmits its identification value to the DCU.
4. The Server uses the key generation function ‘KGF’ to create the session key value DCUskey of the DCU on the basis of the DCU’s identification value and its own identification value.
5. DCU creates the session key value DCUskey on the basis of the Server’s identification value received from the Server and its own identification value.
6. The Server uses the generated DCUskey to encrypt UT which is sent to the DCU.
7. After receiving the encrypted EDCUskey(UT), DCU decrypts UT with the DCUskey and completes authentication.
Figure 2. Server - DCU Authentication Procedure
3.1.2. DCU–Smart Meter authentication and key generation:
For safe data communication with the Client ‘Smart Meter’, the completely authenticated DCU performs authentication and key generation.
Through the authentication with Server, the DCU has User Table which is the information on Clients. After receiving an identification value from Smart Meter, the DCU executes authentication and key generation. Detailed authentication procedure is presented in [Figure 3].
1. For authentication, SM transmits its identification value DeviceID, UserID, UserPW, and h(IV) to DCU.
2. The DUC uses its UserTable of the received identification values to check if the SM is authenticated.
3. If the SM authentication is verified, the DCU sends its ID to the SM.
4. The DCU uses the key generation function ‘KGF’ to create the session key value SMskey on the basis of it’s the received SM’s identification value and its own identification value.
5. The SM creates the session key value SMskey on the basis of the DCU’s identification received from the DCU and its own identification value.
6. The DCU encrypts N with the created ESMskey(N) and sends it to the SM.
7. After receiving the encrypted ESMskey(N), the SM decrypts N with the created SMskey and completes authentication.
Figure 3. DCU - SM Authentication Procedure
3.1.3. Key update:
A session is shared through Server–DCU–Smart Meter authentication. To prepare any leak of a session key, it is necessary to update the key in a certain cycle. As a method of updating a key, the IV value shared by each node initially and the hash function of each node’s session key generated at the initial authentication time are applied to create a new IV value constantly. As shown in [Figure 4], the method of initializing an hash chain typed IV value.
Figure 4.IV value initialization through hash chain
By creating and initializing an IV value constantly in the hash chain type, it is necessary to check the initial IV value and Key value despite any key stealing.
3.2. Design of group key generation and update protocol:
The completely authenticated DCU and SM are able to have inter-node communication generally. However, depending on the characteristics of service use conditions, communication between multiple nodes is needed sometimes. Accordingly, a group key between DCU–Smaert Meter and completely authenticated nodes is generated. In operation, it is possible for a new Smart Meter to join a group or for a Smart Meter to leave a group. Accordingly, a group key can be updated.
3.2.1. Group key generation:
Each Smart Meter authenticated completely requests DCU to generate a group key. The DCU uses the User Table obtained in the Server authentication process to verify each Smart Meter and generate a group key. Detailed authentication procedure is shown in [Figure 5].
Figure 5. Group Key Generate Procedure
1. SM encrypts its SM name for grouping and REQUEST message with its own session key and sends them to DCU.
2. The DCU uses the UserTable of the received identification values in order for verification.
3. The DCU generates a group key with the use of the session key of each requested SM and the T value at the time of key generation.
4. The DCU encrypts the generated group key with the session key of each SM and sends it to the requested SM.
5. After receiving the encrypted message, the SM decrypts it with its own session key to obtain the group key Gskey and share the group key.
3.2.2. Group key update (Join a group):
If DCU and a completely authenticated Smart Meter join an already created group, DCU receives the group ID and the request message of joining the group from the Smaert Meter. With User Table and Group Table, the DCU performs check and verification. After that, the DCU sends the request message of joining the group to a member node of the group and receives a response from the node, and then generates a new group key. The already used group key expires, and the new group key is encrypted with each node’s session key before transmission. The procedure is displayed in [Figure 6].
Figure 6.Group Key Update (Join a Group) Procedure
1. SM encrypts the ID of the group to join and REQUEST message with its own session key and sends them to DCU.
2. DCU uses the User Table and Group Table of the received identification values in order for verification.
3. If verified, the request message of joining the group and the ID of the requested node are encrypted with the existing group key and then are sent to other group member nodes.
4. Each member node decrypts the encrypted messages with the existing group key and sends a response to the DCU.
5. The DCU that received the response from the member nodes generates the new group key Gskey+1 and expires the existing group key Gskey.
6. The newly generated group key Gskey+1 is encrypted with the session key of each node before transmission.
7. Each node decrypts the received encrypted message and shares the new group key.
3.2.3. Group key update (Leave a group):
A member node that uses the same group key in a group is able to leave the group. If a member node leaves a group, it is necessary to update a group key for security. A particular node that requests the message of leaving a group sends its group ID and the request to DCU. The DCU verifies the node with the use of User Table and Group Table, sends the particular node’s request message of leaving a group to other group nodes, and receives a response from each group node. After that, the DCU generates a new group key and sends it to each group node. Detailed procedure is shown in [Figure 7].
Figure 7. Group Key Update (Leave a Group) Procedure
1. SM encrypts the ID of the group to leave and REQUEST message with its own session key and sends them to DCU.
2. The DCU uses the User Table and Group Table of the received identification values in order for verification.
3. If verified, the request message of leaving the group and the ID of the requested node are encrypted with the existing group key and then are sent to other group member nodes.
4. Each member node decrypts the encrypted messages with the existing group key and sends a response to the DCU.
5. The DCU that received the response from the member nodes generates the new group key Gskey+2 and expires the existing group key Gskey+1.
6. The newly generated group key Gskey+2 is encrypted with the session key of each node before transmission.
7. Each node decrypts the received encrypted message and shares the new group key.
3.3. Data integrity verification:
The data measured from each Smart Device are transmitted to Server via Smart Meter and DCU. Also, a variety of data necessary for service from Server are sent to Smart Meter via DCU. In the process, it is possible to modify or fabricate the data in transmission. If a message is modified or fabricated, various service problems may occur. Furthermore, it is likely to intrude user information and availability. To solve the problem, the shared session key and received data integrity are verified with the use of a hash tree.
For integrity verification, a hash tree is created on the basis of keys and data hash values as shown in [Figure 8]. The hash values in the low layer are synchronized, and the hash values of parent nodes are compared. If there is any slight change in a message in the low layer, a hash value of a parent node can be changed greatly. Therefore, DCU and Smart Meter compare hash values after synchronization in order to verify data integrity. [6][7]
Figure 8. Data integrity verification method
4. Safety comparison analysis and performance evaluation:
4.1. Safety analysis:
In this section, safety of the proposed protocol is analyzed. In other words, the security of each node that performs authentication and the integrity and security of the data in transmission between authenticated nodes are analyzed.
4.1.1. Node security:
With the use of the shared IV value, device unique information, user unique information, and other values, each node performs authentication through a safe channel. In this way, they generate a session key. Also, they constantly update an IV value through hash chain and update a session key with the use of the updated value.
Even if the session key between DCU and SM is exposed in communication, no problem occurs. That is because it is required to obtain the hash chain value of IV at the time of updating a session key and its previous session key value in order to infer the next updated session key value.
On balance, the security of each node is dependent on IV, device sharing information (DCUID, DCUUV), user unique information (DeviceID, UserID, UserPW), and the initial session key value. Therefore, the security of each node is guaranteed.
4.1.2. Data security:
Data is encrypted with the session key generated in the authentication between nodes. The session key used for encryption is newly updated in a certain cycle through the hash chain of IV values. Even if the generated session key is exposed, an IV value is constantly updated. Therefore, no matter how an encrypted message is stolen, it is hard to infer the updated IV hash chain value and thus decrypt a message. Even if an encrypted key is inferred after a lot of time and cost, it is hard to find a plaintext of data because the encrypted key is updated in a certain cycle.
And, it is necessary to check the integrity of the data received. For integrity verification, a hash tree of the hash values of the data in transmission is applied. In other words, the hash tree value of the sender’s data and the hash tree value of the receiver’s data are compared in order for data integrity verification.
4.2. Performance analysis:
In order to analyze the performance of the proposed protocol, this study compared performance between the proposed protocol and the IEEE 802.1x standard using node authentication in the conventional wired and wireless communication environment.
In the proposed protocol, a session key is generated with the use of the information shared by nodes, such as IV value, device unique information, and user unique information. In the process, Handshake occurs three times to complete authentication as shown in [Table 2]. Confidentiality is dependent on the values shared by nodes so that no authentication certificate is needed.
Table 2: Performance evaluation table
|
TLS |
TTLS |
MD5 |
Proposed protocol |
||
|
Authentication Certificate |
server |
O |
O |
X |
X |
|
client |
O |
X |
X |
X |
|
|
Authentication Attribute |
양방향 |
양방향 |
일방향 |
양방향 |
|
|
Key Management |
O |
O |
X |
O |
|
|
Handshake Count |
10 |
8 |
9 |
3 |
|
According to the performance evaluation between the proposed protocol and IEEE802.1x authentication protocol, the average authentication time of IEEE802.1x is 562.3ms, and that of the proposed protocol is 473.6ms as presented in [Table 3]. With a rise in authentication count, there was a large difference in the required time for authentication between the two protocols. As a result, the proposed protocol improved security and performance more than the conventional protocol.
Table 3: Performance evaluation table
|
IEEE 802.1x |
Proposed Protocol |
Difference |
|
|
1st |
562.3 ms |
473.6 ms |
88.7 ms |
|
5th |
2798.5 ms |
2357.4 ms |
441.1 ms |
|
10th |
5826 ms |
4576.4 ms |
1249.6 ms |
5. CONCLUSION:
In order for the safe Server–DCU–Smart Meter communication in the smart grid environment, the protocol proposed in this study uses the shared values, such as IV value, device unique information, and user unique information to perform authentication and create a session key between nodes. A generated session key is updated regularly through the hash chain of IV values. Therefore, even if a session key is leaked in the middle of transmission, a new session key is generated and thereby it is possible to transmit data safely. For group communication, SM nodes generate a group key on the basis of their session key value. In this way, it is possible to join a new member or leave a member. For the integrity verification of the received data, a hash tree is applied. In other words, by comparing hash values, it is possible to verify data integrity. According to the comparative analysis on safety and performance between the proposed protocol and the IEEE802.1x protocol used in the conventional wired and wireless communication environment, the proposed protocol provided two-way authentication between nodes and completed authentication three times of Handshake without authentication certificate and its one-time authentication time was 88.7 ms shorter than the IEEE802.1x protocol. With a rise in authentication count, the proposed protocol improved its performance.
In the future, it will be necessary to research not only Server–DCU–Smart Meter authentication, but user authentication and device authentication between devices, sensors, and Smart Meter in the HAN (Home Area Network), and to study safety and security in data transmission.
6. REFERENCES:
1. Xuesong Zhou, Youjie Ma, Zhiqiang Gao, Hui Wang, Summary of smart metering and smart grid communication, Schol of Electrical and Electronic Engineering Tianjin University of Technology, IEEE International Conference on Mechatronics and Automation (ICMA), pp.300-304, 2017.
2. Taimin Zhang, Xin Lu, Xiaoyu ji, Wenyuan Xu, An Identity-Based Secure Communication Scheme for Advanced Metering Infrastructure in Smart Grid, College of Electrical Engineering, Zhejiang University, 29th Chinese Control And Decision Conference(CCDC), 2017, pp.6959 – 6964, 2017.
3. Neetesh Saxena, Bong Jun Choi, Santiago Grijalva, Secure and privacy-preserving concentration of metering data in AMI networks, Department of Computing and Informatics, Bournemouth University, UK,IEEE International Conference on Communications (ICC), pp.1-7, 2017.
4. Sangji Lee, Jinsuk Bong, Sunhee Shin, Yongtae Shin, A security mechanism of Smart Grid AMI network through smart device mutual authentication, Department of Computing Soongsil University South Korea, The International Conference on Information Networking 2014 (ICOIN2014), pp. 592-595, 2014.
5. Myong-Kyu, Sun-Hyung Kim, Analysis of Smart Grid Technologies and Domestic and Foreign Policy Trends, Dept. of Information and Communication Engineering, Soonchunhyang University, Proceedings of KIIT Summer Conference, pp.295-301, 2013.- http://www.riss.kr/link?id=A99626230
6. Khaled Rabieh, Mohamed M. E. A. Mahmoud, Kemal Akkaya, Samet Tonyali, Scalable Certificate Revocation Schemes for Smart Grid AMI Networks Using Bloom Filters, IEEE Transactions on Dependable and Secure Computing, pp.420-432, 2017.
7. Muhammad Shahzad Jan, Mehreen Afzal, Hash chain based strong password authentication scheme, Department of Information Security Military College of Signals NUST Islamabad Pakistan,13th International Bhurban Conference on Applied Sciences and Technology (IBCAST), pp. 355-360, 2017.
8. Nobuo Funabiki, Toru Nakanishi, Hideo Takahashi, Kouhei Miki, Jun Kawashima, A Proposal of Anonymous IEEE802.1X Authentication Protocol for Wireless Networks, Department of Communication Network Engineering Okayama University, 2nd IEEE Workshop on Secure Network Protocols, pp.26-31, 2006.
9. Fanzheng Kong, Weili Huang, IEEE802.1x of protocol analysis and improvement, College of Information and Electrical Engineering Hebei University of Engineering Handan China,3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), pp.v3-282-v3-285, 2010.
10. Hui Hu, Di Wu, Tao Tang, Network Security Admission Solution Based on IEEE802.1X, Information Technology Center China, International Conference on Computing, Measurement, Control and Sensor Network, pp.336-339, 2012.
Received on 10.08.2018 Modified on 16.09.2018
Accepted on 12.10.2018 © RJPT All right reserved
Research J. Pharm. and Tech. 2019; 12(4):1625-1631.
DOI: 10.5958/0974-360X.2019.00271.3