Using a privacy-enhanced authentication process to secure IoT-based smart grid infrastructures

Over the last decade, technological advances in smart grids have permitted the modernization of legacy electricity networks. As Internet of Things (IoT)-based smart grids are becoming an efficient response to managing changing electric demand, the heterogeneous network of equipment required to make these Cyber-Physical Systems a reality poses some security threats. This paper proposes a novel mutual authentication and key agreement scheme to ensure communications security and protect users" privacy in smart grid applications. In the proposed scheme (named EPSG), an elliptic curve cryptography (ECC) module and a physical unclonable function (PUF) are used simultaneously to provide acceptable confidentiality and integrity levels. The security analysis demonstrates that the EPSG has a robust security posture regarding transferred messages on the communication channel and physical attacks. In addition, EPSG is resistant to modeling attacks as one of the main vulnerabilities of PUF modules. Furthermore, by implementing the EPSG on an Arduino UNO microcontroller, a comparative performance evaluation (e.g., Time 156 ms, Communication cost 1408 bits, and Energy consumption 13.728 mJ) demonstrates the efficiency of the proposed EPSG.

Using a privacy-enhanced authentication process to secure IoT-based smart grid infrastructures Articles