Professional Documents
Culture Documents
HTML
HTML
highlights
article info a b s t r a c t
Article history: An evolved grid system, Smart Grid, enables appropriate adjustments in the amount of electricity
Received 19 January 2017 generation by providing the capability to monitor the consumption behavior of customers. This advance
Received in revised form 12 April 2017 grid system can help to promote cultural heritage because it is responsible to provide un-interruptible
Accepted 5 May 2017
and reliable power supply in smart way. Smart grid is one of the key component for enabling smart cities
Available online xxxx
and obviously, any city with more smart amenities will ultimately attract visitors to come and visit rich
Keywords: heritage. In smart grid, Supervisory Control and Data Acquisition (SCDA) system is responsible for keeping
Smart grid the underlying communication secure between substations and corresponding control center. While
Authentication communication between customers and substations needs more enhancements as the existing protocols
Elliptic curve cryptography do not meet the comprehensive security requirements of smart grid. Due to the complex nature of smart
Lightweight cryptography grid and diverse security requirements, designing a suitable authentication scheme is a challenging task.
BAN logic For delay sensitive networks like smart grid, an ideal authentication scheme should withstand against all
ProVerif known security attacks, involving lightweight operations with trivial computations. ECC provides same
security level with much less key sizes as compared with other security techniques such as RSA, DSA
and DH. Keeping in mind the complex and delay sensitive nature of smart grid, a lightweight ECC based
authentication scheme is proposed here. The proposed scheme not only provides mutual authentication
with low computation and communication cost but also withstand against all known security attacks.
2017 Elsevier B.V. All rights reserved.
http://dx.doi.org/10.1016/j.future.2017.05.002
0167-739X/ 2017 Elsevier B.V. All rights reserved.
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
2 K. Mahmood et al. / Future Generation Computer Systems ( )
cities into smart ones. Therefore, smart city environments with the operations with trivial computation for delay sensitive networks
help of secure smart grid will not only enhance the quick access of such as SG.
cultural heritage but it will also entice more visitors [13]. Various authentication schemes for communicating entities
Making cities smarter is a challenging task to do because di- that are presented so far [1122] are briefly discussed as follows:
verse technologies needs to be integrated to bring the smartness. T.W. Chim et al. [11] presented an authentication scheme for
More importantly city itself needs to be perceived as a substantial fortifying the usage pattern of electricity. They utilized a specific
tangled system. Cities are uniquely recognized by their cultural device aka temper-resistance device and pseudo identity in or-
heritage and it is a challenging task to maintain it during smart der to fortify the customers privacy for smart appliances and SG
city development process. Smart grid has a major role in enabling network, respectively. Although their scheme is insecure against
smart cities. Moreover, secure, efficient and fault tolerant power impersonation attacks and does not offer key agreement function.
grid can only guarantee desirable platform for the smart city, Moreover, their scheme has utilized time-stamp during sign-in
which can also help to preserve cultural heritage. Smart grid is procedure that introduces problem of maintaining clock synchro-
responsible to generate and distribute power from the utility to nization.
consumer and vice versa as renewable energy sources can also be Mostafa et al. [12] introduced computational DiffieHellman
integrated with the smart grid. Smart grid also provide two-way based authentication scheme for SG network. Their scheme
communication between utility and consumer. Smart grid utilizes achieves key agreement and mutual authentication for distributed
diverse communication technologies in order to facilitate commu- smart meters and smart appliances that are present in the entire SG
nication and this public communication is vulnerable to security network. Smart meters along with corresponding smart appliances
breach. Therefore, secure authentication schemes can useful for authenticate each other using a joint session key and hash-based
maintaining the desired privacy and confidentiality. Hence, secure authentication scheme. Mostafa et al. declared that their scheme
smart grid will set the suitable stage for establishing smart cities is lightweight but still its computational complexity is high due to
and empowering cultural heritage [4,5]. exponential time complexity of some operations.
Smart grid (SG) is the emerging electricity generation infras- Li et el. [14] presented multicast scheme for authentication that
tructure, capable of monitoring the consumption behavior of cus- also utilizes one-time signature in order to overcome the memory
tomers in order to enable suitable adjustments in the amount of overhead and reduce the size of signature. Although computation
electricity generation, accordingly. Smart grid not only bridges complexity and authentication delay of the proposed scheme is
the gap between customers and power producers but it also en- very low but still it does not resolve the key agreement problem.
sures un-interruptible power supply as a result of efficient con- Soohyun et al. [15] take another step to further improve the se-
trolling and monitoring of the customers power usage. Gener- curity for communications of SG. They proposed a key agreement
ally, smart grid network is comprised of three distinct entities: and mutual authentication scheme for securing communication
smart appliances, substations and control center. Smart meters between intelligent devices and data concentration unit (DCU). The
are utilized by smart appliances to exchange information with mutual authentication is achieved using long term pre-shared keys
substations. Customers requests are communicated with the help (PSK) and corresponding public key certificate of DCU. However,
of smart meters to substation. Substations then forward these long-term sharing become the bottleneck for scalability of the
requests to corresponding control center. The control center re- proposed scheme and also make it impractical to be applicable.
spond to incoming request accordingly in order to facilitate the Gao et al. [18] attempted to incorporate biometric features like
remote customers. Communications between control center and fingerprint for achieving tenacious authentication but it proved out
corresponding substations is kept secure by the Supervisory Con- to be non-trivial in terms of its computational complexity.
trol and Data Acquisition (SCDA) system. The conceptual model Vaidya et al. introduced a hybrid mechanism of attribute based
of SG to understand the security requirements of it can visual- authorization and multi-factor authentication for SG architecture.
ized in Fig. 1. On the other hand security of communication be- The proposed scheme is realized through zero knowledge, public
tween the customers and substations still demand more attention key certificates and access control technologies. Their scheme also
[69]. Even though numerous security mechanism have been de- suffers due to high computational complexity in terms of public
signed in recent years to protect communication between smart key certificate maintenance.
appliances and substations but these protocols are not reliable to In order achieve improved security among interacting devices
prevent common attacks [10]. Therefore, a reliable and decisive Nicanfar et al. [23] introduced password based authentication
authentication scheme is inevitable to protect the intermediate using key agreement. Their scheme has the potential to provide
communication between smart appliances and substation. forward and backward stealth but again non-trivial operation leads
In SG, different devices communicate with each other to ex- towards hard and expensive implementation. Therefore, in order
change information. Prior to this information exchange between to reduce computational complexity, Nicanfar et al. presented
the diverse kinds of communicating devices, these devices must another scheme using Elliptic Curve Cryptography (ECC) in [24].
be authenticated to ensure secure communication with legitimate Although use of ECC brought huge amount of reduction in com-
entities. The proposed scheme is designed to authenticate such putational complexity but restriction to preload the password be-
communicating devices using lightweight authentication protocol tween home area network and specific device prevents scalability
that make use of elliptic curve cryptography. In this protocol each and introduces overhead of maintaining a table for keeping the
participant has to register itself with the Trusted Third Party. Then repository of password.
each registered participant can initiate authentication process with Lately, Li et al. [25] authentication architecture is designed for
another participant to initiate secure session of communication af- SGs advanced metering infrastructure (AMI) and it is proved to be
ter successful authentication. Authentication process is terminated fault-diagnosable. Although, key exchange is not considered along
after exchange of valid session keys between the authenticating with authentication scheme. Schemes in [25,12] do not prevent
participant. Thus, SG architecture is complex in nature and in- eavesdropping and also scheme in [11] fails to prevent imperson-
volves numerous interacting entities. So designing an appropriate ation attack due to absence of key agreement.
authentication scheme is a tedious task to do due to its diversified Even though few schemes proved to be good in performance but
security obligations as compared to any other kind of networks their security level is not up-to the mark. Whereas, some schemes
such as adhoc and VoIP networks. Ideal authentication schemes not are able to offer reasonable security but their performance does
only prevent the security attacks but it also involves lightweight not meet the standards due to computational complexity, memory
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
K. Mahmood et al. / Future Generation Computer Systems ( ) 3
and communication overhead. Hence, the protocols discussed so Ep (a, b) : y2 = x3 + ax + b mod p; is used to define the mathematical
far are not apt to be implemented and additionally do not pro- operations, where a, b Zp and 4a3 + 27b2 mod p = 0 such that p
tect privacy in SGs. All these reasons motivated us to design a be a large prime number. The elliptic curve is defined by the values
lightweight ECC based authentication scheme. It is due to the fact a and b, while the points (x, y) including a point at infinity lie on
that ECC offers similar security level with compact key size. It is the elliptic curve, if it satisfies the previous given statement. Given
also proved to be one of the efficient public key cryptosystem in Q as a point and t FP as an integer; then repeated addition is
terms of performance as compared to DiffieHellman. Moreover, used to define as scalar multiplication i.e. tQ = Q + Q + Q + Q +
it is observed that public key cryptosystems are more reliable and + Q (t times). The domain parameters are members of finite
provide a remarkable trade-off between security and efficiency as field FP i.e. (p, a, b, P , n, h) FP . E is an abelian group, the identity
compared to various other security techniques. Hence, ECC based element of this group is the point which lies at infinity.
authentication scheme can establish enhanced key agreement and
it can also insulate privacy with lower computational complexity. 2.2. Notation guide
In this paper, ECC based lightweight authentication scheme
is presented. Formal and informal analysis is done to assess the The primitive notations pertaining to proposed scheme are
performance of the proposed scheme. Moreover, BurrowsAbadi demonstrated in Table 1.
Needham (BAN) Logic [26] is utilized to investigate the integrity or
completeness of the proposed protocol. 2.3. Adversarial model
1.1. Roadmap of the paper In this paper, we consider the common adversarial model as
mentioned in [2729]. Where according to the capabilities of the
Rest of the paper is organized as follows: adversary A, following assumptions are made:
Preliminaries pertaining to this paper are presented in Sec-
tion 2. Section 3 elaborates the proposed ECC based lightweight 1. A can access the public communication channel. He can
authentication scheme for SG. In Section 4 the security validation retrieve, modify, replay, inject new message and can discard
of the proposed scheme is formalized and proved using an auto- any message.
mated tool ProVerif. Furthermore, security analysis of the proposed 2. The Trusted Third Party T is presumed to be protected,
scheme is illustrated in Section 5, whereas BAN logic is utilized therefore A cannot obtain the secret key of T .
to justify its completeness and integrity and this justification is 3. A knows the public identities of all the users and the T .
presented in Section 6. Performance evaluation of the proposed 4. A can be an intruder or can be an insincere user of the
scheme is envisaged in Section 7. Section 8 presents the concluding underlying system.
discussion at the end.
This section elaborates the fundamentals of elliptic curve cryp- The proposed ECC based lightweight authentication scheme for
tography, primitive notations and customary adversarial blueprint. SG is presented in this section. The scheme is explained in three
phases and it is also depicted in Fig. 2.
2.1. Elliptic curve cryptography
3.1. Initialization
Some fundamental concepts of elliptic curve cryptography
(ECC), relevant to this paper are accommodated in this subsec- During initialization phase, the Trusted Third Party (TTP) des-
tion. As compared with previous conventional cryptographic tech- ignated as T assembles the preliminary parameters. Primarily,
niques such as DSA, RSA and DH, it has been proved that ECC elliptic curve Ep (a, b) is considered, then T picks up a random base
is more efficient cryptographic technique for security [1221]. point P along-with three one-way hash functions h1 (.), h2 (.) and
ECC uses much less key size to provide same level of security, h3 (.). Thereafter, T engenders his secret key s and discloses the
as compared with other techniques. The elliptic curve equation subsequent parameters {Ep (a, b)P , h1 (.), h2 (.), h3 (.)}.
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
4 K. Mahmood et al. / Future Generation Computer Systems ( )
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
K. Mahmood et al. / Future Generation Computer Systems ( ) 5
1. RESULT inj-event(endUserUi(id)) involves secret key Kis of Ui . If public key infrastructure is not inse-
==> inj-event(beginUserUi(id)) is true. cure then only legitimate user can determine Yi .P. Uj authenticates
2. RESULT inj-event(endUserUj(id)) ?
Ui by verifying Yi .P = (Xi + Kip + H1 (IDi , Kip )s.P).(H2 (IDj , Xi , ti )),
==> inj-event(beginUserUj(id)) is true. where A cannot find H1 (IDi , Kip ) without secret key s of T . More-
3. RESULT not attacker(SK[]) is true. over, the use of public key Kip of Ui guarantees that request is
made by legitimate user. On the other hand Ui authenticates Uj by
The correctness of the proposed scheme is substantiated as ?
first two queries are executed successfully. Whereas, its secrecy is verifying Yj .P = (Xj + Kjp + H1 (IDj , Kjp )s.P).(H2 (IDi , Xj , tj )). Hence,
confirmed due to unsuccessful query attack on session key SK . both Ui and Uj mutually authenticate each other.
This section presents the security analysis of proposed authen- Authentication request contains time stamp ti , which is not only
sent in plaintext, but it is also concealed in Yi = xi +Kis H2 (IDj , Xi , ti ).
tication technique under the adversarial model discussed in Sec-
Therefore, if an A replays a former message from Ui , Uj can identify
tion 2.3. The subsequent subsections substantiate the robustness
it by checking the recentness/freshness of ti . However, if A sends a
against familiar attacks.
fresh time stamp ta , even then authentication request fails to verify
?
5.1. Mutual authentication Yi .P = (Xi + Kip + H1 (IDi , Kip )s.P).(H2 (IDj , Xi , ti )). Replay attack over
challenge message is also prevented in the similar fashion due to
As per proposed scheme, Ui determines Xi = xi .P and Yi = xi + tj that is not only sent in the plaintext, but it is also concealed in
?
Kis H2 (IDj , Xi , ti ) and sends {Xi , Yi , Kip , IDi , ti }. The computation of Yi Yj .P = (Xj + Kjp + H1 (IDj , Kjp )s.P).(H2 (IDi , Xj , tj )).
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
6 K. Mahmood et al. / Future Generation Computer Systems ( )
Table 2
Comparison of security characteristics.
Scheme: Proposed [11] [12] [34]
Provides Mutual Authentication and key agreement Yes No Yes Yes
Withstands Replay attack Yes Yes Yes Yes
Withstands Impersonation attack Yes No Yes Yes
Withstands Privileged Insider Attack Yes No No No
Withstands Man-in-the-middle Attack Yes Yes Yes Yes
Provides Perfect Forward secrecy Yes No No No
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
K. Mahmood et al. / Future Generation Computer Systems ( ) 7
Where sP T is designated as the public key of T (trusted 7.1. Computation complexity comparison
third party), which is believed by Ui and Uj . Considering the IM1 of
the idealized form: Comparison of computational complexity of the proposed
scheme beside analogous schemes is discoursed here. Prior to
IM1 : Ui Uj : Xi , Yi , Kip , IDi , ti :
presenting comparison, important notations are listed as under:
{xi .P , IDj , xi .P , ti (ai +sH1 (IDi ,ai .P)) , ai .P , IDi , ti }.
TME : appertains to execution time for operation of modular
By applying seeing rule, we get: exponentiation.
S1 : Uj Xi , Yi , Kip , IDi , ti : TSM : appertains to execution time for operation of ECC Scalar
multiplication.
{xi .P , IDj , xi .P , ti (ai +sH1 (IDi ,ai .P)) , ai .P , IDi , ti }.
TH : appertains to time incurred during one-way hash func-
According to S1, A4 and RBL 7, we have: tion.
TPA : appertains to time incurred during point addition.
S2 : Uj | Ui {xi .P , ai .P , IDi , IDj , xi .P , ti sP T , ti }. TSE : appertains to time incurred during execution of sym-
Using S2, A1, RLB 2 and RLB 4, we have: metric key encryption.
TSD : appertains to time incurred during execution of sym-
S3 : Uj | Ui | {xi .P , ai .P , IDi , IDj , xi .P , ti sP T , ti }. metric key decryption.
Using S3, A6 and RLB 3, we have: TAE : refers to execution time incurred during execution of
asymmetric key encryption.
S4 : Uj | {xi .P , ai .P , IDi , IDj , xi .P , ti sP T , ti }. TAD : refers to execution time incurred during execution of
asymmetric key decryption.
Using SK = xj .xi .P, S4, A1 and RLB 6, we have:
THMAC : appertains to execution time incurred during execu-
SK tion of Hash-based Message Authentication Code (HMAC)
S5 : Uj | Uj Ui . Goal 1
operation.
According to S5, A6 we apply RLB 6 as:
Computation complexity of the proposed scheme and analo-
SK
S6 : Uj | Ui | Uj Ui . Goal 2 gous schemes are evaluated by identifying the primitive opera-
tions and their frequency in the respective schemes. Time of each
Now, we consider the second message IM2 in idealized form: primitive operation is used as presented in the [35]. Whereas,
IM2 : Uj Ui : Xj , Yj , Kjp , IDj , tj : communication and storage overhead comparison is performed by
selecting 64 bits long ID. Time stamp length is considered as 32 bits,
{xj .P , IDi , xj .P , tj (aj +sH1 (IDj ,aj .P)) , aj .P , IDj , tj }. public/private keys and ECC operation size is taken up as 160 bits.
By applying seeing rule, we get: Table 4 depicts that proposed scheme outperforms rest of the anal-
ogous schemes [11,12,34] in terms of computational complexity.
S7 : Ui Xj , Yj , Kjp , IDj , tj : The computation cost of the proposed scheme is just 11.1703 ms,
{xj .P , IDi , xj .P , tj (aj +sH1 (IDj ,aj .P)) , aj .P , IDj , tj }. which is substantially less than the analogous schemes. It is due
to the fact that expansive operations (in terms of computation)
According to S7, A3 and RLB 7, we have:
are eradicated in the proposed scheme. So, proposed scheme is
S8 : Ui | Uj {xj .P , aj .P , IDj , IDi , xj .P , tj sP T , tj }. capable to achieve same level of security against various well-
known attacks using lightweight primitive operations.
Using S8, A2, RLB 2 and RLB 4, we have:
S9 : Ui | Uj | {xj .P , aj .P , IDj , IDi , xj .P , tj sP T , tj }. 7.2. Communication and memory overhead comparison
Using S9, A5 and RLB 3, we have: Comparison of communication and memory overhead of the
proposed scheme beside analogous schemes is presented here.
S10 : Ui | {xj .P , aj .P , IDj , IDi , xj .P , tj sP T , tj }.
This comparison reveals that the proposed scheme outperforms
Using SK = xi .xj .P, S10, A2 and RLB 6, we have: analogous or relevant schemes in terms of communication over-
head. The communication cost of the proposed scheme is 576 bits,
SK
S11 : Ui | Uj Ui . Goal 3 which is obviously less than the communication cost of the analo-
gous schemes. Similarly, memory overhead is just 320 bits, which
According to S11, A5 we apply RLB 6 as:
is less than the rest of the analogous schemes. Although, memory
SK overhead of the proposed scheme is similar to Fouda et al.s [12]
S12 : Ui | Uj | Uj Ui . Goal 4
scheme but it is proved that proposed scheme is able to prevent
The above BAN logic analysis formally proves that the proposed additional security attacks as compared to other relevant schemes
protocol achieves mutual authentication and the session key SK is including Fouda et al.s scheme. Hence, Table 4 highlights that the
mutually established between Ui and Uj . proposed scheme is resource efficient as far as the communication
cost and memory overhead is concerned.
7. Performance evaluation
8. Conclusion
Performance evaluation of proposed scheme is presented here
beside analogous schemes [11,12,34]. The primitive metrics used For enabling smart city environment to entice more visitors
for the performance comparison, namely computational complex- towards cultural heritage, secure SG is considered as the vital com-
ity, communication and memory overheads. The results are de- ponent. In this paper, we have proposed an ECC based lightweight
rived at the core i5 machine with processing capability of 2.50 GHz authentication scheme for SG system. The proposed scheme is
and installed internal memory of 4.0 GB. The system has utilized best suited for SG system due to its lightweight operations as SG
Windows 7 Professional as an operating system. Time of each is a complex network with delay sensitive nature. The scheme
primitive operation is used as presented in the [35]. provides mutual authentication with protection against all known
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
8 K. Mahmood et al. / Future Generation Computer Systems ( )
Table 4
Performance analysis.
Scheme: Computation cost Communication cost Memory overhead
Chim et al. [11] 2TAE + 2TAD + 2THMAC = 15.4092 ms 4448 bits 3232 bits
Fouda et al. [12] 2TAE + 2TAD + 2TH + 4TME + THMAC = 30.8092 ms 3744 bits 320 bits
Zhang et al. [34] TAE + TAD + 2TH + 2TSM + 2TSE + 2TSD = 19.8658 ms 608 bits 3200 bits
Proposed 5TSM + 5TH + 1TPA = 11.1703 ms 576 bits 320 bits
security attacks. Automated protocol verifier tool ProVerif is used [18] Q. Gao, Biometric authentication in smart grid, in: Energy and Sustainability
to analyze the security of the proposed scheme. Integrity and Conference, IESC, 2012 International, IEEE, 2012, pp. 15.
completeness of the scheme is proved through BAN logic. Fur- [19] B. Vaidya, D. Makrakis, H.T. Mouftah, Authentication and authorization mech-
anisms for substation automation in smart grid network, IEEE Netw. 27 (1)
thermore, the proposed technique is informally analyzed under a
(2013) 511.
given adversarial model to confirm its robustness against known [20] D. He, N. Kumar, M.K. Khan, L. Wang, J. Shen, Efficient privacy-aware authen-
security attacks. Performance analysis of the proposed scheme in tication scheme for mobile cloud computing services, IEEE Syst. J. (2016).
comparison with contemporary related authentication schemes [21] D. He, N. Kumar, H. Shen, J.-H. Lee, One-to-many authentication for access
shows that our scheme requires lowest computational overhead control in mobile pay-TV systems, Sci. China Inf. Sci. 59 (5) (2016) 052108.
as well as least communication overhead. [22] D. He, S. Zeadally, Authentication protocol for an ambient assisted living
system, IEEE Commun. Mag. 53 (1) (2015) 7177.
[23] H. Nicanfar, V. Leung, Password-authenticated cluster-based group key agree-
Acknowledgement ment for smart grid communication, Secur. Commun. Netw. 7 (1) (2014)
221233.
This work is supported by the National Natural Science Foun- [24] H. Nicanfar, V.C. Leung, Multilayer consensus ECC-based password authen-
dation of China under Grant No. 61300220, and the Scientific ticated key-exchange (MCEPAK) protocol for smart grid system, IEEE Trans.
Research Fund of Hunan Provincial Education Department under Smart Grid 4 (1) (2013) 253264.
[25] D. Li, Z. Aung, J.R. Williams, A. Sanchez, Efficient and fault-diagnosable authen-
Grant No. 16B089.
tication architecture for AMI in smart grid, Secur. Commun. Netw. 8 (4) (2015)
598616.
References [26] M. Burrows, M. Abadi, R.M. Needham, A logic of authentication, in: Proceedings
of the Royal Society of London A: Mathematical, Physical and Engineering
[1] A. Chianese, F. Piccialli, A smart system to manage the context evolution in Sciences, vol. 426, The Royal Society, 1989, pp. 233271.
the cultural heritage domain, Comput. Electr. Eng. 55 (2016) 2738. http: [27] T. Eisenbarth, T. Kasper, A. Moradi, C. Paar, M. Salmasizadeh, M. Shalmani,
//dx.doi.org/10.1016/j.compeleceng.2016.02.008. On the power of power analysis in the real world: A complete break of the
[2] A. Chianese, F. Marulli, F. Piccialli, P. Benedusi, J. Jung, An associative engines keeloq code hopping scheme, in: D. Wagner (Ed.), Advances in Cryptology,
based approach supporting collaborative analytics in the internet of cultural CRYPTO 2008, in: Lecture Notes in Computer Science, vol. 5157, Springer
things, Future Gener. Comput. Syst. 66 (2017) 187198. http://dx.doi.org/10. Berlin Heidelberg, 2008, pp. 203220. http://dx.doi.org/10.1007/978-3-540-
1016/j.future.2016.04.015. 85174-5.12.
[3] A. Chianese, F. Marulli, F. Piccialli, P. Benedusi, J.E. Jung, An associative engines [28] D. Dolev, A.C. Yao, On the security of public key protocols, IEEE Trans. Inform.
based approach supporting collaborative analytics in the internet of cultural Theory 29 (2) (1983) 198208. http://dx.doi.org/10.1109/TIT.1983.1056650.
things, Future Gener. Comput. Syst. 66 (2017) 187198. [29] X. Cao, S. Zhong, Breaking a remote user authentication scheme for multi-
[4] A. Chianese, F. Piccialli, A smart system to manage the context evolution in the server architecture, IEEE Commun. Lett. 10 (8) (2006) 580581. http://dx.doi.
cultural heritage domain, Comput. Electr. Eng. 55 (2016) 2738. org/10.1109/LCOMM.2006.1665116.
[5] M. Hong, J.J. Jung, F. Piccialli, A. Chianese, Social recommendation service for [30] M. Abadi, B. Blanchet, H. Comon-Lundh, Models and proofs of protocol se-
cultural heritage, Pers. Ubiquitous Comput. (2016) 111. http://dx.doi.org/10. curity: A progress report, in: Computer Aided Verification, Springer, 2009,
1007/s00779-016-0985-x. pp. 3549.
[6] M.S. Thomas, J.D. McDonald, Power System SCADA and Smart Grids, CRC Press, [31] S.A. Chaudhry, M.S. Farash, H. Naqvi, M. Sher, A secure and efficient authen-
2015. ticated encryption for electronic payment systems using elliptic curve cryp-
[7] B. Vaidya, D. Makrakis, H. Mouftah, Secure communication mechanism for tography, Electron. Commerce Res. (2015) 127. http://dx.doi.org/10.1007/
ubiquitous smart grid infrastructure, J. Supercomput. 64 (2) (2013) 435455. s10660-015-9192-5.
[8] C.-I. Fan, S.-Y. Huang, W. Artan, Design and implementation of privacy preserv- [32] S.A. Chaudhry, M.S. Farash, H. Naqvi, S. Kumari, M.K. Khan, An enhanced
ing billing protocol for smart grid, J. Supercomput. 66 (2) (2013) 841862. privacy preserving remote user authentication scheme with provable security,
[9] B. Vaidya, D. Makrakis, H. Mouftah, Secure and robust multipath routings for Secur. Commun. Netw. (2015) 113. http://dx.doi.org/10.1002/sec.1299.
advanced metering infrastructure, J. Supercomput. 66 (2) (2013) 10711092. [33] Q. Xie, B. Hu, N. Dong, D.S. Wong, Anonymous three-party password-
[10] S. Al-Agtash, Electricity agents in smart grid markets, Comput. Ind. 64 (3) authenticated key exchange scheme for telecare medical information systems,
(2013) 235241. PLoS One 9 (7) (2014) e102747.
[11] T.W. Chim, S.-M. Yiu, L.C. Hui, V.O. Li, Pass: Privacy-preserving authentication [34] L. Zhang, S. Tang, H. Luo, Elliptic curve cryptography-based authentication
scheme for smart grid network, in: Smart Grid Communications, SmartGrid- with identity protection for smart grids, PLoS One 11 (3) (2016) e0151253.
Comm, 2011 IEEE International Conference on, IEEE, 2011, pp. 196201. [35] H.H. Kilinc, T. Yanik, A survey of SIP authentication and key agreement
[12] M.M. Fouda, Z.M. Fadlullah, N. Kato, R. Lu, X. Shen, A lightweight message schemes, IEEE Commun. Surv. Tutor. 16 (2) (2014) 10051023.
authentication scheme for smart grid communications, IEEE Trans. Smart Grid
2 (4) (2011) 675685.
[13] K. Mahmood, S.A. Chaudhry, H. Naqvi, T. Shon, H.F. Ahmad, A lightweight
message authentication scheme for smart grid communications in power
sector, Comput. Electr. Eng. (2016).
[14] Q. Li, G. Cao, Multicast authentication in the smart grid with one-time signa-
ture, IEEE Trans. Smart Grid 2 (4) (2011) 686696. Khalid Mahmood received the B.S. degree in Computer
[15] S. Oh, J. Kwak, Mutual authentication and key establishment mechanism using Science from Virtual University, Lahore, Pakistan and
DCU certificate in smart grid, Appl. Math. Inf. Sci. Mag. S 1 (2012) 257264. the M.S. degree in Computer Science from Riphah Inter-
[16] J. Nam, K.-K.R. Choo, S. Han, M. Kim, J. Paik, D. Won, Efficient and anonymous national University, Islamabad, Pakistan, respectively in
two-factor user authentication in wireless sensor networks: achieving user 2007 and 2010. He is pursuing Ph.D. degree in Computer
Science from International Islamic University, Islamabad,
anonymity with lightweight sensor computation, PLoS One 10 (4) (2015)
Pakistan. His research interests are in Smart Grid authen-
e0116709.
tication and information security.
[17] D. He, N. Kumar, N. Chilamkurti, A secure temporal-credential-based mutual
authentication and key agreement scheme with pseudo identity for wireless
sensor networks, Inform. Sci. 321 (2015) 263277.
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.
K. Mahmood et al. / Future Generation Computer Systems ( ) 9
Husnain Abbas Naqvi received his Ph.D. from The Univer- Arun Kumar Sangaiah has received his Master of En-
sity of Auckland, New Zealand. Currently he is working gineering (M.E.) degree in Computer Science and Engi-
as Assistant Professor at the Department of Computer neering from the Government College of Engineering,
Science, International Islamic University, Islamabad. He Tirunelveli, Anna University, India. He had received his
authored more than 30 scientific publications published Doctor of Philosophy (Ph.D.) degree in Computer Science
in different international journals and proceedings. His and Engineering from the VIT University, Vellore, India. He
broad research interests include Sensor Networks, Col- is presently working as an associate professor in School of
laborative Communications, Lightweight Cryptography, Computer Science and Engineering, VIT University, India.
Beamforming and Space Time Block Codes. His area of interest includes software engineering, compu-
tational intelligence, wireless networks, bio-informatics,
and embedded systems. He has authored more than 100
publications in different journals and conference of national and international
repute. His current research work includes global software development, wireless
adhoc and sensor networks, machine learning, cognitive networks and advances
Saru Kumari is currently an Assistant Professor with the in mobile computing and communications. He is an active member in Compute
Department of Mathematics, C.C.S. University, Meerut, Society of India. Moreover, he has carried out a number of funded research projects
U.P, India. She received Ph.D. degree in Mathematics in for Indian government agencies. Also, he was registered a one Indian patent in the
2012 from C.C.S. University, Meerut, Uttar Pradesh, India. area of Computational Intelligence.
She has published 68 papers in international journals and
conferences including 52 research publications in SCI in-
dexed journals. Her research field is cryptology.
Please cite this article in press as: K. Mahmood, et al., An elliptic curve cryptography based lightweight authentication scheme for smart grid communication, Future
Generation Computer Systems (2017), http://dx.doi.org/10.1016/j.future.2017.05.002.