Abstract
Recently, a three-factor authentication scheme for smart grid environment was published by Wazid et al., with the claim that their scheme is secure against various known attacks such as the reply attack, man-in-the-middle attack, user and smart meter impersonation attacks, etc. However, this paper will show that Wazid et al.’s scheme cannot resist the smart meter impersonation attack, and it also has the severe design defects that the trusted authority knows all registered users’ individual secrets, and all smart meters share the same individual secret used for authentication which eventually results in its vulnerability to the smart meter impersonation attack. Then, based on Wazid et al.’s scheme, an improved authentication and key agreement protocol is designed to eliminate these security weaknesses. The improved scheme is provably secure in the random oracle model. Moreover, further security attributes discussion is also given in this paper, which demonstrates that the improved scheme achieves expected security attributes including perfect forward secrecy, user anonymity, etc., and secure against the reply attack, man-in-the-middle attack, user and smart meter impersonation attacks, etc.
Similar content being viewed by others
References
Barreto PS, Libert B, McCullagh N et al (2005) Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: International conference on the theory and application of cryptology and information security, Springer, New York, pp 515–532
Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: International conference on the theory and applications of cryptographic techniques, Springer, New York, pp 523–540
Elgamal T (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transinftheory 31(4):469–472
Erol-Kantarci M, Mouftah HT (2015) Energy-efficient information and communication infrastructures in the smart grid: a survey on interactions and open issues. Commun Surv Tutorials IEEE 17(1):179–197
Grover HS, Kumar D et al (2020) Cryptanalysis and improvement of a three-factor user authentication scheme for smart grid environment. J Reliab Intell Environ 6(4):249–260
Harn L, Xu Y (1994) Design of generalised elgamal type digital signature schemes based on discrete logarithm. Electron Lett 30(24):2025–2026
Jo HJ, Kim IS, Lee DH (2016) Efficient and privacy-preserving metering protocols for smart grid systems. IEEE Trans Smart Grid 44(D1):1–1
Khan AA, Rehmani MH, Reisslein M (2016) Cognitive radio for smart grids: survey of architectures, spectrum sensing mechanisms, and networking protocols. IEEE Commun Surv Tutor 18(1):860–898
Kocher PC, Jaffe J, Jun B (1999) Differential power analysis. Proc Crypto 1666:388–397
Mahmood K, Chaudhry SA, Naqvi H et al (2016) A lightweight message authentication scheme for smart grid communications in power sector. Comput Electr Eng 52(C):114–124
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Nezamoddini N, Mousavian S, Erol-Kantarci M (2017) A risk optimization model for enhanced power grid resilience against physical attacks. Electr Power Syst Res 143:329–338
Nicanfar H, Jokar P, Beznosov K et al (2014) Efficient authentication and key management mechanisms for smart grid communications. IEEE Syst J 8(2):629–640
Odelu V, Das AK, Wazid M et al (2016) Provably secure authenticated key agreement scheme for smart grid. IEEE Trans Smart Grid PP(99):1–1
Park JH, Kim M, Kwon D (2013) Security weakness in the smart grid key distribution scheme proposed by Xia and Wang. IEEE Trans Smart Grid 4(3):1613–1614
Pointcheval D, Zimmer S (2008) Multi-factor authenticated key exchange. In: International conference on applied cryptography and network security, Springer, New York, pp 277–295
Ran C, Krawczyk H (2001) Analysis of key-exchange protocols and their use for building secure channels. Lect Notes Comput Sci 2045:453–474
Rehmani MH, Erol Kantarci M, Rachedi A et al (2016) Ieee access special section editorial smart grids: a hub of interdisciplinary research. Access IEEE 3:3114–3118
Sakai R (2003) Id based cryptosystems with pairing on elliptic curve. Iacr Eprint
Saleem MA, Islam SH, Ahmed S et al (2021) Provably secure biometric-based client-server secure communication over unreliable networks. J Inf Secur Appl 58:102,769
Saxena N, Choi BJ, Lu R (2017) Authentication and authorization scheme for various user roles and devices in smart grid. IEEE Trans Inf Forensic Secur 11(5):907–921
Tsai JL, Lo NW (2016) Secure anonymous key distribution scheme for smart grid. IEEE Trans Smart Grid 7(2):906–914
Wazid M, Das AK, Kumar N et al (2017) Secure three-factor user authentication scheme for renewable-energy-based smart grid environment. IEEE Trans Ind Inf 13(6):3144–3153
Wu D, Zhou C (2011) Fault-tolerant and scalable key management for smart grid. IEEE Trans Smart Grid 2(2):375–381
Xia J, Wang Y (2012) Secure key distribution for the smart grid. IEEE Trans Smart Grid 3(3):1437–1443
Yanik T, Kilinc HH (2014) A survey of sip authentication and key agreement schemes. IEEE Commun Surv Tutor 16(2):1005–1023
Acknowledgements
The author would like to sincerely thank the anonymous reviewers for their valuable comments, and the editor for the patience and hard work for this paper. This work was supported in part by the Natural Science Basic Research Program of Shaanxi Province of China (No. 2021JQ-123), and in part by the Fundamental Research Funds for the Central Universities (No. 31020200QD011).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Qi, M. An improved three-factor authentication and key agreement protocol for smart grid. J Ambient Intell Human Comput 14, 16465–16476 (2023). https://doi.org/10.1007/s12652-022-03871-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-022-03871-4