Abstract
Advanced metering infrastructure (AMI) is a fundamental functional module of Smart Grid that supports mutual communication between customers and electric companies. In order to secure AMI communication, scholars have proposed many key management schemes, some of which suffer from security issues or high costs. Recently, Mohammadali et al. proposed a key establishment NIKE protocol based on Elliptic Curve Cryptography. In this paper, we demonstrate that the protocol is vulnerable to both replay and tampering attacks and does not provide user anonymity. For the security vulnerabilities of the NIKE protocol, we propose an improvement scheme. And the proposed scheme is analyzed and verified for security based on the random oracle model and formal tools. Finally, we perform performance analysis of the improved scheme and the results show that the scheme has low communication and computation costs.
Similar content being viewed by others
Data availability
Data sharing not applicable to this article as no datasets were generated or analyzed during the current study.
References
Benmalek, M., Challal, Y.: Mk-ami: efficient multi-group key management scheme for secure communications in AMI systems. In: 2016 IEEE Wireless Communications and Networking Conference, pp. 1–6. IEEE, (2016)
Anzalchi, A., Sarwat, A.: A survey on security assessment of metering infrastructure in smart grid systems. In: SoutheastCon 2015, pp. 1–4. IEEE, (2015)
Mohammed, A., George, G.: Vulnerabilities and strategies of cybersecurity in smart grid-evaluation and review. In: 2022 3rd International Conference on Smart Grid and Renewable Energy (SGRE), pp. 1–6. IEEE, (2022)
Mohammadali, A., Haghighi, M.S., Tadayon, M.H., Mohammadi-Nodooshan, A.: A novel identity-based key establishment method for advanced metering infrastructure in smart grid. IEEE Trans. Smart Grid 9(4), 2834–2842 (2018)
Dapeng, W., Zhou, C.: Fault-tolerant and scalable key management for smart grid. IEEE Trans. Smart Grid 2(2), 375–381 (2011)
Xia, J., Wang, Y.: Secure key distribution for the smart grid. IEEE Trans. Smart Grid 3(3), 1437–1443 (2012)
Park, J.H., Kim, M., Kwon, D.: Security weakness in the smart grid key distribution scheme proposed by Xia and Wang. IEEE Trans. Smart Grid 4(3), 1613–1614 (2013)
Liu, N., Chen, J., Zhu, L., Zhang, J., He, Y.: A key management scheme for secure communications of advanced metering infrastructure in smart grid. IEEE Trans Indus Electr 60(10), 4746–4756 (2012)
Wan, Z., Wang, G., Yang, Y., Shi, S.: Skm: scalable key management for advanced metering infrastructure in smart grids. IEEE Trans. Indus. Electr. 61(12), 7055–7066 (2014)
Tsai, J.-L., Lo, N.-W.: Secure anonymous key distribution scheme for smart grid. IEEE Trans. Smart Grid 7(2), 906–914 (2015)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Advances in Cryptology—EUROCRYPT 2001: International Conference on the Theory and Application of Cryptographic Techniques Innsbruck, Austria, May 6–10, 2001 Proceedings 20, pp. 453–474. Springer, (2001)
Odelu, V., Das, A.K., Goswami, A.: A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans. Inf. Foren. Secur. 10(9), 1953–1966 (2015)
Odelu, V., Das, A.K., Wazid, M., Conti, M.: Provably secure authenticated key agreement scheme for smart grid. IEEE Trans. Smart Grid 9(3), 1900–1910 (2016)
Mahmood, K., Chaudhry, S.A., Naqvi, H., Kumari, S., Li, X., Sangaiah, A.K.: An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Fut. Gener. Comput. Syst. 81, 557–565 (2018)
Zhang, L., Zhao, L., Yin, S., Chi, C.-H., Liu, R., Zhang, Y.: A lightweight authentication scheme with privacy protection for smart grid communications. Fut. Gener. Comput. Syst. 100, 770–778 (2019)
Kumar, P., Gurtov, A., Sain, M., Martin, A., Phuong, H.H.: Lightweight authentication and key agreement for smart metering in smart energy networks. IEEE Trans. Smart Grid 10(4), 4349–4359 (2018)
Khan, A.A., Kumar, V., Ahmad, M., Rana, S., Mishra, D.: Palk: Password-based anonymous lightweight key agreement framework for smart grid. Int. J. Electr. Power Energy Syst. 121, 106121 (2020)
Chaudhry, S.A.: Correcting palk: password-based anonymous lightweight key agreement framework for smart grid. Int. J. Electr. Power Energy Syst. 125, 106529 (2021)
Nyangaresi, V.O., Mohammad, Z.: Privacy preservation protocol for smart grid networks. In: 2021 International Telecommunications Conference (ITC-Egypt), pp. 1–4. IEEE, (2021)
Srinivas, J., Das, A.K., Li, X., Khan, M.K., Jo, M.: Designing anonymous signature-based authenticated key exchange scheme for internet of things-enabled smart grid systems. IEEE Trans. Indus. Inf. 17(7), 4425–4436 (2020)
Khan, A.A., Kumar, V., Ahmad, M., Rana, S.: Lakaf: lightweight authentication and key agreement framework for smart grid network. J. Syst. Archit. 116, 102053 (2021)
Baghestani, S.H., Moazami, F., Tahavori, M.: Lightweight authenticated key agreement for smart metering in smart grid. IEEE Syst. J. 16(3), 4983–4991 (2022)
Chai, S., Yin, H., Xing, B., Li, Z., Guo, Y., Zhang, D., Zhang, X., He, D., Zhang, J., Yu, X., et al.: Provably secure and lightweight authentication key agreement scheme for smart meters. IEEE Transactions on Smart Grid, (2023)
Ratzer, A.V., et al.: Cpn tools for editing, simulating, and analysing coloured petri nets. In: Applications and Theory of Petri Nets 2003: 24th International Conference, ICATPN 2003 Eindhoven, The Netherlands, June 23–27, 2003 Proceedings, pp. 450–462. Springer (2003)
Attia, H.B., Kahloul, L., Benhazrallah, S., Bourekkache, S.: Using hierarchical timed coloured petri nets in the formal study of TRBAC security policies. Int. J. Inf. Secur. 19(2), 163–187 (2020)
Yankson, B.: Continuous improvement process (CIP)-based privacy-preserving framework for smart connected toys. Int. J. Inf. Secur. 20(6), 849–869 (2021)
Gong, X., Feng, T.: Lightweight anonymous authentication and key agreement protocol based on COAP of internet of things. Sensors 22(19), 7191 (2022)
Sakurada, H.: Security evaluation of the plaid protocol using the proverif tool. NTT Commun. Sci. Lab. (2013)
Meier, S., Schmidt, B., Cremers, C., Basin, D.: The tamarin prover for the symbolic analysis of security protocols. In: Computer Aided Verification: 25th International Conference, CAV 2013, Saint Petersburg, Russia, July 13–19, 2013. Proceedings 25, pp. 696–701. Springer, (2013)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Abbasinezhad-Mood, D., Ostad-Sharif, A., Nikooghadam, M., Mazinani, S.M.: A secure and efficient key establishment scheme for communications of smart meters and service providers in smart grid. IEEE Trans. Indus. Inf. 16(3), 1495–1502 (2019)
Funding
The study was supported by National Natural Science Foundation of China (Grant No. 62162039, 61762060).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Ethical approval
This article does not contain any studies with human participants performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Feng, T., Jin, W., Zhang, M. et al. Security assessment and improvement of smart grid NIKE protocol. Int. J. Inf. Secur. 23, 411–429 (2024). https://doi.org/10.1007/s10207-023-00746-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00746-3