Skip to main content
SpringerLink
Log in

Cryptanalysis and improvement of a three-factor user authentication scheme for smart grid environment

  • Original Article
  • Published:
Journal of Reliable Intelligent Environments Aims and scope Submit manuscript

Abstract

Nowadays, smart grid technology has become popular because it provides intelligent and distributed electrical power transmission systems. One of its main applications is to charge the electric vehicles. To provide a secure communication between a user and a smart meter and during the peak hours, authentication is necessary between them. Recently, Wazid et al. have discussed a three factor authentication (3FA) scheme for smart grid environment using ECC and showed that it is more secure than the related protocols. Here, we first cryptanalyze their scheme and find the user impersonation and stolen mobile terminal attacks in it. To remove these limitations, we design an improved authentication protocol for smart grid environment. We formally verify the security of our scheme using ProVerif tool. Also we present its informal security analysis to prove that it is invulnerable to many known attacks. In comparative study, we show that our scheme provides more security features than the existing schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Uses of Wearable devices. https://www.smartgrid.gov/the_smart_grid/smart_grid.html. Accessed on Dec 2017

  2. Wearable Technology. https://en.wikipedia.org/wiki/Internet_of_things. Accessed on Dec 2017

  3. Alnasser A, Rikli NE (2014) Design of a trust security model for smart meters in an urban power grid network. In: Proceedings of the 10th ACM symposium on QoS and security for wireless and mobile networks, pp. 105–108. ACM

  4. Blanchet B et al. (2001) An efficient cryptographic protocol verifier based on prolog rules. In: csfw, vol. 1, pp 82–96

  5. Chan ACF, Zhou J (2014) Cyber-physical device authentication for the smart grid electric vehicle ecosystem. IEEE J Selected Areas Commun 32(7):1509–1517

    Article  Google Scholar 

  6. Chim TW, Yiu SM, Li VO, Hui LC, Zhong J (2015) Prga: Privacy-preserving recording & gateway-assisted authentication of power usage information for smart grid. IEEE trans Dependable Secure Comput 12(1):85–97

    Article  Google Scholar 

  7. Das AK (2016) A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Netwk Appl 9(1):223–244

    Article  Google Scholar 

  8. Doh I, Lim J, Chae K (2015) Secure authentication for structured smart grid system. In: Innovative mobile and internet services in ubiquitous computing (IMIS), 2015 9th international conference on, pp. 200–204. IEEE

  9. Fouda MM, Fadlullah ZM, Kato N, Lu R, Shen XS (2011) A lightweight message authentication scheme for smart grid communications. IEEE Trans Smart Grid 2(4):675–685

    Article  Google Scholar 

  10. Gazdar T, Rachedi A, Benslimane A, Belghith A (2012) A distributed advanced analytical trust model for vanets. In: Global communications conference (GLOBECOM), 2012 IEEE, pp. 201–206. IEEE

  11. Haddadou N, Rachedi A, Ghamri-Doudane Y (2015) A job market signaling scheme for incentive and trust management in vehicular ad hoc networks. IEEE Trans Vehicular Technol 64(8):3657–3674

    Article  Google Scholar 

  12. He D, Wang H, Khan MK, Wang L (2016) Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography. IET Commun 10(14):1795–1802

    Article  Google Scholar 

  13. Imgraben J, Engelbrecht A, Choo KKR (2014) Always connected, but are smart mobile users getting more security savvy? a survey of smart mobile device users. Behav Inform Technol 33(12):1347–1360

    Article  Google Scholar 

  14. Jo HJ, Kim IS, Lee DH (2016) Efficient and privacy-preserving metering protocols for smart grid systems. IEEE Trans Smart Grid 7(3):1732–1742

    Article  Google Scholar 

  15. Kaur D, Kumar D, Saini KK, Grover HS (2019) An improved user authentication protocol for wireless sensor networks. Trans Emerging Telecommun Technol 30(10):e3745

    Google Scholar 

  16. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in cryptology—CRYPTO’99, pp. 789–789. Springer

  17. Li H, Lu R, Zhou L, Yang B, Shen X (2014) An efficient merkle-tree-based authentication scheme for smart grid. IEEE Syst J 8(2):655–663

    Article  Google Scholar 

  18. Mahmood K, Chaudhry SA, Naqvi H, Shon T, Ahmad HF (2016) A lightweight message authentication scheme for smart grid communications in power sector. Comput Electr Eng 52:114–124

    Article  Google Scholar 

  19. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  Google Scholar 

  20. Nicanfar H, Jokar P, Beznosov K, Leung VC (2014) Efficient authentication and key management mechanisms for smart grid communications. IEEE Syst J 8(2):629–640

    Article  Google Scholar 

  21. Odelu V, Das AK, Goswami A (2015) A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans Inform Forensics Security 10(9):1953–1966

    Article  Google Scholar 

  22. Odelu V, Das AK, Goswami A (2016) Seap: secure and efficient authentication protocol for nfc applications using pseudonyms. IEEE Trans Consumer Electron 62(1):30–38

    Article  Google Scholar 

  23. Odelu V, Das AK, Wazid M, Conti M (2016) Provably secure authenticated key agreement scheme for smart grid. IEEE Trans Smart Grid

  24. Rachedi A, Benslimane A (2008) Security and pseudo-anonymity with a cluster-based approach for manet. In: Global telecommunications conference, 2008. IEEE GLOBECOM 2008. IEEE, pp. 1–6. IEEE

  25. Saxena N, Choi BJ, Lu R (2016) Authentication and authorization scheme for various user roles and devices in smart grid. IEEE Trans Inform Forensics Security 11(5):907–921

    Article  Google Scholar 

  26. Tsai JL, Lo NW (2016) Secure anonymous key distribution scheme for smart grid. IEEE Trans Smart Grid 7(2):906–914

    Google Scholar 

  27. Tseng YM, Huang SS, Tsai TT, Ke JH (2016) List-free id-based mutual authentication and key agreement protocol for multiserver architectures. IEEE Trans Emerging Topics Comput 4(1):102–112

    Article  Google Scholar 

  28. Wang D, Wang P (2016) Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE Transactions on Dependable and Secure Computing

  29. Wazid M, Das AK, Kumar N, Rodrigues JJ (2017) Secure three-factor user authentication scheme for renewable-energy-based smart grid environment. IEEE Trans Ind Inform 13(6):3144–3153

    Article  Google Scholar 

  30. Wu D, Zhou C (2011) Fault-tolerant and scalable key management for smart grid. IEEE Trans Smart Grid 2(2):375–381

    Article  Google Scholar 

  31. Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng 45:274–285

    Article  Google Scholar 

  32. Xia J, Wang Y (2012) Secure key distribution for the smart grid. IEEE Trans Smart Grid 3(3):1437–1443

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Division of Computer Engineering, NSIT, New Delhi, India

    Harmanpreet Singh Grover &  Adarsh

  2. Department of Information Technology, NSUT, New Delhi, India

    Devender Kumar

Authors
  1. Harmanpreet Singh Grover
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Adarsh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Devender Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Devender Kumar.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Grover, H.S., Adarsh & Kumar, D. Cryptanalysis and improvement of a three-factor user authentication scheme for smart grid environment. J Reliable Intell Environ 6, 249–260 (2020). https://doi.org/10.1007/s40860-020-00113-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s40860-020-00113-2

Keywords

Search

Navigation