Abstract
Nowadays, smart grid technology has become popular because it provides intelligent and distributed electrical power transmission systems. One of its main applications is to charge the electric vehicles. To provide a secure communication between a user and a smart meter and during the peak hours, authentication is necessary between them. Recently, Wazid et al. have discussed a three factor authentication (3FA) scheme for smart grid environment using ECC and showed that it is more secure than the related protocols. Here, we first cryptanalyze their scheme and find the user impersonation and stolen mobile terminal attacks in it. To remove these limitations, we design an improved authentication protocol for smart grid environment. We formally verify the security of our scheme using ProVerif tool. Also we present its informal security analysis to prove that it is invulnerable to many known attacks. In comparative study, we show that our scheme provides more security features than the existing schemes.
Similar content being viewed by others
References
Uses of Wearable devices. https://www.smartgrid.gov/the_smart_grid/smart_grid.html. Accessed on Dec 2017
Wearable Technology. https://en.wikipedia.org/wiki/Internet_of_things. Accessed on Dec 2017
Alnasser A, Rikli NE (2014) Design of a trust security model for smart meters in an urban power grid network. In: Proceedings of the 10th ACM symposium on QoS and security for wireless and mobile networks, pp. 105–108. ACM
Blanchet B et al. (2001) An efficient cryptographic protocol verifier based on prolog rules. In: csfw, vol. 1, pp 82–96
Chan ACF, Zhou J (2014) Cyber-physical device authentication for the smart grid electric vehicle ecosystem. IEEE J Selected Areas Commun 32(7):1509–1517
Chim TW, Yiu SM, Li VO, Hui LC, Zhong J (2015) Prga: Privacy-preserving recording & gateway-assisted authentication of power usage information for smart grid. IEEE trans Dependable Secure Comput 12(1):85–97
Das AK (2016) A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Netwk Appl 9(1):223–244
Doh I, Lim J, Chae K (2015) Secure authentication for structured smart grid system. In: Innovative mobile and internet services in ubiquitous computing (IMIS), 2015 9th international conference on, pp. 200–204. IEEE
Fouda MM, Fadlullah ZM, Kato N, Lu R, Shen XS (2011) A lightweight message authentication scheme for smart grid communications. IEEE Trans Smart Grid 2(4):675–685
Gazdar T, Rachedi A, Benslimane A, Belghith A (2012) A distributed advanced analytical trust model for vanets. In: Global communications conference (GLOBECOM), 2012 IEEE, pp. 201–206. IEEE
Haddadou N, Rachedi A, Ghamri-Doudane Y (2015) A job market signaling scheme for incentive and trust management in vehicular ad hoc networks. IEEE Trans Vehicular Technol 64(8):3657–3674
He D, Wang H, Khan MK, Wang L (2016) Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography. IET Commun 10(14):1795–1802
Imgraben J, Engelbrecht A, Choo KKR (2014) Always connected, but are smart mobile users getting more security savvy? a survey of smart mobile device users. Behav Inform Technol 33(12):1347–1360
Jo HJ, Kim IS, Lee DH (2016) Efficient and privacy-preserving metering protocols for smart grid systems. IEEE Trans Smart Grid 7(3):1732–1742
Kaur D, Kumar D, Saini KK, Grover HS (2019) An improved user authentication protocol for wireless sensor networks. Trans Emerging Telecommun Technol 30(10):e3745
Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in cryptology—CRYPTO’99, pp. 789–789. Springer
Li H, Lu R, Zhou L, Yang B, Shen X (2014) An efficient merkle-tree-based authentication scheme for smart grid. IEEE Syst J 8(2):655–663
Mahmood K, Chaudhry SA, Naqvi H, Shon T, Ahmad HF (2016) A lightweight message authentication scheme for smart grid communications in power sector. Comput Electr Eng 52:114–124
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Nicanfar H, Jokar P, Beznosov K, Leung VC (2014) Efficient authentication and key management mechanisms for smart grid communications. IEEE Syst J 8(2):629–640
Odelu V, Das AK, Goswami A (2015) A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans Inform Forensics Security 10(9):1953–1966
Odelu V, Das AK, Goswami A (2016) Seap: secure and efficient authentication protocol for nfc applications using pseudonyms. IEEE Trans Consumer Electron 62(1):30–38
Odelu V, Das AK, Wazid M, Conti M (2016) Provably secure authenticated key agreement scheme for smart grid. IEEE Trans Smart Grid
Rachedi A, Benslimane A (2008) Security and pseudo-anonymity with a cluster-based approach for manet. In: Global telecommunications conference, 2008. IEEE GLOBECOM 2008. IEEE, pp. 1–6. IEEE
Saxena N, Choi BJ, Lu R (2016) Authentication and authorization scheme for various user roles and devices in smart grid. IEEE Trans Inform Forensics Security 11(5):907–921
Tsai JL, Lo NW (2016) Secure anonymous key distribution scheme for smart grid. IEEE Trans Smart Grid 7(2):906–914
Tseng YM, Huang SS, Tsai TT, Ke JH (2016) List-free id-based mutual authentication and key agreement protocol for multiserver architectures. IEEE Trans Emerging Topics Comput 4(1):102–112
Wang D, Wang P (2016) Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE Transactions on Dependable and Secure Computing
Wazid M, Das AK, Kumar N, Rodrigues JJ (2017) Secure three-factor user authentication scheme for renewable-energy-based smart grid environment. IEEE Trans Ind Inform 13(6):3144–3153
Wu D, Zhou C (2011) Fault-tolerant and scalable key management for smart grid. IEEE Trans Smart Grid 2(2):375–381
Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng 45:274–285
Xia J, Wang Y (2012) Secure key distribution for the smart grid. IEEE Trans Smart Grid 3(3):1437–1443
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Grover, H.S., Adarsh & Kumar, D. Cryptanalysis and improvement of a three-factor user authentication scheme for smart grid environment. J Reliable Intell Environ 6, 249–260 (2020). https://doi.org/10.1007/s40860-020-00113-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40860-020-00113-2