Multicast Delayed Authentication for Streaming Synchrophasor Data in the Smart Grid

  • Sérgio Câmara
  • Dhananjay Anand
  • Victoria Pillitteri
  • Luiz Carmo
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 471)

Abstract

Multicast authentication of synchrophasor data is challenging due to the design requirements of Smart Grid monitoring systems such as low security overhead, tolerance of lossy networks, time-criticality and high data rates. In this work, we propose inf-TESLA, Infinite Timed Efficient Stream Loss-tolerant Authentication, a multicast delayed authentication protocol for communication links used to stream synchrophasor data for wide area control of electric power networks. Our approach is based on the authentication protocol TESLA but is augmented to accommodate high frequency transmissions of unbounded length. inf-TESLA protocol utilizes the Dual Offset Key Chains mechanism to reduce authentication delay and computational cost associated with key chain commitment. We provide a description of the mechanism using two different modes for disclosing keys and demonstrate its security against a man-in-the-middle attack attempt. We compare our approach against the TESLA protocol in a 2-day simulation scenario, showing a reduction of 15.82 % and 47.29 % in computational cost, sender and receiver respectively, and a cumulative reduction in the communication overhead.

Keywords

Multicast authentication Smart grid Synchrophasors Wide area monitoring protection and control 

References

  1. 1.
    Greer, C., et al.: NIST Framework and Roadmap for Smart Grid Interoperability Standards. Technical report, NIST (2014)Google Scholar
  2. 2.
    Anderson, R., Bergadano, F., Crispo, B., Lee, J.H., Manifavas, C., Needham, R.: A new family of authentication protocols. ACM SIGOPS Operat. Syst. Rev. 32, 9–20 (1998)CrossRefGoogle Scholar
  3. 3.
    Barker, E., Roginsky, A.: Recommendation for transitioning the use of cryptographic algorithms and key lengths. In: SP 800–131A Transitions (2011)Google Scholar
  4. 4.
    Dai, W.: Crypto++ 5.6. 0 benchmarks. Website at (2009). http://www.cryptopp.com/benchmarks.html
  5. 5.
    International Electrotechnical Commission: IEC TS 62351-1 Power systems management and associated information exchange - Data and communications - Part 1:Communication network and system security-Introduction to security issues (2007)Google Scholar
  6. 6.
    Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Law, Y.W., Gong, Z., Luo, T., Marusic, S., Palaniswami, M.: Comparative study of multicast authentication schemes with application to wide-area measurement system. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, p. 287 (2013)Google Scholar
  8. 8.
    Li, Q., Cao, G.: Multicast authentication in the smart grid with one-time signature. IEEE Trans. Smart Grid 2, 686–696 (2011)CrossRefGoogle Scholar
  9. 9.
    Liscouski, B., Elliot, W.: Final report on the August 14, 2003 blackout in the United States and Canada: Causes and recommendations. A report to US Department of Energy 40(4) (2004)Google Scholar
  10. 10.
    Liu, D., Ning, P.: Multilevel \(\mu \)TESLA: Broadcast authentication for distributed sensor networks. ACM Trans. Embed. Comput. Syst. 3, 800–836 (2004)CrossRefGoogle Scholar
  11. 11.
    Patel, M., Aivaliotis, S., Ellen, E.: Real-time application of synchrophasors for improving reliability. NERC Report, October 2010Google Scholar
  12. 12.
    Perrig, A.: The BiBa one-time signature and broadcast authentication protocol. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, p. 28 (2001)Google Scholar
  13. 13.
    Perrig, A., Canetti, R., Song, D.: Efficient and secure source authentication for multicast. In: Proceedings of the Internet Society Network and Distributed System Security Symposium, pp. 35–46 (2001)Google Scholar
  14. 14.
    Perrig, A., Canetti, R., Tygar, J.D., Song, D.: Efficient authentication and signing of multicast streams over lossy channels. Proc. IEEE Symp. Secur. Priv. 28913, 56–73 (2000)Google Scholar
  15. 15.
    Perrig, A., Canetti, R., Tygar, J., Song, D.: The TESLA broadcast authentication protocol. CryptoBytes Summer/Fall 5, 2–13 (2002)Google Scholar
  16. 16.
    Perrig, A., Song, D., Canetti, R., Tygar, J., Briscoe, B.: Timed efficient stream loss-tolerant authentication (TESLA): Multicast source authentication transform introduction. Int. Soci. RFC 4082, 1–22 (2005)Google Scholar
  17. 17.
    Perrig, A., Szewczyk, R., Tygar, J., Wen, V., Culler, D.E.: Spins: Security protocols for sensor networks. Wireless Netw. 8(5), 521–534 (2002)CrossRefMATHGoogle Scholar
  18. 18.
    Reyzin, L., Reyzin, N.: Better than BiBa: Short one-time signatures with fast signing and verifying. Inf. Secur. Priv. 2384, 1–47 (2002)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Studer, A., Bai, F., Bellur, B., Perrig, A.: Flexible, extensible, and efficient VANET authentication. J. Commun. Netw. 11, 574–588 (2009)CrossRefGoogle Scholar
  20. 20.
    Tuffner, F.: Phasor Measurement Unit Application Data Requirements. Technical report, Pacific Northwest National Laboratory (2014)Google Scholar
  21. 21.
    UCTE: Final Report of the Investigation Committee on the 28 September 2003Blackout in Italy. Technical Report April, Union for the Coordination of the Transmission of Electricity (2004)Google Scholar
  22. 22.
    Ugus, O., Westhoff, D., Bohli, J.M.: A rom-friendly secure code update mechanism for wsns using a stateful-verifier \(\tau \)-time signature scheme. In: Proceedings of the Second ACM Conference on Wireless Network Security, pp. 29–40. ACM (2009)Google Scholar
  23. 23.
    Wang, Q., Khurana, H., Huang, Y., Nahrstedt, K.: Time valid one-time signature for time-critical multicast data authentication. In: Proceedings - IEEE INFOCOM, pp. 1233–1241 (2009)Google Scholar
  24. 24.
    Wang, W., Lu, Z.: Cyber security in the Smart Grid: Survey and challenges. Comput. Netw. 57(5), 1344–1371 (2013)CrossRefGoogle Scholar
  25. 25.
    Zhu, K., Nordstrom, L., Al-Hammouri, A.: Examination of data delay and packet loss for wide-area monitoring and control systems. In: 2012 IEEE International Energy Conference and Exhibition (ENERGYCON), pp. 927–934, Sept 2012Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2016

Authors and Affiliations

  • Sérgio Câmara
    • 1
  • Dhananjay Anand
    • 2
  • Victoria Pillitteri
    • 2
  • Luiz Carmo
    • 1
  1. 1.National Institute of Metrology, Quality and TechnologyDuque de CaxiasBrazil
  2. 2.National Institute of Standards and TechnologyGaithersburgUSA

Personalised recommendations