Abstract
Electric Vehicles (EVs) are more and more charged at public Charge Points (CPs) using Plug-and-Charge (PnC) protocols such as the ISO 15118 standard which eliminates user interaction for authentication and authorization. Currently, this requires a rather complex Public Key Infrastructure (PKI) and enables driver tracking via the included unique identifiers. In this paper, we propose an approach for using Self-Sovereign Identities (SSIs) as trusted credentials for EV charging authentication and authorization which overcomes the privacy problems and the issues of a complex centralized PKI. Our implementation shows the feasibility of our approach with ISO 15118, meaning that existing roles/features can be supported and that existing timing/size constraints of the ISO standard can be met. The security and privacy of the proposed approach is shown in a formal analysis using the Tamarin prover.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We omit the part for private environments since it is not relevant for our work.
- 2.
Combining credentials, 2018, https://github.com/w3c/vc-data-model/issues/112.
- 3.
DID resolution, W3C, 2021, https://w3c-ccg.github.io/did-resolution/.
- 4.
- 5.
While it would be possible to generate the Provisioning DID key pair in the EV (similar to [13, 16]) and have the OEM only collect a signature over the steward’s nonce from the EV (which would prevent the EV’s private key material from ever leaving the EV), we believe that this method may result in scalability issues. Additionally, one may assume a secure OEM to EV relation during production (in a controlled environment), which limits the security benefit of exclusive key possession by the EV.
- 6.
- 7.
Hyperledger, 2021, https://www.hyperledger.org.
- 8.
Indy SDK, 2021, https://github.com/hyperledger/indy-sdk#libindy-wrappers.
- 9.
The measurements were performed on a Lenovo Thinkpad T480 with Intel® Core™ i5-8250U CPU @ 1.60 GHz \(\times \) 8, 15.5 GiB Ram, running Ubuntu 20.04.3 LTS 64-bit.
- 10.
- 11.
Using a Lenovo ThinkPad T14 Gen 1 with 16GB RAM.
References
Bradbury, M., Taylor, P., Atmaca, U.I., Maple, C., Griffiths, N.: Privacy challenges with protecting live vehicular location context. IEEE Access 8, 207465–207484 (2020)
ChargePoint, DigiCert, Eonti: Practical considerations for implementation and scaling iso 15118 into a secure ev charging ecosystem, May 2019. https://www.chargepoint.com/files/15118whitepaper.pdf
Delaune, S., Hirschi, L.: A survey of symbolic methods for establishing equivalence-based properties in cryptographic protocols. J. Log. Algebraic Methods Programm. 87, 127–144 (2017)
DIN Standards Committee Road Vehicle Engineering: Electromobility - Digital communication between a d.c. EV charging station and an electric vehicle for control of d.c. charging in the Combined Charging System. DIN SPEC 70121:2014–12, Deutsches Institut für Normung (DIN) (12 2014)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
ElaadNL: EV related protocol study, January 2017. https://www.elaad.nl/research/ev-related-protocol-study/
ElaadNL: Exploring the public key infrastructure for iso 15118 in the ev charging ecosystem, November 2018. https://www.elaad.nl/news/publication-exploring-the-public-key-infrastructure-for-iso-15118-in-the-ev-charging-ecosystem/
Falk, R., Fries, S.: Electric vehicle charging infrastructure security considerations and approaches. In: Proceedings of INTERNET, pp. 58–64 (2012)
Fazouane, M., Kopp, H., van der Heijden, R.W., Le Métayer, D., Kargl, F.: Formal verification of privacy properties in electric vehicle charging. In: Piessens, F., Caballero, J., Bielova, N. (eds.) ESSoS 2015. LNCS, vol. 8978, pp. 17–33. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15618-7_2
Firoozjaei, M.D., Ghorbani, A., Kim, H., Song, J.: EVChain: a blockchain-based credit sharing in electric vehicles charging. In: 2019 17th International Conference on Privacy, Security and Trust (PST). IEEE, August 2019. https://doi.org/10.1109/PST47121.2019.8949026
Foundation, H.: Getting started with libvcx. https://github.com/hyperledger/indy-sdk/blob/master/vcx/docs/getting-started/getting-started.md (2021). Accessed 28 Feb 2023
Foundation, H.: Hyperledger aries rfc 0036 (2021). https://github.com/hyperledger/aries-rfcs/blob/main/features/0036-issue-credential/README.md. Accessed 28 Feb 2023
Fuchs, A., Kern, D., Krauß, C., Zhdanova, M.: HIP: HSM-based identities for plug-and-charge. In: Proceedings of the 15th International Conference on Availability, Reliability and Security, ARES 2020, Association for Computing Machinery, New York (2020). https://doi.org/10.1145/3407023.3407066. https://doi.org/10.1145/3407023.3407066
Fuchs, A., Kern, D., Krauß, C., Zhdanova, M.: Securing electric vehicle charging systems through component binding. In: Casimiro, A., Ortmeier, F., Bitsch, F., Ferreira, P. (eds.) SAFECOMP 2020. LNCS, vol. 12234, pp. 387–401. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-54549-9_26
Fuchs, A., Kern, D., Krauß, C., Zhdanova, M.: TrustEV: trustworthy electric vehicle charging and billing. In: Proceedings of the 35th ACM/SIGAPP Symposium on Applied Computing SAC 2020. ACM (2020). https://doi.org/10.1145/3341105.3373879
Fuchs, A., Kern, D., Krauß, C., Zhdanova, M., Heddergott, R.: HIP-20: Integration of vehicle-HSM-generated credentials into plug-and-charge infrastructure. In: Computer Science in Cars Symposium. CSCS ’20, Association for Computing Machinery, New York (2020). https://doi.org/10.1145/3385958.3430483, https://doi.org/10.1145/3385958.3430483
Han, W., Xiao, Y.: Privacy preservation for V2G networks in smart grid: a survey. Comput. Commun. 91, 17–28 (2016)
Hoess, A., Roth, T., Sedlmeir, J., Fridgen, G., Rieger, A.: With or without blockchain? towards a decentralized, ssi-based eroaming architecture. In: Hawaii International Conference on System Sciences (2022)
Höfer, C., Petit, J., Schmidt, R., Kargl, F.: Popcorn: privacy-preserving charging for emobility. In: Proceedings of the 2013 ACM Workshop on Security, Privacy & Dependability for Cyber Vehicles, pp. 37–48 (2013)
IEC: Electric vehicle conductive charging system - Part 1: General requirements. IEC Standard 61851–1:2017, International Electrotechnical Commission (2017)
ISO/IEC: Road vehicles - Vehicle-to-Grid Communication Interface - Part 2: Network and application protocol requirements. ISO Standard 15118–2:2014, ISO, Geneva, Switzerland, April 2014
ISO/IEC: Road vehicles - vehicle-to-grid communication interface - part 2: Network and application protocol requirements. ISO/DIS 15118–2:2018, International Organization for Standardization, Geneva, Switzerland, December 2018
Kaiser, C.: Plug in and charge aka autocharge aka plug & charge (2022). https://www.linkedin.com/pulse/plug-charge-aka-autocharge-chris-kaiser. Accessed 26 Sept 20213
Kern, D., Krauß, C.: Analysis of e-mobility-based threats to power grid resilience. In: Proceedings of the 5th ACM Computer Science in Cars Symposium, pp. 1–12 (2021)
Kern, D., Krauß, C.: Detection of e-mobility-based attacks on the power grid. In: 2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 352–365. IEEE (2023)
Kern, D., Krauß, C., Lauser, T., Alnahawi, N., Wiesmaier, A., Niederhagen, R.: Quantumcharge: Post-quantum cryptography for electric vehicle charging. In: International Conference on Applied Cryptography and Network Security, pp. 85–111. Springer (2023).https://doi.org/10.1007/978-3-031-33491-7_4
Kern, D., Lauser, T., Krauß, C.: Integrating privacy into the electric vehicle charging architecture. Proc. Privacy Enhancing Technol. 3, 140–158 (2022)
Khovratovich, D., Lodder, M.: Anonymous credentials with type-3 revocation (2018). https://github.com/hyperledger/indy-crypto/blob/master/libindy-crypto/docs/AnonCred.pdf
Knirsch, F., Unterweger, A., Engel, D.: Privacy-preserving blockchain-based electric vehicle charging with dynamic tariff decisions. Comput. Sci.-Res. Dev. 33(1–2), 71–79 (2018)
Langer, L., Skopik, F., Kienesberger, G., Li, Q.: Privacy issues of smart e-mobility. In: IECON 2013–39th Annual Conference of the IEEE Industrial Electronics Society, pp. 6682–6687. IEEE (2013)
Li, H., Dan, G., Nahrstedt, K.: Portunes: privacy-preserving fast authentication for dynamic electric vehicle charging. In: 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 920–925. IEEE (2014)
Li, H., Dán, G., Nahrstedt, K.: Portunes+: privacy-preserving fast authentication for dynamic electric vehicle charging. IEEE Trans. Smart Grid 8(5), 2305–2313 (2016)
Lowe, G.: A hierarchy of authentication specifications. In: Proceedings 10th Computer Security Foundations Workshop, pp. 31–43. IEEE (1997)
Lux, Z.A., Thatmann, D., Zickau, S., Beierle, F.: Distributed-Ledger-based Authentication with Decentralized Identifiers and Verifiable Credentials. In: 2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS). IEEE, Sept 2020. https://doi.org/10.1109/BRAINS49436.2020.9223292
Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_48
Monteuuis, J.P., Petit, J., Zhang, J., Labiod, H., Mafrica, S., Servel, A.: Attacker model for connected and automated vehicles. In: ACM COMPUTER SCIENCE IN CARS SYMPOSIUM (2018)
Mustafa, M.A., Zhang, N., Kalogridis, G., Fan, Z.: Roaming electric vehicle charging and billing: an anonymous multi-user protocol. In: 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 939–945. IEEE (2014)
OCA: Open Charge Point Protocol 2.0.1 - Part 2 - Specification. Open standard, Open Charge Alliance, Arnhem, Netherlands, March 2020. https://www.openchargealliance.org/protocols/ocpp-201/
Open Fastcharging Alliancey: Autocharge (2017). https://github.com/openfastchargingalliance/openfastchargingalliance/blob/master/autocharge-final.pdf. Accessed 27 Sept 2023
Paverd, A., Martin, A., Brown, I.: Modelling and automatically analysing privacy properties for honest-but-curious adversaries. Technical report (2014)
Reed, D., Sporny, M., Longley, D., Allen, C., Grant, R., Sabadello, M.: Decentralized Identifiers (DIDs) v1.0 W3C Candidate Recommendation Draft, May 2021
Richter, D., Anke, J.: Exploring potential impacts of self-sovereign identity on smart service systems: an analysis of electric vehicle charging services. In: Business Information Systems, pp. 105–116 (2021)
Sabadello, M., et al.: Introduction to DID Auth. Rebooting the Web of Trust VI, July 2018
Sporny, M., Longley, D., Chadwick, D.: Verifiable Credentials Data Model v1.1. (2021). https://w3.org/TR/vc-data-model/. Accessed 23 Nov 2021
V2G Clarity: RISE-V2G (2017). https://github.com/SwitchEV/RISE-V2G. Accessed 29 Nov 2021
VDE: Handling of certificates for electric vehicles, charging infrastructure and backend systems within the framework of iso 15118. VDE-AR-E 2802–100-1:2019–12, December 2019
Won, J., Singla, A., Bertino, E., Bollella, G.: Decentralized public key infrastructure for internet-of-things. In: MILCOM 2018–2018 IEEE Military Communications Conference (MILCOM), pp. 907–913. IEEE (2018)
Xu, S., Chen, X., He, Y.: EVchain: an anonymous blockchain-based system for charging-connected electric vehicles. Tsinghua Sci. Technol. 26(6), December 2021. https://doi.org/10.26599/TST.2020.9010043
Zelle, D., Springer, M., Zhdanova, M., Krauß, C.: Anonymous charging and billing of electric vehicles. In: Proceedings of the 13th International Conference on Availability, Reliability and Security, pp. 1–10 (2018)
Zhao, T., Zhang, C., Wei, L., Zhang, Y.: A secure and privacy-preserving payment system for electric vehicles. In: 2015 IEEE International Conference on Communications (ICC), pp. 7280–7285. IEEE (2015)
Acknowledgements
This research work has been partly funded by the German Federal Ministry of Education and Research and the Hessian Ministry of Higher Education, Research, Science and the Arts within their joint support of the National Research Center for Applied Cybersecurity ATHENE and the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) - project number 503329135.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Kailus, A., Kern, D., Krauß, C. (2024). Self-sovereign Identity for Electric Vehicle Charging. In: Pöpper, C., Batina, L. (eds) Applied Cryptography and Network Security. ACNS 2024. Lecture Notes in Computer Science, vol 14585. Springer, Cham. https://doi.org/10.1007/978-3-031-54776-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-54776-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-54775-1
Online ISBN: 978-3-031-54776-8
eBook Packages: Computer ScienceComputer Science (R0)