IDEAS home Printed from https://ideas.repec.org/a/gam/jmathe/v11y2022i1p176-d1018987.html
   My bibliography  Save this article

Secure Authentication in the Smart Grid

Author

Listed:
  • Mehdi Hosseinzadeh

    (Institute of Research and Development, Duy Tan University, Da Nang 550000, Vietnam
    School of Medicine and Pharmacy, Duy Tan University, Da Nang 550000, Vietnam
    Computer Science, University of Human Development, Sulaymaniyah 0778-6, Iraq
    These authors contributed equally to this work.)

  • Rizwan Ali Naqvi

    (School of Intelligent Mechatronics Engineering, Sejong University, Seoul 05006, Republic of Korea
    These authors contributed equally to this work.)

  • Masoumeh Safkhani

    (Faculty of Computer Engineering, Shahid Rajaee Teacher Training University, Tehran 16788-15811, Iran
    School of Computer Science, Institute for Research in Fundamental Sciences (IPM), P.O. Box 19395-5746, Tehran 16788-15811, Iran
    These authors contributed equally to this work.)

  • Lilia Tightiz

    (School of Computing, Gachon University, 1342 Seongnamdaero, Seongnam 13120, Republic of Korea)

  • Raja Majid Mehmood

    (Information and Communication Technology Department, School of Computing and Data Science, Xiamen University Malaysia, Sepang 43900, Malaysia)

Abstract

Authenticated key agreement is a process in which protocol participants communicate over a public channel to share a secret session key, which is then used to encrypt data transferred in subsequent communications. LLAKEP, an authenticated key agreement protocol for Energy Internet of Things (EIoT) applications, was recently proposed by Zhang et al. While the proposed protocol has some interesting features, such as putting less computation on edge devices versus the server side, its exact security level is unclear. As a result, we shed light on its security in this paper through careful security analysis against various attacks. Despite the designers’ security claims in the random oracle model and its verification using GNY logic, this study demonstrates that this protocol has security weaknesses. We show that LLAKEP is vulnerable to traceability, dictionary, stolen smart glass, known session-specific temporary information, and key compromise impersonation attacks. Furthermore, we demonstrate that it does not provide perfect forward secrecy. To the best of our knowledge, it is the protocol’s first independent security analysis. To overcome the LLAKEP vulnerabilities, we suggested the LLAKEP + protocol, based on the same set of cryptographic primitives, namely the one-way hash function and ECC point multiplication. Our comprehensive security analysis demonstrates its resistance to different threats, such as impersonation, privileged insider assaults, and stolen smart glass attacks, along with its resistance to sophisticated assaults, such as key compromised impersonation (KCI) and known session-specific temporary information (KSTI). The overhead of the proposed protocol is acceptable compared to the provided security level.

Suggested Citation

  • Mehdi Hosseinzadeh & Rizwan Ali Naqvi & Masoumeh Safkhani & Lilia Tightiz & Raja Majid Mehmood, 2022. "Secure Authentication in the Smart Grid," Mathematics, MDPI, vol. 11(1), pages 1-24, December.
    • Handle: RePEc:gam:jmathe:v:11:y:2022:i:1:p:176-:d:1018987
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2227-7390/11/1/176/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2227-7390/11/1/176/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Jan Lansky & Amir Masoud Rahmani & Saqib Ali & Nasour Bagheri & Masoumeh Safkhani & Omed Hassan Ahmed & Mehdi Hosseinzadeh, 2021. "BCmECC: A Lightweight Blockchain-Based Authentication and Key Agreement Protocol for Internet of Things," Mathematics, MDPI, vol. 9(24), pages 1-17, December.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Mehdi Hosseinzadeh & Mazhar Hussain Malik & Masoumeh Safkhani & Nasour Bagheri & Quynh Hoang Le & Lilia Tightiz & Amir H. Mosavi, 2023. "Toward Designing a Secure Authentication Protocol for IoT Environments," Sustainability, MDPI, vol. 15(7), pages 1-16, March.
    2. Weichu Deng & Teng Huang & Haiyang Wang, 2022. "A Review of the Key Technology in a Blockchain Building Decentralized Trust Platform," Mathematics, MDPI, vol. 11(1), pages 1-29, December.
    3. Qingyun Xie & Zixuan Ding & Qi Xie, 2023. "A Lightweight and Privacy-Preserving Authentication Protocol for Healthcare in an IoT Environment," Mathematics, MDPI, vol. 11(18), pages 1-17, September.

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:11:y:2022:i:1:p:176-:d:1018987. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.