This paper presents the vulnerabilities analyses of KL scheme which is an ID-based authentication scheme for AMI network attached SCADA in smart grid and proposes a security-enhanced authentication scheme which satisfies forward secrecy as well as security requirements introduced in KL scheme and also other existing schemes. The proposed scheme uses MDMS which is the supervising system located in an electrical company as a time-synchronizing server in order to synchronize smart devices at home and conducts authentication between smart meter and smart devices using a new secret value generated by an OTP generator every session. The proposed scheme has forward secrecy, so it increases overall security, but its communication and computation overhead reduce its performance slightly, comparing the existing schemes. Nonetheless, hardware specification and communication bandwidth of smart devices will have better conditions continuously, so the proposed scheme would be a good choice for secure AMI environment.

1. Introduction

Smart grid is a convergence technology adding information technology to a conventional electrical power grid to bilaterally exchange and use real-time information electricity generated in a power plant with users through the core infrastructure of AMI (advanced metering infrastructure) [13]. Consumers can utilize AMI to monitor power use in real time and save household and company energy cost, contributing to an appropriate level of energy production, lower production cost, and higher confidence on sustainable energy supply [13]. Also, more new and renewable energy is used to help overcome global environmental problems [4]. With such a widespread smart grid environment, smart grid security has also become significant [3, 5].

The existing power grid operated in a closed net, effectively distancing itself from people having malicious intentions [6, 7]. However, smart grid puts the grid device in the customer domain, making its power net vulnerable to malicious attacks both online and offline. Malicious attacks can be made by penetrating into an upper-level power grid system through smart grid devices or by taking over a user’s device to send false information or infringing private information by using a user’s power consumption pattern and so forth [810].

To prevent such malicious attacks, devices installed in the users’ domain and power suppliers’ own system should securely communicate. To this end, more researches are necessary to find a way for supplier systems to authenticate user-domain devices and allow only valid users to transmit data [3, 511].

This paper proposes a novel scheme for improving security aspects of KL scheme [12] in order to provide forward secrecy. We, in this paper, investigate the previous research results first, then make suggestions on how to provide forward secrecy where the existing schemes did not pay attention. To guarantee forward secrecy, we propose the time synchronization scheme OTP to let undisclosed values change. The proposed scheme herein satisfies every security requirement of the KL scheme and adds hash calculation and communication frequency for forward secrecy.

The proposed scheme added a function of time synchronization server to the meter data management system (MDMS) to resolve the problem of having a separate set of time synchronization server but it requires one more round of communication for time synchronization to make the total communication frequency of four. Based on the analysis of the proposed time synchronized OTP scheme, we show the best time and the best conditions for using that scheme.

This paper is structured as follows. Sections 2 and 3 introduce AMI components and previous security schemes with their weak points or problems. Section 4 proposes a security protocol to increase the security aspects of the existing schemes. Section 5 presents a comparison of security and performance between the existing schemes and the proposed one. Section 6 finishes by drawing a conclusion.

In this section, we look at the components of AMI as described in previous researches and analyze those authentication schemes.

2.1. AMI Components

AMI components, as in Figure 1, are identified centering on the MDMS as the upper system in a power company; Smart Meter, communication system connecting a power company and household’s smart meter; household devices, and so forth. For smart meter’s authentication of devices, we adopted the power line communication (PLC), a power line communication, and ZigBee through home area network (HAN). The neighborhood area network (NAN) is used for communication between smart meter and MDMS for data transmission.

2.2. KL Scheme

The KL scheme proposed by Kim and Lee in [12] encodes , an undisclosed value created by the device, and saves it in the device itself and smart meter to create information necessary for authentication based on the security of the value. Then it performs authentication and verification, as describe in Figure 2. The device creates an authentication key to make possible the inference of a random number of included in an undisclosed individual value transmitted in the registration stage during the smart meter authentication process. Then it sends the value to smart meter to proceed with authentication and identify device through ID identifiers. value is not shown during communication so that value can hardly be inferred. By combining existing information and data sent from the device for mutual authentication, the proposed scheme generates value based on the smart meter-generated for successful mutual authentication.

Nonrepudiation is possible in authentication and data exchange between smart meter and MDMS as private keys are sent only to specifically intended MDMSs by using smart meter MACAddr and hash-calculated private keys to encode data. And the MDMSs receiving the data send their ’s to smart meter to identify MDMS when transmitting power, ensuring power information is sent to a right MDMS.

3. Vulnerabilities of KL Scheme

The KL scheme deals with device-smart meter-MDMS authentication and data transmission to help resolve problems such as, for instance, an external device accesses smart meter to increase power use in an AMI network environment or raise charges. Also as regular communication is made between smart meter and MDMS, we suggested a scheme that requires less calculation and less communication frequency for faster data processing when multiple smart meters send data to MDMS to authenticate smart meters securely and send data effectively. But the undisclosed value of is fixed, which is used for device-smart meter authentication and data transmission, and each session needs it for operation. Therefore, if a disclosed key or value is inferred and exposed, those values already used for session performance to complete transmission could be assessed by malicious attackers, risking forward secrecy.

Forward secrecy refers to a situation where a malicious attacker who happened to make a successful attack to know current communication information should not be able to trace previous secret information only with that disclosed information.

The undisclosed value of KF scheme, is secured as devices and smart meters exchanged in the registration status. But if any malicious attackers get to know value or symmetric key at any given point, they can infer the undisclosed value of after getting communication information from successful attacks on the authentication stage communication. Thus, past information records are easily captured by malicious attackers in the system.

4. Security-Enhanced ID-Based Authentication

In this section, we propose a security scheme using IDs for authentication as described in the KL scheme yet in a further improved version with better forward secrecy protection than previous design protocols. The proposed scheme herein is an encryption to calculate through OTP function an undisclosed value and the present time based on the time synchronized by the time synchronization to allow the undisclosed value to change.

The proposed ID-based authentication scheme is an advanced version that guarantees to meet all of the security requirements while guaranteeing forward secrecy at the same time.

4.1. Terms

Codes and terms used for the protocol herein are defined as follows:: Meter data: Session keys shared by each entityMACAddr: MAC address of smart meter: Name of *: Transmission hour value of *: Random number created by *: Passwords entered by * in synchronization: Encryption by using *’s key: One-way hash function: OTP function: MDMS global time synchronization value: Smart meter global time synchronization value: Private key of smart meter: Bit combination.

4.2. The Proposed Scheme

An authentication scheme is suggested to help resolve forward secrecy problems by using MDMS, of the KL scheme components, as a global time synchronization server to activate the time synchronization OTP scheme. The suggested scheme requests a time synchronization value of to the time synchronization server MDMS in the smart meter registration phase to perform smart meter’s time synchronization. Smart meters with completed synchronization send to devices for smart meter time synchronization at any registration request by a device to synchronize time between smart meter and devices. After synchronization, the device calculates the present time Time of the synchronized time and the undisclosed value of through OTP function to encryption. The time synchronization OTP scheme is performed in line with the order as follows.

Phase 1: Smart Meter Registration and Time Synchronization. MDMS used for registration and time synchronization stages functions as a global time synchronization server. Smart meter, during registration, sends a request of the time synchronization value of to MDMS. The receiving MDMS generates value based on the global time of request receipt from smart meter and sent it back to smart meter. Smart meter, then, synchronizes time with MDMS versus . Smart meter registration and time synchronization procedures are as follows in Figure 3.(1)Smart meter produces by calculating its own private key ’s hash-calculated value with smart meter’s MACAddr. Then the produced value is bit combined with , MACAddr and encrypted by using disclosed MDMS key and information, in addition the request for time synchronization is sent to MDMS. Consider (2) MDMS produces the time synchronization value of TMDMS based on and decodes the transmitted data which was encrypted with an MDMS disclosed key by using a private key. Based on the decoded value of and MACAddr, it draws out smart meter’s hash-calculated private key . In the authentication phase, it saves MACAddr and in MDMS to make a proper search of by using identifier MACAddr. Consider (3)After saving a private key of smart meter, MDMS performs bit combination between MDMS ID of IDMD, , and MACAddr transmitted from smart meter and , the time synchronization value. Then with the extracted hash-calculated private key of smart meter , it encodes the value and sends to smart meter. Consider (4) Smart meter decodes the received value by using hash-calculated private key and carries out time synchronization through the time synchronization value of . After time synchronization, MDMS’ ID of IDMD is saved in smart meter to complete smart meter-MDMS registration. Consider Time synchronization to .

Phase 2: Device Registration and Time Synchronization. Devices encrypt and send undisclosed values with a symmetric key in the smart meter registration phase and send it. And at the same time, they request a synchronization value. Smart meter uses a symmetric key to decode the undisclosed value and save device ID to identify the undisclosed value and device. Smart meter produces the time synchronization value of and produces through undisclosed value from devices and device identifier . The produced is encrypted with a symmetric key and sent to a device. The device decodes the received value and extracts and saves the value then completes the time synchronization and registration phase. The registration and time synchronization procedures are shown in Figure 4.(1)Devices, to generate undisclosed value of , conduct hash calculation of the password entered initially to start the device and device ID, ; then they calculate final values with the random number value created by the device. Consider (2)Devices use a mutually-shared symmetric key for encryption of to securely send the undisclosed value to smart meter. By bit combining the encrypted value with device identifier , they request the time synchronization value while sending it to smart meter. Consider (3)Smart meter extracts value from the value it received and deciphers the encrypted undisclosed value and saves and in smart meter. Consider (4)Smart meter, in order for a device to decode the time synchronization value, performs hash calculation by using device ID, , and , then calculates them with the time synchronization value to produce . The generated value is encoded with a shared symmetric key and sent to a device from smart meter. Consider (5)The device uses the symmetric key to decipher the received value and extracts from the time synchronization value to perform time synchronization between smart meter and the device. Here, based on the time synchronization value of , the present time value generating every fixed period is . Consider Time synchronization to .

Phase 3: Authentication. In the device registration and time synchronization stage, devices and smart meters completing undisclosed value transmission and time synchronization store undisclosed value and to identify devices. Devices and smart meters are time synchronized by to generate the value of present time that has a certain cycle and create final value through .

Using the generated value , devices produce , , and then send , , , and to smart meter. Smart meter calculates the value by itself and also calculates the value which is not transmitted through the communication. And then smart meter performs authentication using , , and . If the authentication succeeds, they produce value based on value . Mutual authentication between device and smart meter remains secure by not exchanging value through communication.

Even though value is noticed by inferring, values change each session; thus the produced value of varies from session to session to satisfy forward secrecy. Authentication steps are shown in Figure 5.

(1)Devices use and the present time value of synchronized devices, which are synchronized every session based on through function to produce value and calculate , , by using the time stamp value of that changes secret number each session along with the random number generated in the registration stage, the undisclosed value , and the device ID value. Consider (2)Devices send , , , and to smart meter excluding value of the generated values. Smart meter, just as devices, generates value. Consider (3)Smart meter performs hash calculation of and the values generated by and smart meter of the received values to produce and extracts random value based on to get the value of , necessary for authentication. Consider (4)After comparing received from smart meter and the produced value , the authentication process is completed. If authentication succeeds, the value of is produced to be used for mutual authentication through , value, and smart meter’s time stamp value . It is sent to devices, including the smart meter’s time stamp . Consider (5)Devices produce value based on the received and compare with the received value to perform mutual authentication. Consider

5. Security and Performance

KL’s device authentication scheme shares value after encryption in the registration stage and conducts authentication while hiding the secrecy of the value. In this scheme, the main data of is not shared in the process of communication to keep its secrecy and as secret key is hash calculated, its integrity is secured. By adding time stamp to generated , , and values, the scheme allows change for every session in preparation for possible reuse attack. Devices and smart meter include a mutual authentication process to verify they are in communication with the right counterpart. But, in this case, if a symmetric key that encodes the undisclosed value or undisclosed value is exposed by inference, even previously-used data, not just the current information, could be exposed too, implying the risk of forward secrecy vulnerability. Also, we found a missing part in the calculation amount estimation process so we recalculated the calculation load of Hash scheme. Deciphering process was also not included in the calculation load estimation, so it was reassessed and presented in Table 1.

The proposed scheme is designed for reducing the disclosure possibility of constant value, a key factor for forward secrecy, throughout the authentication process; the value of is encoded upon registration and sent to smart meter. Even though the initial value is exposed, further exposure of other values would be extremely difficult by design to guarantee forward secrecy.

The proposed scheme utilizes MDMS as a time synchronization server to receive time synchronization value from MDMS in the initial smart meter registration stage and performs smart meter synchronization. Smart meters completing time synchronization encode smart meter time synchronization value based on device ID and undisclosed value used for devices to request registration to smart meter; then it sends it to devices. Devices encrypt the time synchronization values and synchronize time. Devices put the present time based on the synchronized hour and the undisclosed value of to OTP function to produce for authentication. Even if value is exposed, further information is necessary including the value of used for device-smart meter authentication and the present time based on the synchronized hour to get the initial authentication data. And value can’t be guessed because it is calculated using value that varies every session, and the time synchronization value of is not exchanged in communication to complicate inference attempts.

6. Conclusion

KL scheme which is designed to protect the AMI-network environment supports mutual authentication by using the undisclosed value transmitted during the initial registration from devices to smart meter while accelerating calculation speed. However, in this scheme, if any undisclosed value is exposed at any given time, malicious attackers can use their accumulated data and the undisclosed value to even get the data used before the time of exposure, troubling forward secrecy. Therefore, in this paper, to resolve forward secrecy problem, we used MDMS as a time synchronization server so that the smart meter receives the time synchronization value from MDMS during the initial registration and exchanges the time synchronization values in the device registration phase to calculate the present time based on the synchronized time in devices and smart meter and the undisclosed value through OTP function for synchronization.

The proposed scheme in this paper is a simpler way to time synchronize but as initially undisclosed values do not change and the time value with cycles based on the synchronized time is used for authentication, undisclosed values are easily exposed if devices and smart meter are physically attacked. Considering this, we believe it would be more effective to apply the scheme in a closed environment, for instance, where structures are relatively secure against physical attacks and devices or smart meter synchronization and management are conducted altogether.

Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.


This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (2011-0014394).