|
| Prot. | Network model | Goals | Main processes | Performances (+) and limitations (−) |
|
| Li and Cao (2011) [28] | Smart Grid with wide multicast applications, namely, wide area protection, demand-response, operation and control, and in-substation protection | Provide multicast authentication | (i) Key generation;
(ii) Signing;
(iii) Verification | + Efficient in terms of hash or one-way function invocations compared to the scheme [209].
+ Resistance to message forgery attacks.
+ Can reduce the storage cost.
− Privacy-preserving is not discussed.
− The reports’ confidentiality and integrity are not considered compared to the scheme [49] |
|
| Li et al. (2014) [49] | Communication between the home area networks (HANs) and the neighborhood gateway using WiFi technology | (i) Detecting the replay attacks;
(ii) Providing authentication for the source of electricity consumption reports;
(iii) Guarantees the reports’ confidentiality and integrity | (i) System initialization;
(ii) Report generation;
(iii) Neighborhood gateway authentication | + Efficient in terms of computation complexity of the HAN user and the neighborhood gateway compared to the RSA-based authentication scheme.
+ Efficient in terms of communication overhead between the HAN user and the neighborhood gateway compared to the RSA-based authentication scheme.
+ Resistance to attacks, namely, replay attack, message injection attack, message analysis attack, and message modification attack.
+ Guarantees the reports’ confidentiality and integrity compared to the scheme [28].
− The routing attacks are not considered such as wormhole attack |
|
| Li et al. (2012) [138] | The smart grid with power generation, power transmission, and power distribution | Providing the authentication for power usage data aggregation in Neighborhood Area Network (NAN) with fault tolerance architecture. | (i) Key generation;
(ii) Signature generation;
(iii) Batch verification and trinary diagnose TreeBatch;
(iv) Signature amortization for Package Blocks | + Makes significant performance gains in terms of the communication and computation cost.
+ Considers the fault diagnosis.
− No threat model presented |
|
| Nicanfar et al. (2011) [139] | (i) The data communication in outside of the Home Area Network (HAN).
(ii) Some smart meters and a utility server under a wireless mesh network topology | Providing mutual authentication scheme to prevent brute-force attacks, replay attacks, Man-In-The-Middle (MITM) attack, and Denial-of-Service (DoS) attacks | (i) Initialization;
(ii) Ongoing maintenance or Short period key refreshment;
(iii) Long period key refreshment;
(iv) Multicast key support | + Can provide simplicity and low overhead.
+ Resistance to attacks, namely, brute-force attacks, replay attacks, Man-In-The-Middle (MITM) attack, and Denial-of-Service (DoS) attacks.
+ Can provide secure key management.
− The reports’ confidentiality and integrity are considered compared to the scheme [49] |
|
| Chim et al. (2011) [140] | Smart grid network with three basic layers, namely, power generators, substations, and smart meters and smart appliances | Guarantee the message authentication, identity privacy, and traceability | (i) Preparation module;
(ii) Pseudo-identity generation module;
(iii) Signing module;
(iv) Verification module;
(v) Tracing module | + Requires only an additional 368 msec for HMAC signature verification at a substation.
+ Efficient in overall normal traffic success rate when under attack.
+ The message overhead is only 20 bytes per request message.
− The routing attacks are not considered such as wormhole attack.
− Storage costs are not considered.
− No comparison with other schemes |
|
| Fouda et al. (2011) [141] | Smart grid with the power Distribution Network (DN), the Transmission Substation (TS), and a number of Distribution Substations (DSs) | Providing mutual authentication and achieving message authentication in a light-weight way | (i) Key generation;
(ii) Message generation;
(iii) Hash-based message authentication | + Efficient in terms of communication overhead and message decryption/verification delay compared to ECDSA-256.
+ Resistance to attacks, namely, replay attack, chosen-plaintext attack, and collision attack.
− Location privacy is not considered.
− Identity privacy and traceability are not considered compared to the scheme [140] |
|
| Nicanfar et al. (2014) [142] | Multigate communication network proposed in [210] | Providing mutual authentication and key management mechanisms | (i) SGMA scheme (System setup; Mutual authentication Scheme)
(ii) SGKM protocol (Key refreshment; Multicast key mechanism; Broadcast key mechanism) | + Can prevent the adversary from continuing the successful attack.
+ Can prevent various attacks while reducing the management overhead.
− Storage costs are not considered.
− Lack nonrepudiation compared to the PBA scheme in [64] |
|
| Chim et al. (2015) [55] | Smart grid network based on hierarchical architecture, i.e., HANs, BANs, NANs | Providing the privacy-preserving recording and gateway-assisted authentication | (i) Preparation phase;
(ii) Power plan submission phase;
(iii) Power plan processing phase;
(iv) Reconciliation phase;
(v) System master secret updating phase | + The message filtering at gateway smart meters can be helpful in reducing the impact of attacking traffic.
+ The privacy preserving and traceability are considered.
− No comparison with other schemes.
− Distributed denial of service (DDoS) attacks is not considered |
|
| Mahmood et al. (2016) [67] | The system model is homogeneous to the model in [49] | Detect and omit some attacks, namely, replay, false message injection, message analysis and modification attacks | (i) Initialization;
(ii) Authentication;
(iii) Message transmission | + Efficient in terms of communication cost and computation cost compared to the schemes [30, 35].
+ Resistance to attacks, namely, replay, false message injection, message analysis and modification attacks.
+ The reports’ confidentiality and integrity are considered.
− Location privacy is not considered |
|
