Sage Journals: Discover world-class research

Abstract

A smart grid is a data communications network integrated with an electrical grid that collects and analyzes near-real-time data on power transmission, distribution, and consumption. Currently, smart grid systems are considered to be necessary for improving the monitoring and control of a power distribution infrastructure. Using distributed measurement architecture, it is possible to gather information about the smart grid status for monitoring and controlling the overall infrastructure, including remote units. This architecture can control the use of electricity. In particular, users can monitor and regulate the electricity consumption of each home appliance in real time. Likewise, power companies can monitor and control electricity consumption for stabilizing electricity supply. However, serious problems can arise in case of data leakage. For example, if malicious attackers can sniff and analyze data, they can obtain the usage pattern of a house and ascertain when it is empty. They could then burgle the house. We propose a privacy-enhanced secure data transaction protocol that can protect private data by encrypting them. The encrypted data include the user's ID, home appliance serial number, and electricity consumption. Thus, attackers cannot obtain important data from the encrypted data. In addition, unauthorized power companies cannot access this information too.

1. Introduction

Recently, environmental issues such as global warming have become more serious because of industrial emissions. Many studies on low-carbon green growth are being carried out around the world to address them. The objective of aiming for low-carbon green growth is the abatement of carbon dioxide emissions and the efficient use of environmentally friendly resources. Thus, many researchers are studying application methods for these problems in various industries. In particular, interest in the use of smart grids for the effective use of electricity is increasing [1, 2].

A smart grid is a digitally enabled electrical grid that gathers, distributes, and acts on information about the behavior of all participants (suppliers and consumers) in order to improve the efficiency, reliability, economics, and sustainability of electricity services [3].

A key feature of smart grids is their ability to transmit information between the user and the electricity company in real time. In other words, users can check the electricity consumption of home appliances in real time, and electricity companies can generate only the electricity they need by analyzing usage patterns. The control of electricity production can help reduce carbon dioxide emissions. Interaction between users and power companies requires many types of sensitive information, such as user and home appliance information and smart sensor meter information. This information should be transmitted securely [4, 5]. Otherwise, a malicious attacker could gather data on the electricity consumption of home appliances in order to determine a user's routine and could plan a burglary when no one is at home.

We propose a privacy protection-based data transaction protocol for smart sensor meter in a smart grid. This protocol has two phases: a transmission phase and a check phase.

The remainder of this paper is organized as follows. In Section 2, we briefly provide basic information about smart grids. In Section 3, we discuss problems regarding the security of private information in smart grids, while in Section 4, we describe our proposed protocol. We present an analysis of the proposed protocol in Section 5, and finally, we summarize our research in Section 6.

2. Related Work

2.1. Smart Grid

Figure 1

Smart grid system.

A smart grid communication network will comprise several different subsystems—it is truly a network of networks. These networks include a supervisory control and data acquisition (SCADA) system; a land mobile radio (LMR) system; cellular, microwave, fiber optic, dedicated, or switched wirelines; RS-232/RS-485 serial links; wired and wireless local area networks (LAN), and so on [6, 7].

2.1.1. SCADA

An important component required for the monitoring and control of a substation is the SCADA system. It is utilized for distribution automation (DA) and computerized remote control of medium voltage (MV) substations and power grids, and it helps electricity utilities increase the reliability of power supply and reduce operating and maintenance costs. In the past, sectionalizer switchgear, ring main units, reclosers, and capacitor banks were designed for local operation with limited remote control capability. Today, using a SCADA system over reliable wireless communication links, remote terminal units (RTUs) provide powerful integrated solutions for upgrading remotely installed electrical equipment. In a Distribution Management System (DMS), RTUs seamlessly interface via a SCADA system with a wide range of high-performance control centers supplied by leading vendors worldwide. Connection to these Enterprise Management Systems (EMS) and DA/DMS control centers is typically provided via a high-performance IP Gateway or similar nodes [2, 8].

2.1.2. Wireless Networks

Different areas of the smart grid network require different wireless networking solutions. Advanced metering infrastructure (AMI) solutions can be meshed or point-to-point, with local coverage or long-range communication. Options for backhaul solutions are fiber, wireless broadband, or broadband over powerline, to name a few. Workforce mobility solutions include WiMax, WLAN, Cellular, and LMR, depending on the reliability, throughput, and coverage desired by the utility. Wireless communication solutions can be either licensed or unlicensed, again depending on the needs of the utility. For achieving the highest reliability, a licensed solution should be chosen. Each of the above options has advantages and disadvantages, but what is consistently true of all of them is the necessity of a scalable security solution [2, 9].

2.1.3. Security

Smart grid deployments must meet stringent security requirements. Strong authentication is necessary for all users and devices that may affect the operation of the grid. With the large number of users and devices affected, scalable key and trust management systems, customized to the specific needs of the energy service provider, are essential.

The deployment and operation of large, secure network communication systems over many years has taught us that the effort required to provision symmetric keys into thousands of devices can be too expensive or insecure. The development of key and trust management systems for large network deployments is required; these systems can be adopted from other industries, for example, LMR systems and Association of Public-Safety Communications Officials (APCO) radio systems. Several APCO-deployed systems provide statewide wireless coverage, with tens of thousands of secure devices. Trust management systems based on public key infrastructure (PKI) technology could be specifically customized for smart grid operators, easing the burden of providing security that adheres to accepted and guidelines that are known to be secure [10, 11].

2.2. Review of Ren et al.'s Scheme

In this section, we present an analysis of Ren et al.'s scheme [12] (see Table 1). These researchers proposed lightweight privacy-aware yet accountable secure communication scheme (PASS) between SM sensors and a Smart Grid Control Center (SGCC). PASS has five components: $AID$ generation, attaching $AID$ , uploading data, $AID$ verification, and $AID$ traceability. (1)

$AID$ generation: the customer presents a $UN$ to a $TTP$ . The $TTP$ generates the corresponding $AID$ by using the generation function:

\begin{matrix} (f_{g} : UN \times g TM \times TT P_{PriK} ⟶ AID), \end{matrix}

(1)

where

g TM

is the time-stamp used for the

AID

generation. After the

AID

generation, the

TTP

returns the

AID

to the customer and stores an item in a table called

Tb l_{ttp}

, which stores tuples

〈 AID, UN, and g TM 〉

(2)

Attaching $AID$ : the customer inputs the obtained $AID$ into a $SM$ at his/her residence.

(3)

Data uploading: the customer uploads data messages $E_{1} and E_{2}$ (defined below). The $SGCC$ creates a table called $Tb l_{sgcc}$ , in which tuples $〈 AID, V, v TM, and LocID 〉$ are stored. $v TM$ is the time-stamp for uploading the data.

Consider

\begin{matrix} E_{1} = E_{SEK} (AID, V, v TM, LocID), \\ E_{2} = E_{SIK} (H (AID, V, v TM, LocID)) . \end{matrix}

(2)

(4)

$AID$ verification: the $SGCC$ decrypts the uploaded data and examines whether the $AID$ is valid and whether it has been forged by a malicious user. The verification function is $f_{g} : AID \times TT P_{PubK} \to Rslt$ . If $Rslt$ has a “given” a priori pattern; that is, its left half and right half are identical, the verification function outputs “Yes,” which means the $AID$ is valid. Otherwise, the output is “No,” which means the $AID$ is invalid.

(5)

$AID$ traceability: the $SGCC$ can trace back to $AID$ 's $LocID$ . However, it cannot recover the $UN$ of the $AID$ by itself. Only the $TTP$ can recover the $AID$ . Given the $AID$ , $TTP$ fetches $〈 UN, g TM 〉$ from $Tb l_{ttp} = 〈 AID, UN, g TM 〉$ and checks whether the following equation is satisfied:

\begin{matrix} AID \times TT P_{PubK} = H (UN ∥ g TM) ∥ H (UN ∥ g TM) . \end{matrix}

(3)

Table 1

Notation of Ren et al.'s scheme.

Notation	Description
UN	User name
SM	Smart meter
SGCC	Smart grid control center
TTP_PubK	Public key of TTP
V	Value of automatic meter readings
MK	Preloaded master key
SIK	Session integrity key
AID	Anonymous ID
TTP	Trusted third party
USR	User
TTP_PriK	Private key of TTP
LocID	Location ID
SEK	Session encryption key
∥	Concatenation

If it is satisfied, the $TTP$ can confirm that the “opened” $TTP$ is the $UN$ , and such a $UN$ is not repudiated.

3. Security Problems in Smart Grid Systems

3.1. Privacy Problem

The security issues in smart grid have been widely discussed in recent years. The primary security issue is privacy because information transmitted over a smart grid contains electricity usage patterns of home appliances. This information could indicate not only the amount of energy consumed by each user, but also when they are at home, at work, or traveling [13]. Furthermore, it might be possible to infer what types of home appliances are present by compromising users' home area networks. The present smart grid system gathers user information in order to check and calculate the amount of electricity consumption.

Thus, if a criminal or malicious attacker can determine when a user is not at home, they may break into his/her house at such a time. Thus, energy-related information could support burglars or provide business intelligence to competitors [14].

3.2. Electricity Consumption Loss

According to the report Smart Metering & Privacy: Existing Law and Competing Policies, researchers at MIT have developed a nonintrusive appliance load monitor (NALM) [15, 16].

If NALMs could be incorporated in the existing metering infrastructure to allow for real-time logging of electricity consumption, information concerning appliance use may be reconstructed from the overall load data; thereby removing the need to intrude residential space and install new equipment in the house. NALMs were designed as research tools, and they were set up to monitor only a small number of customers in order to facilitate load forecasting and management (see Figure 3). However, smart grids allow the collection and communication of highly detailed electricity usage information, in much the same way as the NALM [16]. Thus, the problem of privacy within a smart grid is the main concern.

3.3. Modification of Electricity Consumption

Existing power companies require only power lines to connect a house to a power source. Thus, individual customers cannot access the electrical grid through the Internet. This feature provides security from the risks associated with the Internet. However, smart grid architecture connects a house (smart sensor network) to not only an electrical grid but also the Internet. This means that a smart grid is exposed to additional risks, one of which is illegal modification of electricity consumption [17].

In a smart grid, users and electricity companies communicate with each other through a wired or wireless network. Information about electricity consumption and the user is transmitted via this network. Thus, if a malicious attacker modifies a user's electricity consumption, the user might have to pay a lot of money for electricity that has not actually been used. In addition, unscrupulous users could modify their electricity consumption in order to profit by paying less. There is a high likelihood of such instances [18].

4. Proposed Protocol

4.1. Basic Structure

In this section, we propose a data transaction protocol for privacy protection (see Figure 2). To solve the problems faced in existing smart grid systems, our scheme creates hash data from the information on home appliances. Thus, electricity companies or attackers cannot obtain any valuable information.

Figure 2

Protocol of Ren et al.'s scheme.

Figure 3

Household electricity demand profile recorded on a one minute time base.

This scheme has two steps: a transmission phase and a check phase. In the former, the user sends encrypted information, such as electricity consumption and serial numbers of home appliances, to the power company and the power company stores this information. In the check phase, the user requests his/her electricity consumption from the power company and can check the power consumption of each home appliance. Figure 4 shows an overview of the proposed scheme.

Figure 4

Overview of the proposed scheme.

4.2. Overview of Entire Scheme

Table 2 describes the notation used for discussing the proposed scheme. The notation is used throughout this paper.

Table 2

Notation used for the proposed.

Notation	Description
PC	Power company
HA	Home appliance
SN_HA	Home appliance serial number
SN_list	List of smart sensor meter serial number
Kus	User's password as an encryption/decryption key (between user and smart sensor meter)
r	Random nonce
$H (\cdot)$	Hash function
$E_{n}$	Encrypted data
SM	Smart sensor meter
${ID}_{U}$	User ID
SN_SM	Smart sensor meter serial number
EC	Electricity consumption
Ksp	Encryption/decryption key (between smart sensor meter and power company)
PRNG(·)	Pseudorandom number generator
$H_{n}$	Hashed data

4.3. Registration Phase

In the registration phase, the user inputs his/her ID ( ${ID}_{U}$ ) and password ( $K u s$ ) by using a smart sensor meter ( $SM$ ) display. The $SM$ display is the interface between the user and the $SM$ (see Figure 5).

Figure 5

Registration phase.

The $SM$ sends these information to the power company ( $PC$ ), and the $PC$ stores the information. The information is used as the user's identity and encryption/decryption key between the user and $SM$ . Moreover, the $PC$ does not have knowledge of these information because the ${ID}_{U}$ and $K u s$ are hashed before communication.

When the user moves into a new house, he/she should register his/her ${ID}_{U}$ and $K u s$ with the $SM$

\begin{array}{l} User ⟶ Smart Meter \\ Input I D_{U}, K u s . \end{array}

(4)

The $SM$ stores the ${ID}_{U}$ and $K u s$ and creates hash data ( $H_{1}$ ) from these information. This hash data are used as the user identification and for extracting electricity consumption ( $EC$ ) from other data ( $H_{1} \oplus EC$ ). Then, the hash data ( $H_{1}$ ) and $SM$ serial number ( $S N_{SM}$ ) are encrypted ( $E_{1}$ ) with an encryption/decryption key ( $K s p$ ). The $SM$ sends the encrypted data the $PC$

\begin{array}{l} Smart Meter \\ Store {ID}_{U}, K u s, \\ H_{1} = H ({ID}_{U} ∥ K u s), \\ E_{1} = E_{K s p} (H_{1} ∥ S N_{SM}), \\ Smart Meter ⟶ Power Company \\ E_{1} = E_{K s p} (H_{1} ∥ S N_{SM}) . \end{array}

(5)

The $PC$ decrypts the hash data ( $H_{1}$ ) and $SM$ serial number ( $S N_{SM}$ ) obtained from $E_{1}$ . Then, the $SM$ verifies the $SM$ serial number ( $S N_{SM}$ ) by checking if it exists in the list of SMs ( $S N_{list}$ ). If the SM serial number is valid, the $PC$ stores these information ( $H_{1} ∥ S N_{SM}$ )

\begin{array}{l} Power Company \\ D_{K s p} (E_{1}) = D_{K s p} (E_{K s p} (H_{1} ∥ S N_{SM})) \\ = H_{1} ∥ S N_{SM}, \\ Verification S N_{SM} \in S M_{list}, \\ Store H_{1} ∥ S N_{SM} . \end{array}

(6)

4.4. Transmission Phase

In the transmission phase, information on home appliances ( $HA$ ) and electricity consumption ( $EC$ ) is transmitted securely (see Figure 6). Thus, third parties and the $PC$ do not have any knowledge of this information. In addition, the $PC$ only knows the electricity consumption. Thus, the user's private information, such as daily routine or the home appliances possessed by him/her, is protected.

Figure 6

Transmission phase.

Each home appliance sends the home appliance serial number ( $S N_{HA}$ ) and electricity consumption ( $EC$ ), encrypted with $K u s$ , to the $SM$

\begin{array}{l} Home Appliance ⟶ Smart Meter \\ E_{K u s} (S N_{HA} ∥ EC) . \end{array}

(7)

The $SM$ decrypts the home appliance serial number ( $S N_{HA}$ ) and electricity consumption ( $EC$ ) before encrypting the hash data ( $H_{1}$ ), electricity consumption ( $EC$ ), and $SM$ serial number ( $S N_{SM}$ ) with $K s p$ and creating hash data ( $H_{2}$ ) from $H_{1}$ and the $HA$ serial number ( $S N_{HA}$ ). Then, the two sets of hash data ( $H_{1}, H_{2}$ ) and electricity consumption ( $EC$ ) are hashed ( $H_{3}$ ). $H_{3}$ is used for performing an integrity check. The $SM$ then sends encrypted data ( $E_{2}$ ) with the two sets of hash data ( $H_{2}, H_{3}$ ) to the $PC$

\begin{array}{l} Smart Meter \\ D_{K u s} (E_{K u s} (S N_{HA} ∥ EC)) = S N_{HA} ∥ EC, \\ E_{2} = E_{K s p} ((H_{1} \oplus EC) ∥ S N_{SM}), \\ H_{2} = H (H_{1} \oplus S N_{HA}), \\ H_{3} = H (H_{1} ∥ H_{2} ∥ EC), \\ Smart Meter ⟶ Power Company \\ E_{2} ∥ H_{2} ∥ H_{3} . \end{array}

(8)

The $PC$ obtains $H_{1}^{'} \oplus E C^{'}$ and the $SM$ serial number ( $S N_{SM}^{'}$ ) via the encrypted information ( $E_{2}$ ). Next, the $PC$ searches the stored $H_{1}$ by using $S N_{SM}^{'}$ and extracts the electricity consumption ( $E C^{′′}$ ) from $H_{1}^{'} \oplus E C^{'}$ by using the stored $H_{1}$ . After the extraction is complete, the $PC$ creates hash data ( $H_{3}^{'}$ ) from $H_{1}^{'}$ , $H_{2}$ , and ${EC}^{′′}$ and makes a comparison between the received $H_{3}$ and $H_{3}^{'}$ . If the comparison shows that the hash data are identical, the $EC$ is stored with the hashed information $H_{2}$

\begin{array}{l} Power Company \\ D_{K s p} (E_{2}) = D_{K s p} (E_{K s p} ((H_{1} \oplus EC) ∥ S N_{SM})) \\ = (H_{1}^{'} \oplus {EC}^{'}) ∥ {SN}_{SM}^{'}, \\ Search sorted H_{1} using {SN}_{SM}^{'} \\ E C^{′′} = H_{1}^{'} \oplus E C^{'} \oplus H_{1}, \\ Comparison H_{3} \overset{?}{=} H_{3}^{'}, \\ If correct, store H_{2} ∥ {EC}^{′′} . \end{array}

(9)

$H_{2}$ is used as an index of the home appliance. In addition, when a user requests the electricity consumption of any home appliance, the $PC$ can search for it using $H_{2}$ obtained from the user.

4.5. Check Phase

In this phase, the user requests the electricity consumption of one or more home appliances from the $PC$ (see Figure 7).

Figure 7

Check phase.

First, the user inputs the ${ID}_{U}$ and $K u s$ along with the serial number ( $S N_{HA}$ ) of the home appliance whose electricity consumption is required

\begin{array}{l} User ⟶ Smart Meter \\ U_{ID} ∥ K u s ∥ S N_{HA} . \end{array}

(10)

To verify that the request has come from an authorized user, the $SM$ creates hash data ( $H_{4}$ ) by using the data input by the user ( $U_{ID} ∥ K u s$ ). It then verifies the user from the information stored in the registration phase. After user verification, the $SM$ generates random nonce (r) by using the $PRNG (\cdot)$ function and encrypts it with $K s p$ . The purpose of generating r is for facilitating the verification of the electricity consumption by the user when he/she receives information from the $PC$ . Hash data ( $H_{5}$ ) are generated in order to search stored electricity consumption values. Lastly, the $SM$ sends encryption data and hash data ( $E_{3} ∥ H_{5}$ ) to the $PC$

\begin{array}{l} Smart Meter \\ H_{4} = H (I D_{U} ∥ K u s), \\ Verification H_{4} \overset{?}{=} H_{1} (stored), \\ Generation of r in PRNG (\cdot), \\ E_{3} = E_{K s p} (r), \\ H_{5} = H (H_{4} ∥ S H_{HA}), \\ Smart Meter ⟶ Power Company \\ E_{3} ∥ H_{5} . \end{array}

(11)

$H_{5}$ allows the $PC$ to retrieve the $EC$ of the home appliance from its database. Further, random nonce ( $r^{'}$ ) is decrypted from the received information ( $E_{3}$ ). Subsequently, the $PC$ encrypts the $EC$ and $r^{'}$ with $K s p$ . All computed data ( $H_{5} ∥ E_{4}$ ) are sent to the $SM$

\begin{array}{l} Power Company \\ Search EC by H_{5} ⟹ H_{2} ∥ EC, \\ D_{K s p} (E_{3}) = D_{K s p} (E_{K s p} (r)) = r^{'}, \\ E_{4} = E_{K s p} (EC ∥ r^{'}), \\ Power Company ⟶ Smart Meter \\ H_{5} ∥ E_{4} . \end{array}

(12)

When $H_{5} ∥ E_{4}$ are received, the $SM$ decrypts the $EC$ and $r^{'}$ and makes a comparison between the initial random nonce r and the decrypted random nonce ( $r^{'}$ ). If the random nonce comparison result is not correct, it means that $E_{4}$ has been modified. Thus, the $SM$ discards the data. Similarly, $H_{5}^{'}$ should be compared with the initial hash data $H_{5}$ . If these two comparisons indicate that the sent data are correct, the $SM$ sends the requested electricity consumption ( $EC$ ) with the home appliance serial number ( $S N_{HA}$ ) to the user

\begin{array}{l} Smart Meter \\ D_{K s p} (E_{4}) = D_{K s p} (E_{K s p} (EC ∥ r^{'})) = EC ∥ r^{'}, \\ Verification r \overset{?}{=} r^{'}, H_{5} \overset{?}{=} H_{5}^{'}, \\ If correct, send EC to User . \end{array}

(13)

Finally, the user can check the electricity consumption of his/her home appliances.

5. Analysis

5.1. Protection against Privacy Invasion

The proposed protocol protects against privacy invasion by using a user password ( $K u s$ ) and an encryption/decryption key ( $K s p$ ). The user password is entered as a key between the home appliance and $SM$ when the $SM$ is first installed, and the encryption/decryption key is entered when the $SM$ is manufactured. The target information necessary for privacy invasion is the user ID, home appliance serial number, and electricity consumption. To determine when the user is at home, at work, or traveling, a malicious attacker would need this information.

However, the protocol proposed in this paper uses encrypted data. This contains the home appliance serial number and electricity consumption ( $E_{K u s} (S N_{HA} ∥ EC)$ ). If a malicious attacker eavesdrops on the encrypted information, they would need the user password ( $K u s$ ) to decrypt it. Therefore, malicious attackers cannot decrypt this information as long as the user password is known only to the user.

5.2. Protection against Electricity Consumption Loss

The proposed protocol protects against data leakage by using a user password ( $K u s$ ), an encryption/decryption key ( $K s p$ ), and random nonce (r). The target information is the home appliance serial number ( $S N_{HA}$ ) and electricity consumption ( $EC$ ). To determine when the user is at home, at work, or traveling, a malicious attacker would need this information.

In the transmission phase, we encrypt the home appliance serial number ( $S N_{HA}$ ) and electricity consumption ( $EC$ ) by using the user password ( $Kus$ ). In addition, this electricity consumption and hash data ( $H_{1}$ ) are computed using the exclusive-OR operation. Additionally, the $PC$ encrypts the electricity consumption with a random nonce (r) using an encryption/decryption key ( $K s p$ ) in the check phase. The use of the exclusive-OR operation and random nonce makes it difficult to extract the electricity consumption. Therefore, any intercepted home appliance electricity consumption information is different from the real data.

5.3. Protection against Modification of Electricity Consumption

If a malicious attacker modifies the electricity consumption data of a home appliance, the user may have to pay more money because of the modification. On the other hand, if unscrupulous users modify their electricity consumption in order to profit, the $PC$ may suffer significant losses. Thus, the proposed protocol uses two keys ( $K u s and K s p$ ) and a hash function ( $H (\cdot)$ ) to protect against illegal modification. For example, if an attacker knows the encryption/decryption key ( $K s p$ ) and attempts to modify the electricity consumption in the transmission phase, the $PC$ can detect this modified information.

Consider (i)

\begin{array}{l} E_{2} = E_{K s p} ((H_{1} \oplus EC) ∥ S N_{SM}), \\ SM ⟹ H_{2} = H (H_{1} \oplus S N_{HA}), H_{3} = H (H_{1} ∥ H_{2} ∥ EC), \\ Send E_{2} ∥ H_{2} ∥ H_{3} to PC . \end{array}

(14)

(ii)

\begin{array}{l} Attacker \\ ⟹ \begin{array}{l} Computation, E_{2 A} = E_{K s p} ((H_{1 A} \oplus {EC}_{A}) ∥ S N_{SMA}) \\ Send E_{2 A} ∥ H_{2} ∥ H_{3} to PC . \end{array} \end{array}

(15)

(iii)

Attacker cannot create $H_{2}$ and $H_{3}$ because he/she does not know $H_{1}$ .

(iv)

The $PC$ extracts electricity consumption using exclusive-OR operation.

(v)

The $PC$ computes new hashed data ( $H_{3}^{'}$ ) and compares them with received hashed data ( $H_{3}$ )

\begin{array}{l} E C_{A} = (H_{1 A} \oplus {EC}_{A}) \oplus H_{1}, \\ H_{3 A} = H (H_{1} ∥ H_{2} ∥ {EC}_{A}), H_{3} \overset{?}{=} H_{3 A} (incorrect) . \end{array}

(16)

(vi)

The comparison result shows that the received data is incorrect.

(vii)

Therefore, the $PC$ discards the information transmitted by the attacker.

5.4. Performance Analysis

In this section, we compare the performance of our proposed scheme with that of Ren et al.'s scheme. The proposed scheme has three phases: registration, transmission, and request. In contrast, Ren et al.'s scheme has only one phase, called PASS. PASS is similar to the transmission phase of the proposed scheme. Therefore, we compare PASS and the transmission phase.

Table 3 shows an analysis of the computational cost. The proposed scheme is computationally more efficient compared to Ren et al.'s scheme. Besides, in the former, asymmetric encryption is not used and the hash function is used less.

Table 3

Analysis of computational cost.

	Computation	Proposed scheme	Ren et al. [12]
Registration	Asymmetric encryption	—	—
	Symmetric encryption	2Sym	—
	Hash function	1T (h)	—

Transmission (PASS)	Asymmetric encryption	—	2Asym
	Symmetric encryption	4Sym	4Sym
	Hash function	3T (h)	4T (h)

Request	Asymmetric encryption	—	—
	Symmetric encryption	3Sym	—
	Hash function	3T (h)	—

Table 4 shows an analysis of the communication cost. As can be seen, our proposed scheme needs two handshakes in the transmission phase. On the other hand, Ren et al.'s scheme needs three handshakes in PASS. Thus, our proposed scheme is more efficient with regard to the communication cost.

Table 4

Analysis of communication cost.

	Proposed scheme	Ren et al. [12]
Registration	2	—
Transmission (PASS)	2	3
Request	4	—

In order to compare the proposed scheme and Ren et al.'s scheme, we simplify the computational cost for carrying out a quantitative analysis. We assume that the computational cost of asymmetric encryption, symmetric encryption, and the hash function are 3, 2, and 1, respectively. Actually, asymmetric encryption involves higher computational cost compared to symmetric encryption and the hash function. Further, symmetric encryption involves higher computational cost compared to the hash function. Thus, the computational cost of the proposed scheme is 11 (4Sym + 3T (h) = 4 × 2 + 3 × 1 = 11), while that of Ren et al.'s scheme is 18 (2Asym + 4Sym + 4T (h) = 2 × 3 + 4 × 2 + 4 × 1 = 18).

Figure 8 shows the changes in the computational cost and communication cost with time. We calculate the costs for the case where data are transmitted at regular intervals. For example, if data are transmitted at 10 min intervals (144 = 1 day/10 min), the cost of the proposed scheme is 1584 (= 144 × 11), while that of Ren et al.'s scheme is 2592 (= 144 × 18).

Figure 8

Changes in computational and communication cost for data transmission at regular intervals.

6. Conclusion

In this paper, we have proposed a secure data transaction protocol for smart grids to protect private information. The proposed protocol has two phases: a transmission phase and a check phase. In the former, we encrypt the user ID, home appliance serial number, and electricity consumption to protect against attacks such as eavesdropping and modification. For the encryption, the user password, encryption/decryption key, and hash function are used. In the check phase, the user can request information about the electricity consumption of a home appliance. For this, he/she sends an encrypted user ID and home appliance serial number to the $PC$ . And the $SM$ generates a random nonce. The purpose of generating the random nonce is to protect electricity consumption data from illegal modification. Thus, the $PC$ sends the desired electricity consumption and random nonce in an encrypted state. The above features provide security to the data transaction.

Footnotes

Conflict of Interests

The authors declare that there is no conflict of interest regarding the publication of this paper.

Acknowledgments

This research was supported by the Ministry of Knowledge Economy (MKE), Republic of Korea, under the Information Technology Research Center (ITRC) support program (NIPA-2012-H0301-12-3007) supervised by the National IT Industry Promotion Agency (NIPA). This work was supported by the Soonchunhyang University Research Fund.

References

Wang

Khanna

A survey on the communication architectures in smart grid

Computer Networks 2011 55 15 3604 3629

2-s2.0-80052508859

10.1016/j.comnet.2011.07.010

Metke

A. R.

Ekl

R. L.

Smart grid security technology

Proceedings of the Innovative Smart Grid Technologies

January 2010

2-s2.0-77952219428

10.1109/isgt.2010.5434760

Adwitiya

Daya

K. L.

Performance evaluation of data aggregation for cluster-based wireless sensor network

Human-Centric Computing and Information Sciences 2013 3 1 17

Min

Yong-Ki

Jae-Woo

An energy-efficient routing protocol using message success rate in wireless sensor networks

Journal of Covenvergence 2013 4 15 22

Sumathi

Srinivas

M. G.

A survey of QoS based routing protocols for wireless sensor networks

Journal of Information Processing Systems 2012 8 589 602

Tolentino

R. S.

Kim

T.H.

Review: distributed system network architecture for securing SCADA system

International Journal of Smart Home 2010 4 1 13 22

2-s2.0-80755175289

Ahmad

Sajjad

H. S.

Evolution of communication technologies for smart grid applications

Revewable and Sustainable Energy Revies 2013 19 191 199

Dong-Joo

Sunju

A conceptual approach to data visualization for user interface design of smart grid operation tools

International Journal of Energy, Information and Communications 2010 1 64 76

Emilio

Raffaele

Marco

The role of communication systems in smart grids: architectures, technical solutions and research challenges

Computer Communications 2013

10.

Zhang

Research and design of security defense model in power grid enterprise information system

Proceedings of the International Conference on Multimedia Technology (ICMT '10)

October 2010

2-s2.0-79952238909

10.1109/ICMULT.2010.5630335

11.

Rosslin

J. R.

Min-kyu

Assessment of the vulnerabilities of SCADA, control systems and critical infrastructure systems

International Journal of Grid and Distributed Computing 2009 2 27 34

12.

Ren

Song

Yang

Ren

Lightweight privacy-aware yet accountable secure scheme for SM-SGCC communications in smart grid

Tsinghua Science and Technology 2011 16 6 640 647

2-s2.0-82955221673

10.1016/S1007-0214(11)70084-0

13.

Khurana

Hadley

Frincke

D. A.

Smart-grid security issues

IEEE Security & Privacy 2010 8 1 81 85

2-s2.0-77249138261

10.1109/MSP.2010.49

14.

Cristina

Giacomo

Antonio

Privacy-preserving smart metering with multiple data consumers

Computer Netowkrs 2013 57 1699 1713

15.

Drenker

Kader

Nonintrusive monitoring of electric loads

IEEE Computer Applications in Power 1999 12 4 47 51

2-s2.0-0033350934

10.1109/67.795138

16.

Quinn

E. L.

Smart metering and privacy: existing laws and competing policies

2009, http://ssrn.com/abstract=1462285, http://dx.doi.org/10.2139/ssrn.1462285

17.

D'Antonio,

Coppolino

Elia

I. A.

Fromicola

Security issues of a phasor data concentrator for smart grid infrastructure

Proceedings of the 13th European Workshop on Dependable Computing (EWDC '11)

May 2011

3 8

2-s2.0-79958754211

10.1145/1978582.1978584

18.

Wenye

Zhuo

Cyber security in the smart grid: survey and challenges

Computer Networks 2013 57 1344 1371