Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx
Contents lists available at ScienceDirect
Journal of King Saud University – Computer and Information Sciences journal homepage: www.sciencedirect.com
An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach Akber Ali Khan, Vinod Kumar ⇑, Musheer Ahmad Department of Applied Sciences and Humanities, Jamia Millia Islamia, New Delhi 110025, India
a r t i c l e
i n f o
Article history: Received 25 January 2019 Revised 6 April 2019 Accepted 24 April 2019 Available online xxxx Keywords: Biometric Elliptic curve cryptography Fuzzy extractor Mutual authentication Smart grid security and privacy
a b s t r a c t Smart grid (SG) provides a suitable adjustment in the amount of power generation by providing the ability to supervise consumer behavior. SG uses in the smart system to encourage cultural heritage because it is accountable for providing power without any interruption. SG is one of the vital components to authorize smart systems with a lot of smart features to attract visitors to come and visit heritage. In SG, environment security and privacy are the major concern for communications. An authentication protocol provides secure communication between users and service provider for security and privacy purpose. Several authentication protocols are available in the literature. However, they are enabled to known security attacks easily or they are not computationally efficient for SG communication. In the present paper, we design an ECC-based mutual authentication protocol for smart grid communication using biometric approach. The present framework satisfy various security features such as replay attack, user anonymity, man in the middle attack, key freshness, message authentication, session key agreement, impersonation attack, non-traceability and non-transferability. Further, the proposed protocol takes much less communication and computation costs compared with other existing protocols in SG environment. Therefore, our scheme is convenient for practical application in SG communication. Ó 2019 The Authors. Production and hosting by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
1. Introduction With the rapid improvement of network technology and electronic technology, SG turns to be true in numerous evolved nations and other areas have fast development. In SG, electricity transmitted bidirectionally and users can create the best possible option for using electricity through bidirectional smart meter (SM). As one of the special characteristics of SG, the demand response can provide information on the ideal price of electricity from time to time (every 10–15 min) and allow users to adjust their electricity use Cappers (2011). Consequently, electric consumption can be used efficiently, safely and reliably in SG. Multiple resources work on the concept of smart grid taken as SM, smart device, renewable energy resources, etc. Smart grid rises as electricity production which able to monitoring the utilization way of users. In SG, users ⇑ Corresponding author. E-mail address:
[email protected] (V. Kumar). Peer review under responsibility of King Saud University.
Production and hosting by Elsevier
can change possible updation in the amount of electricity production. Smart system provides efficient monitoring and controlling power usages by the participants. In general way, smart grid structure includes three different things: smart equipment, sub-stations and command centers. Smart meters use by smart equipment to interchange information with the service provider and user inquiry passes through SM to substations. After receiving inquiry substations forward received inquiry to the parallel control center, then control station resolve these issues of users. Communication between authorized station and substation are keep safely by the legislative control and data storage system. Although, various authentication protocols have been designed to keep safe communication between SM and substations but these obligations are not authentic to stop common attacks such as user anonymity, impersonation attack, etc. (Al-Agtash, 2013). Thus, an authentication protocol is essential to protect the intermediate messages between substations and smart devices. In smart grid, different devices share information with other devices. Before sharing information among the different types of appliance, these appliances should be authenticated to provide safe communication with authorized users. In this way, there is a need of an efficient authentication protocol for SG environment. A perfect authentication framework can manage security and privacy in a smart grid environment.
https://doi.org/10.1016/j.jksuci.2019.04.013 1319-1578/Ó 2019 The Authors. Production and hosting by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013
2
A.A. Khan et al. / Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx
Cryptographic protocols are important approaches to manage security and privacy in a communication system. In SG environment, many authentication schemes (Islam and Biswas, 2014; Islam et al., 2015; He et al., 2017; Madhusudhan and Hegde, 2017; Saxena et al., 2016) and biometric -based authentication schemes (Mishra et al., 2014; Li and Hwang, 2010) have been introduced in last decade for apart applications. Li et al. (2010) explained sustainable energy resources and mentioned requirements for risk limiting dispatch in SG communication. Wu and Zhou (2011) submitted a protocol for SG environment, their protocol has many points of interest such as fault-tolerance, strong security and scalability on the basis of ECC and symmetric key cryptography. Also, they utilized this to improve performance and to explain the key distribution. Wu and Zhou’s protocol needs two particular servers, public key infrastructure (PKI) and TTP. In this protocol, the validation of the certificate of PKI raises computation cost. Further, Xia and Wang (2012) show that Wu and Zhou scheme is not stand with the man in the middle attack, i.e. the opponent can get the session key after being able to resist this attack. In order to improve security and performance Xia and Wang (2012) provided an enhanced protocol, where a lightweight directory access protocol (LDAP) server shows contribution of reliable third parties. But, Xia and Wang’s protocol is not stand with impersonation and the unknown key share attacks (Park et al., 2013). Further, Fouda et al. (2011) design an authentication protocol for key agreement and authentication for SM. They claimed that SM compatible with smart equipment by providing a common session key. In the same year, Chim et al. (2011) suggested an authentication framework, they used tamper resistance device to maintain the privacy of smart network. In this scheme, they used a time stamp in sign-in phase which contains a problem to maintain clock synchronization problem (Sadhukhan and Ray, 2018). Sule et al. (2012) presented an authentication scheme which does not stand with known security attack also the communication cost and computation cost of this scheme is approximately same as Fouda et al. (2011). Further, Nicanfar and Leung (2013) presented ECC based authentication protocol and they claim that this protocol has low computational complexity with preloaded password among home area network(HAN) and distinct devices. Further, Nicanfar and Leung (2014) proposed a password-based authentication key agreement scheme with forward and backward security. According our observation this is costly implemented. Mahmood et al. (2016) presented an authentication protocol for SG environment. Unfortunately, we reviewed this scheme and found security weakness such as user anonymity, session key agreement and impersonation attack. Lastly, Li et al. (2017) proposed PKI based an authentication protocol for home area network and building area network. We have seen that the computational and communication costs of Li et al. protocol is much higher. 1.1. Motivation and contribution As described in the previous paragraph, although different authentication schemes (Fouda et al., 2011; Sule et al., 2012; Chim et al., 2011; Nicanfar and Leung, 2013; Nicanfar and Leung, 2014) have been introduced till date, to the best of our awareness, none of them can entirely offer the required security properties, which are necessary in the reference of smart grid. These facts spiritualize us to design a new framework that can remove the current security drawback in smart grid environment. For this purpose, we proposed an ECC based mutual authentication protocol for smart grid security using biometric approach which has the following properties: The proposed framework provides mutual authentication between user and server.
The proposed framework is strong against non traceability, replay attack, impersonation attack, user anonymity, key freshness, man in the middle attack, message authentication, session key agreement and non transferability. The proposed framework has much less computation cost and communication cost with other existing protocols in smart grid communication. 1.2. Roadmap of this paper The remaining part of this work is arranged as: In Section 2, we give the basic Preliminaries, which help to illustrate the proposed scheme. In Section 3, we proposed a novel ECC-assisted mutual authentication protocol using a biometric approach. In Section 4, Security analysis. In Section 5, Performance analysis. Finally, we made a conclusion. 2. Preliminaries The useful notations and mathematical terminology which are convenient for explain the proposed scheme are given in this section. 2.1. Notations Useful symbols and their meanings throughout the paper are given in Table 1. 2.2. Biometric and fuzzy extractor The fuzzy extractor transforms biometric data into a uniformly random string. Thus, it is feasible to apply the cryptographic approach for biometric security. The output of hash function hð:Þ is sensitive and it may return independent output data, while there is a small change in input data. Notice that biometric data is prone to diverse noises during data gain, and the reproduction of real biometric is hard to implement. To defer such types of issues, a fuzzy extractor approach (Dodis et al., 2004; He et al., 2014; Das, 2017) is approved, which can extract string and public attributes from the biometric data with a given error tolerance T . In reproduction procedure, fuzzy extractor get back the real biometric key information for a noisy biometric by using public data and T . Let, N ¼ f0; 1gn be a finite n-dimensional metric space of biometric data,
Table 1 Notations and their description. Notations
Description
Notations
Description
ECC
Elliptic curve cryptography Elliptic curve
Repð:Þ
Elliptic curve group under addition Large prime0 s Generator of G
SK ij
Smart grid server The unique identity of entity i Password of user i Multiplicative group of order p 1 Biometrics information of user i Fuzzy extractor function
Mt k
Fuzzy reproduction function Elliptic curve E over a prime finite field F p The session key between entities i and j An adversary Cryptographic one way hash function Valid time span Concatenation operation
T
Bitwise XOR operation Error tolerance
!
Public channel
)
Secure channel
E G p and q g S IDi PW i Z p Bi Genð:Þ
EðF p Þ
A hð:Þ
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013
3
A.A. Khan et al. / Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx
d : N N ! Z þ is a distance function useful for calculating the distance between any two attributes based on the selected a metric. The fuzzy extractor is a tuple ðN ; l; T Þ, which is composed of the following two algorithms, called Gen and Rep where l is the bit length of the output string. Gen is the probabilistic approach which takes a biometric input data as Bi 2 N , outputs a secret key data ri 2 f0; 1g and a public reproduction parameter si , where GenðBi Þ ¼ fri ; si g. Rep is the deterministic approach which takes a noisy biometric data B0i 2 N and a public attribute si , and T related to Bi then it reproduces biometric key data ri . That is, RepðB0i ; si Þ ¼ ri , provided dðBi ; B0i Þ 6 T . l
2.3. Elliptic curve over finite prime field
Table 2 Registration phase via secure channel. User U i
Server S
Select IDi ; PW i imprint Bi Computes ðri ; hi Þ ¼ GenðBi Þ Generates r 2 Z q
Computes R1 ¼ hðPW i kri Þ r Sends fIDi ; Ri ; tRG1 g )
Computes R4 ¼ R3 ri Computes R5 ¼ hðIDi kPW i kR4 Þ Store fR3 ; R4 ; R5 g in database
Verify tRG2 tRG1 6 t, aborts if not fresh Computes R2 ¼ hðIDi kxkyÞ Computes R3 ¼ R2 R1 Store fR3 ; y; g; hð:Þg in database Sends fR3 ; y; g; hð:Þg (
Let Ep ðc; dÞ : v 2 ¼ u3 þ cu þ dmod p, be an elliptic curve over a 2
finite field F p where c; d 2 F p such that 4c3 þ 27d mod p – 0 and G ¼ fðu; v Þ : u; v 2 F p ; ðu; v Þ 2 Eg [ fHg, where H is the identity of G under addition. 1. Let R ¼ ðu; v Þ 2 G , then define R ¼ ðu; v Þ and R þ ðRÞ ¼ H. 2. Let R ¼ ðu; v Þ 2 G then, scalar multiplication defined as: tR ¼ R þ R þ R . . . . . . . . . . . . . . . :: þ Rðt timesÞ. 3. If R ¼ ðu1 ; v 1 Þ; S ¼ ðu2 ; v 2 Þ, then R þ S ¼ ðu3 ; v 3 Þ, where u3 ¼ k2 u1 u2 mod p and v 3 ¼ kðu1 u2 Þ v 1 mod p, with
k¼
8 v v < u22 u11 mod p if R – S : 3u1 þc mod p if R ¼ S 2v 1 2
Additional information of elliptic curve group and its application are given in Kumar et al. (2018), Kumar et al. (2019), Kumar et al. (2013), Kumar et al. (2018). 3. The proposed protocol In this section, we proposed a biometric-based mutual authentication protocol. There are three phases in the present protocol which are explained as follows. 3.1. Initialization phase In this phase, S chooses p; Ep ðc; dÞ : v 2 ¼ u3 þ cu þ dmod p with 2
base point P 2 G, where c; d 2 G with 4c3 þ 27d mod p – 0 and chooses his/her hð:Þ. Also, S generate its private key as x 2 Z p and public key as PK S ¼ x:P. Further, S disclosed the public attributes fEp ðc; dÞ; p; g; P; PK S ; hð:Þg and sustain x secretly. 3.2. Registration phase The details of registration phase discussed below and shown in Table 2. Step 1. To register with server, U i select his/her IDi ; PW i , imprint Bi and computes ðri ; hi Þ ¼ GenðBi Þ. Further, U i generates r 2 Z q ,
computes R1 ¼ hðPW i kri Þ r and forwards fIDi ; Ri ; tRG1 gtowards server through secure medium. Step 2. On receiving fIDi ; Ri ; tRG1 g, server verifies tRG2 t RG1 6 Mt. if verification is successfully then server computes R2 ¼ hðIDi kxkyÞ where, x is the private key of server and y is the counter. Further, server computes R3 ¼ R2 R1 and store fR3 ; y; g; hð:Þg in database and sends to entity U i .
Step 3. On receiving attributes fR3 ; y; g; hð:Þg. After that, U i computes R4 ¼ R3 ri , computes R5 ¼ hðIDi kPW i kR4 Þ and store fR3 ; R4 ; R5 g in database of U i .
Algorithm 1 Registration phase 1: U i inputs IDi ; PW i and imprint Bi 2: U i computes ðri ; hi Þ ¼ GenðBi Þ 3: U i select a random number r 2 Z q
4: U i computes R1 ¼ hðPW i kri Þ r 5: U i sends fIDi ; Ri ; tRG1 gtowards S 6: if (t RG2 t RG1 6 t) then 7: S computes R2 ¼ hðIDi kxkyÞ where x is the private key of server and y is the registration counter 8: S computes R3 ¼ R2 R1 9: S store fR3 ; y; g; hð:Þg in database of S 10: S sends fR3 ; y; g; hð:Þg towards U i 11: U i computes R4 ¼ R3 ri and R5 ¼ hðIDi kPW i kR4 Þ 12: U i store fR3 ; R4 ; R5 g in database U i 13: return (Success) 14: else 15: return (Failure) 16: end if
3.3. Login and authentication phase After completion of registration phase, user U communicate with server in smart grid environment. The details of login and authentication phase given below and shown in Table 3: Step 1. U login with ID0U ; PW 0U , imprint B0U . Further, U computes r0U ¼ RepðB0U ; h0U Þ; R04 ¼ R03 r0U ; R05 ¼ hðID0U kPW 0U kR04 Þ and verifies ?
R05 ¼ R5
if
yes
then,
U
generates
u 2 Z q ,
computes
and send S1 ¼ hðIDU kR1 kt1 Þ; IDU1 ¼ IDU ðR1 t1 Þ MA1 ¼ fS1 ; IDU1 ; u:g; t1 gtowards server through a reliable medium. Step 2. On receiving MA1 ; S verifies t 2 t1 6 t, if verification successfully done then, S computes IDU ¼ IDU1 ðR1 t1 Þ; ?
S1 ¼ hðIDU kR1 kt1 Þ and verifies S1 ¼ S1 . After that, S generates a random numbers 2 Z q , computes S2 ¼ hðIDs kR3 kt 2 Þ, session key
as SK SU ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkx:gkt3 Þ and computes IDS1 ¼ IDS ðR3 t 3 Þ. Further, S sends M A2 ¼ fS2 ; IDS1 ; sg; t 3 g towards U.
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013
4
A.A. Khan et al. / Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx Table 3 Login and authentication phase via public channel. User U
Server S
Login with ID0U ; PW 0U and imprint B0U Computes r0U ¼ RepðB0U ; h0U Þ Computes R04 ¼ R03 r0U Computes R05 ¼ hðID0U kPW 0U kR04 Þ ?
Verifies R05 ¼ R5 if yes then: Generates u 2 Z q Verifies t2 t 1 6 t, aborts if not fresh Computes IDU ¼ IDU1 ðR1 t1 Þ Computes S1 ¼ hðIDU kR1 kt1 Þ
Computes S1 ¼ hðIDU kR1 kt1 Þ Computes IDU1 ¼ IDU ðR1 t1 Þ Sends M A1 ¼ fS1 ; IDU1 ; u:g; t 1 g !
?
Verifies S1 ¼ S1 Generates s 2 Z q Computes S2 ¼ hðIDs kR3 kt2 Þ Computes SK SU ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkx:gkt3 Þ Computes IDS1 ¼ IDS ðR3 t3 Þ Sends M A2 ¼ fS2 ; IDS1 ; s:g; t3 g
Verifies t4 t 3 6 t, aborts if not fresh Computes IDS ¼ IDS1 ðR3 t3 Þ Computes S2 ¼ hðIDS kR3 kt 3 Þ ?
Verifies S2 ¼ S2 if yes then sets session key as: SK US ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkPK S kt3 Þ
Step 3. On receiving M A2 ; U verifies t4 t3 6 t, if yes then, U Computes IDS ¼ IDS1 ðR3 t 3 Þ; S2 ¼ hðIDS kR3 kt3 Þ and verifies ? S2 ¼ S2
if yes then set its session SK US ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkPK S kt 3 Þ.
key
as
4. Security analysis In this section, we discuss the security analysis of the proposed protocol.
Algorithm 2 Login and authentication phase 1: U login with ID0U ; PW 0U and imprint B0U 2: U computes r0U ¼ RepðB0U ; h0U Þ; R04 ¼ R03 r0U ; R05 ¼ hðID0U kPW 0U kR04 Þ 3: if (R05 ¼ R5 ) then 4: U select a random number u 2 Z q 5: U computes S1 ¼ hðIDU kR1 kt1 Þ; IDU1 ¼ IDU ðR1 t1 Þ 6: U sends M A1 ¼ fS1 ; IDU1 ; u:g; t 1 gtowards S 7: if (t2 t 1 6 t) then 8: S computes IDU ¼ IDU1 ðR1 t 1 Þ; S1 ¼ hðIDU kR1 kt 1 Þ 9: if (S1 ¼ S1 ) then 10: S generates s 2 Z q
11: S computes S2 ¼ hðIDs kR3 kt 2 Þ; SK SU ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkx:gkt3 Þ; IDS1 ¼ IDS ðR3 t 3 Þ 12: S sends MA2 ¼ fS2 ; IDS1 ; s:g; t3 gtowards U 13: if (t 4 t 3 6 t) then 14: U computes IDS ¼ IDS1 ðR3 t3 Þ; S2 ¼ hðIDS kR3 kt 3 Þ 15: if (S2 ¼ S2 ) then 16: U computes SK US ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkPK S kt 3 Þ 17: return (Success) 18: else 19: return (Failure) 20: end if 21: else 22: return (Failure) 23: end if 24: else 25: return (Failure) 26: end if 27: else 28: return (Failure) 29: end if 30: else 31: return (Failure) 32: end if
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013
5
A.A. Khan et al. / Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx
any adversary can not impersonate in authentication phase. Hence, our scheme stands with user impersonation attack.
4.1. Replay attack In every step of the proposed protocol, U and S generates random numbers u 2 Z q and s 2 Z q and time stamp condition T i T j 6 4T. They are utilized to guarantee the freshness of messages. At that point, U and S can find out the attack by verifying the freshness of received messages. Hence, the proposed protocol can withstand the replay attack. 4.2. Man in the middle attack Any A can try to use the previous message to login the server. A replay M A1 ¼ fS1 ; IDU1 ; u:g; t 1 g, where S1 ¼ hðIDU kR1 kt 1 Þ; u 2 Z q and t 1 is the time stamp which prevents the replay attack. Upon receiving the message M Ai ; S or U verify two verifying conditions ?
t j ti 6 t and Si ¼ Si . A has no access to the private keys of U and S. Hence, A can not able to calculate a real verifier. Therefore, A can not adjust a parameter as a result of the verifiers should be changed appropriately. Hence, the proposed protocol stand with man in the middle attack.
4.7. Session key agreement In the proposed scheme, U and S both computes its session key as SK SU ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkx:gkt 3 Þ and SK US ¼ hðIDU kIDS kS1 kS2 kR3 :gku:s:gkPK S kt 3 Þ respectively. It is clear that SK SU ¼ SK US . Hence, communication between them is secure. 4.8. Non-traceability In every session, U selects a fresh random value u 2 Z q to calculates M A1 . Because of the randomness of u, there is no constant value is send by U. Hence, our protocol can provide nontraceability (He et al., 2016).
4.9. Non-transferability The proposed scheme manage this property following as Cho et al. (2018) and Liang et al. (2010).
4.3. User anonymity The proposed scheme manages user anonymity following as: –U send its partial identity IDU1 ¼ IDU ðR1 t1 Þ to the server S then, S compute anonymous identity IDU ¼ IDU1 ðR1 t 1 Þ of U. –S sends its partial identity IDS1 ¼ IDS ðR3 t3 Þ to the user U then, U computes anonymous identity of S as IDS ¼ IDS1 ðR3 t 3 Þ Thus, A can not get original identity of users in the presence of anonymous identity. Hence, the proposed protocol stand with user anonymity. 4.4. Key freshness In this proposed scheme, every step uses a fresh key such as random number, time-stamp, so key freshness condition prevails for every session. 4.5. Message authentication The details of message authentication follows as: –S receives the message MA1 ¼ fS1 ; IDU1 ; u:g; t1 g and checks the legality by verifying the time stamp condition t 2 t1 6 t with ?
its hash values and verify S1 ¼ S1 . –U receive the message M A2 ¼ fS2 ; IDS1 ; s:g; t 3 g and checks the legality by verifying the time stamp condition t4 t3 6 t and ?
verify S2 ¼ S2 . In this way, messages secure within verifying conditions, and hash values which is not essay to guess for any adversary. Hence, the proposed scheme stand with message authentication. 4.6. Impersonation attack In this phase, any A can try as a legitimate user U to login the server. A get the message M A1 ¼ fS1 ; IDU1 ; u:g; t 1 g and try to compute S1 , this is not an easy task for any attacker because of S1 contain the following parameters IDU ; R1 ; t 1 where S1 ¼ hðIDU kR1 kt 1 Þ; R1 ¼ hðPW i krÞ r. S1 protected with biometric, password, random values and verifying conditions. In this way,
?
–In login phase, U verify R05 ¼ R5 , where 0 0 0 0 0 0 0 0 R5 ¼ hðIDU kPW U kR4 Þ; R4 ¼ R3 rU ; rU ¼ RepðB0U ; h0U Þ and R5 ¼ hðIDi kPW i kR4 Þ this shows that only authenticated user enter in authentication phase and can send messages to S. –Upon receiving a MA1 from U; S verify the conditions ?
t2 t1 6 t and S1 ¼ S1 , where S1 ¼ hðIDU kR1 kt 1 Þ and S1 ¼ hðIDU kR1 kt1 Þ. This proves that only authenticated U can communicate with S. ?
-On receiving M A2 , user U verify t4 t3 6 t and S2 ¼ S2 , where S2 ¼ hðIDs kR3 kt2 Þ, and S2 ¼ hðIDS kR3 kt3 Þ. This also prove that only authenticated U can communicate with S. Hence, the proposed scheme provides non-transferability property.
5. Performance analysis In this phase, we describe the details description of performance analysis with related schemes such as Fouda et al. (2011), Chim et al. (2011), Sule et al. (2012), Mahmood et al. (2016) and Li et al. (2017). That are completed in three phases as: comparison of security properties, computational cost comparison, communication cost comparison. The conclusion demonstrates that present protocol attains a proper agreement between security and efficiency in smart grid environment.
5.1. Comparison of security properties Wang et al. (2017) discussed online/offline ciphertext-policy attribute-based encryption (ABE) in the standard model for cloud. In this manuscript, we have not use ABE approach. In Table 4, we compare the security attacks and features based comparison of the present scheme with related schemes, such as Fouda et al. (2011), Chim et al. (2011), Sule et al. (2012), Mahmood et al. (2016) and Li et al. (2017). It is noting that Fouda et al. (2011) does not stand with US; ME; IN; PB. Chim et al. (2011) does not stand with US; IM; SA; MM; PB. Sule et al. scheme does not stand with US; ME; SA; IN and PB and Mahmood et al. scheme does not gives the protection against US; SA; IN and PB. Whereas, Li et al. (2017) protocol does not provide password information.
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013
6
A.A. Khan et al. / Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx
Table 4 Comparison of security properties. Security property RP US KF ME IM SA IN MM PB
Fouda et al. (2011) p
Chim et al. (2011) p
Sule et al. (2012) p
Mahmood et al. (2016) p
p
p p
p p
p p p
p
p
Li et al. (2017) p p p p p p p p
p p p
p
Proposed p p p p p p p p p
p Note ) : Prevent the attack and : Does not prevent the attack. MM: Man-in-the middle attack; RP: Replay attack; US: User anonymity; KF: Key freshness; ME: Message authentication; IM: Impersonation attack; SA: Session key agreement; IN: Insider attack; PB: Password -based.
Table 5 Comparison of computational cost with various authentication protocols. Operations Fouda et al. (2011) Chim et al. (2011) Sule et al. (2012) Mahmood et al. (2016) Li et al. (2017) Proposed
Table 6 communication cost comparison.
Computational Cost (ms)
4T ME þ 4T PKED þ 2T HO 4T PKED þ 2T HMAC 4T ME þ 4T PKED þ 2T HMAC 6T ME þ 4T ESED þ 2T HO þ 2T HMAC
ffi 30:8046 ffi 15:4092 ffi 30:8092 ffi 23:1322
7T ME þ 6T HO 4T PM þ 7T HO
ffi 26:9638 ffi 8:9201
Forwarded messages Fouda et al. (2011) Chim et al. (2011) Sule et al. (2012) Mahmood et al. (2016) Li et al. (2017) Proposed
Communication costs in bits
3 3 3 2 2 2
3744 4448 4416 4768 2752 1152
T PM : time for point multiplication ffi 2.226 ms T HO : time for hash operation ffi 0.0023 ms 5.2. Computational cost comparison In this phase, we compare the computational cost with related protocols which illustrated in Table 5. The efficiency of the proposed protocol given in Fig. 1. The computational costs based on Kilinc and Yanik (2014) in which they performed on the system with pentium dual core E2200 2.20 GHz processor and 2 GB RAM. T PA : time for point addition ffi 0.0288 ms T ESED : execution time of symmetric encryption/decryption ffi 0.0046 ms T HMAC : time for HMAC operation ffi 0.0046 ms T ME : modular exponentiation time ffi 3.85 ms T PKED : execution time of public key encryption/decryption ffi 3.85 ms
5.3. Communication cost comparison In this phase, we compare communication cost with related protocols which illustrated in Table 6. The efficiency of proposed protocol given in Fig. 2. The communication cost of different attributes based on Mahmood et al. (2016) listed below as:
Generated random number takes 128 bits. Cryptographic hash function takes 160 bits. Identifier takes 64 bits. ECC point takes 320 bits. Time-stamp takes 32 bits. ECC encryption/decryption takes 320 bits.
Fig. 1. Computational cost comparison.
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013
A.A. Khan et al. / Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx
7
Fig. 2. Communication cost comparison.
6. Conclusion Smart grid is an ideal framework in our rapidly Internet associated community, and ensuring the security and privacy of smart grids is a topic of more interest to governments industry, academia and etc. For secure communication between user and server, we proposed an ECC-based mutual authentication scheme for smart grid environment using biometric approach. Further, we proved that the proposed protocol stands with various security attacks. Also, we have compared the security properties with other existing protocols which show that our protocol is more secure in SG environment. Furthermore, the proposed protocol has much less computation and communication costs compared to other existing protocols. Results suggest that the proposed protocol is more efficient for SG communication. Hence, the proposed scheme is more appropriate for practical application in smart grid network security as compared to other schemes. Conflict of interest None. Acknowledgments We would like to thank Editor-in-Chief: Prof. Nasser-Eddine Rikli and anonymous reviewers for their valuable comments and suggestions that have resulted in the improvement of this manuscript. The author acknowledges Ms. Sonica Tyagi and Mrs. Adesh Kumari, Jamia Millia Islamia, New Delhi for valuable suggestions. References Cappers, P., 2011. Mass market demand response and variable generation integration issues: a scoping study, lawrence berkeley national laboratory. URL:https://escholarship.org/uc/item/2pg826r9. Al-Agtash, S., 2013. Electricity agents in smart grid markets. Comput. Ind. 64 (3), 235–241. Islam, S.H., Biswas, G., 2014. Dynamic id-based remote user mutual authentication scheme with smartcard using elliptic curve cryptography. J. Electron. 31 (5), 473–488. Islam, S.H., Khan, M.K., Obaidat, M.S., Muhaya, F.T.B., 2015. Provably secure and anonymous password authentication protocol for roaming service in global mobility networks using extended chaotic maps. Wireless Pers. Commun. 84 (3), 2013–2034. He, D., Zeadally, S., Kumar, N., Lee, J.-H., 2017. Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J. 11 (4), 2590– 2601.
Madhusudhan, R., Hegde, M., 2017. Security bound enhancement of remote user authentication using smart card. J. Inf. Secur. Appl. 36, 59–68. Saxena, N., Choi, B.J., Lu, R., 2016. Authentication and authorization scheme for various user roles and devices in smart grid. IEEE Trans. Inf. Forensics Secur. 11 (5), 907–921. Mishra, D., Das, A.K., Mukhopadhyay, S., 2014. A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst. Appl. 41 (18), 8129–8143. Li, C.-T., Hwang, M.-S., 2010. An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33 (1), 1–5. Li, V.O., Wu, F.F., Zhong, J., 2010. Communication requirements for risk-limiting dispatch in smart grid. In: 2010 IEEE International Conference on Communications Workshops. IEEE, pp. 1–5. Wu, D., Zhou, C., 2011. Fault-tolerant and scalable key management for smart grid. IEEE Trans. Smart Grid 2 (2), 375–381. Xia, J., Wang, Y., 2012. Secure key distribution for the smart grid. IEEE Trans. Smart Grid 3 (3), 1437–1443. Park, J.H., Kim, M., Kwon, D., 2013. Security weakness in the smart grid key distribution scheme proposed by Xia and Wang. IEEE Trans. Smart Grid 4 (3), 1613–1614. Fouda, M.M., Fadlullah, Z.M., Kato, N., Lu, R., Shen, X.S., 2011. A lightweight message authentication scheme for smart grid communications. IEEE Trans. Smart Grid 2 (4), 675–685. Chim, T.W., Yiu, S.-M., Hui, L.C., Li, V.O., 2011. Pass: privacy-preserving authentication scheme for smart grid network. In: Smart Grid Communications (SmartGridComm), 2011 IEEE International Conference on. IEEE, pp. 196–201. Sadhukhan, D., Ray, S., 2018. Cryptanalysis of an elliptic curve cryptography based lightweight authentication scheme for smart grid communication. In: 2018 4th International Conference on Recent Advances in Information Technology (RAIT). IEEE, pp. 1–6. Sule, R., Katti, R.S., Kavasseri, R.G., 2012. A variable length fast message authentication code for secure communication in smart grids. In: Power and Energy Society General Meeting. IEEE, pp. 1–6. Nicanfar, H., Leung, V.C., 2013. Multilayer consensus ecc-based password authenticated key-exchange (mcepak) protocol for smart grid system. IEEE Trans. Smart Grid 4 (1), 253–264. Nicanfar, H., Leung, V.C., 2014. Password-authenticated cluster-based group key agreement for smart grid communication, security and communication networks 7 (1), 221–233. Mahmood, K., Chaudhry, S.A., Naqvi, H., Shon, T., Ahmad, H.F., 2016. A lightweight message authentication scheme for smart grid communications in power sector. Comput. Electr. Eng. 52, 114–124. Li, X., Wu, F., Kumari, S., Xu, L., Sangaiah, A.K., Choo, K.-K.R., 2017. A provably secure and anonymous message authentication scheme for smart grids. J. Parallel Distrib. Comput. https://doi.org/10.1016/j.jpdc.2017.11.008. Dodis, Y., Reyzin, L., Smith, A., 2004. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp. 523–540. He, D., Kumar, N., Lee, J.-H., Sherratt, R.S., 2014. Enhanced three-factor security protocol for consumer usb mass storage devices. IEEE Trans. Consum. Electron. 60 (1), 30–37. Das, A.K., 2017. A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. Int. J. Commun. Syst. 30, (1) e2933. Kumar, V., Jangirala, S., Ahmad, M., 2018. An efficient mutual authentication framework for healthcare system in cloud computing. J. Med. Syst. 42 (8), 142. Kumar, V., Ahmad, M., Kumar, P., 2019. An identity-based authentication framework for big data security. In: Proceedings of 2nd International
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013
8
A.A. Khan et al. / Journal of King Saud University – Computer and Information Sciences xxx (xxxx) xxx
Conference on Communication, Computing and Networking. Springer, pp. 63– 71. Kumar, V., Ahmad, M., Kumari, A., 2013. A new identity-based secure authenticated framework in ecc. Int. J. Eng. Res. Appl. 3 (2), 41–44. Kumar, V., Ahmad, M., Kumari, A., 2018. A secure elliptic curve cryptography based mutual authentication protocol for cloud-assisted tmis. Telematics Inf. Elsevier. https://doi.org/10.1016/j.tele.2018.09.001. He, D., Wang, H., Khan, M.K., Wang, L., 2016. Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography. IET Commun. 10 (14), 1795–1802.
Cho, E.M., San, L., Koshiba, T., 2018. Non-transferable proxy re-encryption for multiple groups. Int. J. Space-Based Situated Comput. 8 (1), 20–29. Liang, X., Lu, R., Lin, X., Shen, X., 2010. Message authentication with nontransferability for location privacy in mobile ad hoc networks IEEE Global Telecommunications Conference GLOBECOM 2010. IEEE 2010, 1–5. Wang, H., Zheng, Z., Wang, Y., 2017. Cloud-aided online/offline ciphertext-policy attribute-based encryption in the standard model. Int. J. Grid Util. Comput. 8 (3), 211–221. Kilinc, H.H., Yanik, T., 2014. A survey of sip authentication and key agreement schemes. IEEE Commun. Surveys Tutor. 16 (2), 1005–1023.
Please cite this article as: A. A. Khan, V. Kumar and M. Ahmad, An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach, Journal of King Saud University – Computer and Information Sciences, https://doi.org/10.1016/j.jksuci.2019.04.013