Cryptanalysis of an elliptic curve cryptography based lightweight authentication scheme for smart grid communication

Abstract

In 2017, Mahmood et al have proposed an authentication scheme for providing comprehensive security requirements in communication between consumer and substations of smart grid environment to enable appropriate adjustment in electricity generation and consistent power supply in smart cities [1]. It is claimed that the scheme provides a secure remote user authentication and key agreement for the smart grids and is able to withstand all the known security attacks. In this paper we have analyzed the Mahmood et al scheme and it is found that the scheme is vulnerable to some security flaws such as user impersonation attack, known session specific temporary information attack, server masquerading attack, privileged insider attack, stolen smart card/device attack, clock synchronization problem and inability to protect user anonymity.