在Yan等人的智能电网轻量级AKA方案中，对智能电表的控制是如何丢失的

2017 9th International Conference on Information and Knowledge Technology (IKT) Pub Date : 2017-10-01 DOI:10.1109/IKT.2017.8258622

Mahyar Shariat, M. Safkhani

{"title":"在Yan等人的智能电网轻量级AKA方案中，对智能电表的控制是如何丢失的","authors":"Mahyar Shariat, M. Safkhani","doi":"10.1109/IKT.2017.8258622","DOIUrl":null,"url":null,"abstract":"The emerging Internet of Things (IoT) offers major improvements to many applications such as Smart Grid. The discovery of security threats are becoming a challenge to fulfill the purpose of the IoT ecosystem. Designing lightweight Authentication and Key Agreement (AKA) protocols are critical to establish mutual authentication while reducing overloads on particular constrained devices including Smart Meters. The Yan et al. lightweight AKA scheme was proposed to provide mutual authentication along with multicast mechanism and other features for Smart Grids which facilitates power management while maintaining it's security and privacy. However, in this paper we show that the Yan et al. lightweight AKA scheme is vulnerable to replay attack in the multicast key generation phase in which the control over Smart Meters could be lost. Specifically, in this scheme, the attacker is able to interrupt the multicast messages without revealing the interruption to the Building Area Network (BAN) gateway. So, the desired Smart Meters do not receive any emergency multicast messages during power outages for a while. So there is a disturbance in the Smart Grid that could result in a Denial of Service (DoS) attack.","PeriodicalId":338914,"journal":{"name":"2017 9th International Conference on Information and Knowledge Technology (IKT)","volume":"238 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"How the control over smart meters is lost in the Yan et al. lightweight AKA scheme for smart grids\",\"authors\":\"Mahyar Shariat, M. Safkhani\",\"doi\":\"10.1109/IKT.2017.8258622\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The emerging Internet of Things (IoT) offers major improvements to many applications such as Smart Grid. The discovery of security threats are becoming a challenge to fulfill the purpose of the IoT ecosystem. Designing lightweight Authentication and Key Agreement (AKA) protocols are critical to establish mutual authentication while reducing overloads on particular constrained devices including Smart Meters. The Yan et al. lightweight AKA scheme was proposed to provide mutual authentication along with multicast mechanism and other features for Smart Grids which facilitates power management while maintaining it's security and privacy. However, in this paper we show that the Yan et al. lightweight AKA scheme is vulnerable to replay attack in the multicast key generation phase in which the control over Smart Meters could be lost. Specifically, in this scheme, the attacker is able to interrupt the multicast messages without revealing the interruption to the Building Area Network (BAN) gateway. So, the desired Smart Meters do not receive any emergency multicast messages during power outages for a while. So there is a disturbance in the Smart Grid that could result in a Denial of Service (DoS) attack.\",\"PeriodicalId\":338914,\"journal\":{\"name\":\"2017 9th International Conference on Information and Knowledge Technology (IKT)\",\"volume\":\"238 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 9th International Conference on Information and Knowledge Technology (IKT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IKT.2017.8258622\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 9th International Conference on Information and Knowledge Technology (IKT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IKT.2017.8258622","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

新兴的物联网(IoT)为智能电网等许多应用提供了重大改进。安全威胁的发现正在成为实现物联网生态系统目标的挑战。设计轻量级身份验证和密钥协议(AKA)协议对于建立相互身份验证至关重要，同时减少特定受限设备(包括智能电表)上的过载。Yan等人提出了轻量级AKA方案，为智能电网提供相互认证以及组播机制等特性，方便了电源管理，同时保持了其安全性和隐私性。然而，在本文中，我们表明Yan等轻量级AKA方案在组播密钥生成阶段容易受到重放攻击，在此阶段对智能电表的控制可能会丢失。具体来说，在该方案中，攻击者能够在不向BAN (Building Area Network)网关透露中断的情况下中断组播消息。因此，所需的智能电表在停电期间暂时不会接收任何紧急多播消息。因此，智能电网中的干扰可能导致拒绝服务(DoS)攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

How the control over smart meters is lost in the Yan et al. lightweight AKA scheme for smart grids

The emerging Internet of Things (IoT) offers major improvements to many applications such as Smart Grid. The discovery of security threats are becoming a challenge to fulfill the purpose of the IoT ecosystem. Designing lightweight Authentication and Key Agreement (AKA) protocols are critical to establish mutual authentication while reducing overloads on particular constrained devices including Smart Meters. The Yan et al. lightweight AKA scheme was proposed to provide mutual authentication along with multicast mechanism and other features for Smart Grids which facilitates power management while maintaining it's security and privacy. However, in this paper we show that the Yan et al. lightweight AKA scheme is vulnerable to replay attack in the multicast key generation phase in which the control over Smart Meters could be lost. Specifically, in this scheme, the attacker is able to interrupt the multicast messages without revealing the interruption to the Building Area Network (BAN) gateway. So, the desired Smart Meters do not receive any emergency multicast messages during power outages for a while. So there is a disturbance in the Smart Grid that could result in a Denial of Service (DoS) attack.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 9th International Conference on Information and Knowledge Technology (IKT)

自引率

0.00%

发文量