Mubeen Javed, Muhammad Arslan Akram, Adnan Noor Mian, Saru Kumari
{"title":"论 V2G 网络新型隐私保护认证方案的安全性","authors":"Mubeen Javed, Muhammad Arslan Akram, Adnan Noor Mian, Saru Kumari","doi":"10.1002/spy2.357","DOIUrl":null,"url":null,"abstract":"Vehicle‐to‐grid (V2G) network has a clear advantage in terms of economic advantages, it has attracted the interest of electric vehicle (EV) and power grid users. However, numerous security concerns limit its further progress. In existing V2G protocols a trusted third party independently generates the master key of the system, so if the adversary compromises the third party, then the system may become vulnerable to system master key leakage attack. Recently, Su et al. presented a privacy‐preserving mutual authentication protocol for V2G networks. Firstly, we crypt‐analysis Su et al.'s protocol and show that their protocol is vulnerable to several security attacks such as the reveal of the master secret key, impersonation attacks and the incorrect notion of EV's anonymity and traceability and does not meet the security features they claimed in their paper. Secondly, we verify that Su et al.'s protocol is unsafe against impersonation attacks, system key leakage, and electrical vehicle anonymity attack using the AVISPA tool.","PeriodicalId":506233,"journal":{"name":"SECURITY AND PRIVACY","volume":"32 6","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-11-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"On the security of a novel privacy‐preserving authentication scheme for V2G networks\",\"authors\":\"Mubeen Javed, Muhammad Arslan Akram, Adnan Noor Mian, Saru Kumari\",\"doi\":\"10.1002/spy2.357\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Vehicle‐to‐grid (V2G) network has a clear advantage in terms of economic advantages, it has attracted the interest of electric vehicle (EV) and power grid users. However, numerous security concerns limit its further progress. In existing V2G protocols a trusted third party independently generates the master key of the system, so if the adversary compromises the third party, then the system may become vulnerable to system master key leakage attack. Recently, Su et al. presented a privacy‐preserving mutual authentication protocol for V2G networks. Firstly, we crypt‐analysis Su et al.'s protocol and show that their protocol is vulnerable to several security attacks such as the reveal of the master secret key, impersonation attacks and the incorrect notion of EV's anonymity and traceability and does not meet the security features they claimed in their paper. Secondly, we verify that Su et al.'s protocol is unsafe against impersonation attacks, system key leakage, and electrical vehicle anonymity attack using the AVISPA tool.\",\"PeriodicalId\":506233,\"journal\":{\"name\":\"SECURITY AND PRIVACY\",\"volume\":\"32 6\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-11-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"SECURITY AND PRIVACY\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1002/spy2.357\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"SECURITY AND PRIVACY","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/spy2.357","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
车辆到电网(V2G)网络具有明显的经济优势,吸引了电动汽车(EV)和电网用户的兴趣。然而,众多安全问题限制了它的进一步发展。在现有的 V2G 协议中,受信任的第三方独立生成系统的主密钥,因此,如果对手破坏了第三方,那么系统就可能受到系统主密钥泄漏攻击。最近,Su 等人提出了一种用于 V2G 网络的保护隐私的相互认证协议。首先,我们对 Su 等人的协议进行了密码分析,结果表明他们的协议容易受到几种安全攻击,如主秘钥泄露、冒名顶替攻击以及错误的电动汽车匿名性和可追溯性概念,不符合他们在论文中声称的安全特性。其次,我们使用 AVISPA 工具验证了 Su 等人的协议对冒名攻击、系统密钥泄漏和电动汽车匿名攻击不安全。
On the security of a novel privacy‐preserving authentication scheme for V2G networks
Vehicle‐to‐grid (V2G) network has a clear advantage in terms of economic advantages, it has attracted the interest of electric vehicle (EV) and power grid users. However, numerous security concerns limit its further progress. In existing V2G protocols a trusted third party independently generates the master key of the system, so if the adversary compromises the third party, then the system may become vulnerable to system master key leakage attack. Recently, Su et al. presented a privacy‐preserving mutual authentication protocol for V2G networks. Firstly, we crypt‐analysis Su et al.'s protocol and show that their protocol is vulnerable to several security attacks such as the reveal of the master secret key, impersonation attacks and the incorrect notion of EV's anonymity and traceability and does not meet the security features they claimed in their paper. Secondly, we verify that Su et al.'s protocol is unsafe against impersonation attacks, system key leakage, and electrical vehicle anonymity attack using the AVISPA tool.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
