一种高效的智能电网匿名无证书认证与密钥协议方案

IF 4 3区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computers & Electrical Engineering Pub Date : 2025-05-01 DOI:10.1016/j.compeleceng.2025.110369

Qingfeng Cheng , Yuqian Ma , Fushan Wei , Xinghua Li

{"title":"一种高效的智能电网匿名无证书认证与密钥协议方案","authors":"Qingfeng Cheng , Yuqian Ma , Fushan Wei , Xinghua Li","doi":"10.1016/j.compeleceng.2025.110369","DOIUrl":null,"url":null,"abstract":"<div><div>With the vibrant development of the Internet, smart grids have been provided with a suitable environment to flourish. Smart meters record and transmit electricity consumption information and send it to gateways and service providers. Power suppliers process the data to evaluate and predict the frequency of electricity consumption by users, to save resources. However, the power consumption information contained in the data may reveal users’ identity, community address or the frequency at home. If malicious attackers get these messages, the residential safety will be greatly threatened. Therefore, data needs to be protected. Authentication and key agreement protocol is a promising solution, which first realizes mutual authentication between communication parties, and then establishes a session key between them to protect transmitted data. Recently, Chai et al. proposed an authentication scheme based on SM2 authentication key exchange (AKE) protocol. Unfortunately, after our analysis, it is difficult to achieve forward security as they stated. Specifically, if the long term key of the communicating smart meter is leaked, the adversary can recover the session keys established before. Further, we propose a provable secure certificateless authentication and key agreement scheme. The security of the proposed scheme is analyzed by provable security and BAN logic. Compared with the existing scheme, our proposed scheme can achieve a better balance from the security properties, communication cost, and computation cost three aspects.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"124 ","pages":"Article 110369"},"PeriodicalIF":4.0000,"publicationDate":"2025-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An efficient anonymous certificateless authentication and key agreement scheme for smart grids\",\"authors\":\"Qingfeng Cheng , Yuqian Ma , Fushan Wei , Xinghua Li\",\"doi\":\"10.1016/j.compeleceng.2025.110369\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>With the vibrant development of the Internet, smart grids have been provided with a suitable environment to flourish. Smart meters record and transmit electricity consumption information and send it to gateways and service providers. Power suppliers process the data to evaluate and predict the frequency of electricity consumption by users, to save resources. However, the power consumption information contained in the data may reveal users’ identity, community address or the frequency at home. If malicious attackers get these messages, the residential safety will be greatly threatened. Therefore, data needs to be protected. Authentication and key agreement protocol is a promising solution, which first realizes mutual authentication between communication parties, and then establishes a session key between them to protect transmitted data. Recently, Chai et al. proposed an authentication scheme based on SM2 authentication key exchange (AKE) protocol. Unfortunately, after our analysis, it is difficult to achieve forward security as they stated. Specifically, if the long term key of the communicating smart meter is leaked, the adversary can recover the session keys established before. Further, we propose a provable secure certificateless authentication and key agreement scheme. The security of the proposed scheme is analyzed by provable security and BAN logic. Compared with the existing scheme, our proposed scheme can achieve a better balance from the security properties, communication cost, and computation cost three aspects.</div></div>\",\"PeriodicalId\":50630,\"journal\":{\"name\":\"Computers & Electrical Engineering\",\"volume\":\"124 \",\"pages\":\"Article 110369\"},\"PeriodicalIF\":4.0000,\"publicationDate\":\"2025-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Electrical Engineering\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S004579062500312X\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Electrical Engineering","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S004579062500312X","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

随着互联网的蓬勃发展，为智能电网的蓬勃发展提供了适宜的环境。智能电表记录和传输电力消耗信息，并将其发送到网关和服务提供商。供电商对数据进行处理，评估和预测用户用电频率，节约资源。然而，数据中包含的电力消耗信息可能会泄露用户的身份、社区地址或家中的频率。如果恶意攻击者获得这些信息，将极大地威胁居民的安全。因此，需要对数据进行保护。认证与密钥协商协议是一种很有前途的解决方案，它首先实现通信双方之间的相互认证，然后在通信双方之间建立会话密钥来保护传输的数据。最近，Chai等人提出了一种基于SM2认证密钥交换（AKE）协议的认证方案。不幸的是，经过我们的分析，很难实现他们所说的向前安全。具体来说，如果通信智能电表的长期密钥泄露，攻击者可以恢复之前建立的会话密钥。在此基础上，提出了一个可证明的安全的无证书认证和密钥协议方案。采用可证明安全性和BAN逻辑分析了该方案的安全性。与现有方案相比，本文提出的方案从安全性、通信成本和计算成本三个方面实现了较好的平衡。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An efficient anonymous certificateless authentication and key agreement scheme for smart grids

With the vibrant development of the Internet, smart grids have been provided with a suitable environment to flourish. Smart meters record and transmit electricity consumption information and send it to gateways and service providers. Power suppliers process the data to evaluate and predict the frequency of electricity consumption by users, to save resources. However, the power consumption information contained in the data may reveal users’ identity, community address or the frequency at home. If malicious attackers get these messages, the residential safety will be greatly threatened. Therefore, data needs to be protected. Authentication and key agreement protocol is a promising solution, which first realizes mutual authentication between communication parties, and then establishes a session key between them to protect transmitted data. Recently, Chai et al. proposed an authentication scheme based on SM2 authentication key exchange (AKE) protocol. Unfortunately, after our analysis, it is difficult to achieve forward security as they stated. Specifically, if the long term key of the communicating smart meter is leaked, the adversary can recover the session keys established before. Further, we propose a provable secure certificateless authentication and key agreement scheme. The security of the proposed scheme is analyzed by provable security and BAN logic. Compared with the existing scheme, our proposed scheme can achieve a better balance from the security properties, communication cost, and computation cost three aspects.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computers & Electrical Engineering 工程技术-工程：电子与电气

CiteScore

9.20

自引率

7.00%

发文量

661

审稿时长

47 days

期刊介绍： The impact of computers has nowhere been more revolutionary than in electrical engineering. The design, analysis, and operation of electrical and electronic systems are now dominated by computers, a transformation that has been motivated by the natural ease of interface between computers and electrical systems, and the promise of spectacular improvements in speed and efficiency. Published since 1973, Computers & Electrical Engineering provides rapid publication of topical research into the integration of computer technology and computational techniques with electrical and electronic systems. The journal publishes papers featuring novel implementations of computers and computational techniques in areas like signal and image processing, high-performance computing, parallel processing, and communications. Special attention will be paid to papers describing innovative architectures, algorithms, and software tools.