Professional Documents
Culture Documents
Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovations
Abstract—Smart Grid (SG) technology has been developing high-tech products in daily life. However, the normal use of
for years, which facilitates users with portable access to power high-tech products cannot be separated from stable electric
through being applied in numerous application scenarios, one of power support, which means that human beings need strong
which is the electric vehicle charging. In order to ensure the se-
curity of the charging process, users need authenticating with the and reliable power supply. Driven by this huge demand for
smart meter for the subsequent communication. Although there electricity, Smart Grid (SG) is the inevitable product which
are many researches in this field, few of which have endeavored is attracting more and more attention from governments,
to protect the anonymity and the untraceability of users during power companies and research institutions. In the last two
the authentication. Further, some studies consider the problem years, it has become the research focus in the field of power
of user anonymity, but they are non-light-weight protocols, even
some can not assure any fairness in key agreement. In this transmission, control equipment and communication security
paper, we first points out that existing authentication schemes [1].
for Smart Grid are neither lack of critical security nor short SG is a new type of power grid with advanced sensor
of important property such as untraceability, then we propose measurement technology, communication technology, infor-
a new two-factor lightweight user authentication scheme based mation technology, computer technology and control technol-
on password and biometric. The authentication process of the
proposed scheme includes four message exchanges among the ogy, which based on the physical grid. Compared with the
user mobile, smart meter and the cloud server, and then a security traditional power grid, the most important point of smart grid
one-time session key is generated for the followed communication is data interaction. The data flow and the energy flow among
process. Moreover, the scheme has some new features, such as the the SG is shown in Fig 1. Through the large data platform
protection of the user’s anonymity and untraceability. Security with cloud computing technology, technicians can observe the
analysis shows that our proposed scheme can resist various
well-known attacks and the performance analysis shows that state of the power flow in the whole network, which makes
compared to other three schemes, our scheme is more lightweight, the grid more intelligent. The enhancement of data interaction
secure and efficient. is a double-edged sword. While SG bringing many benefits to
Index Terms—smart grid, cloud server, two-factor user authen- the society, it faces more security problems [2] and challenges
tication, lightweight encryption, anonymous and untraceability [3]. For example, the protection of power grid user privacy, the
security of data communication, the authentication of power
I. I NTRODUCTION grid equipment, the authentication of user identity, etc., and
With the continuous progress of the rapid development of the most critical issue is the authentication of SG. And recent
social economy, science and technology, human beings are years, electric vehicle charging becomes one of the emerging
more and more inseparable from the support and the help of applications of SG [4], [5].
In this paper, to solve the security problem between the
smart meter and the user mobile, taking the architecture of
822
environment. After the successful authentication between the NT A and hand out it to all the cloud server through the
Ui and the SMj , a session key SKij will be established for asymmetric encryption system established.
their future secure communications.
B. Registration phase
To access SMj , Ui needs to register at the trusted authority
securely in person or via a secure channel. The steps of the
&ORXG6HYHU registration phase are given below.
8WLOLW\
FRPSDQ\ 1) Step REG1: Ui first chooses a unique identity ID and a
secure collision resistant hash function h (.)(We assume that
is SHA−3 [20] hash function), then Ui computes the IDi =
h (ID) and sends the registration request IDi , h (.) to the
trusted authority through a secure channel.
6PDUWPHWHU
2) Step REG2: When the trusted authority receives the
registration from the Ui , the trusted authority computes the
&KDUJLQJVWDWLRQ T Ki = h (IDi ||Ri ) and the SKi = h(IDi ||NT A ), where the
8VHUZLWK Ri is random values generated by the trusted authority and
0RELOHGHYLFH
the NT A is generated during the phase of Pre-deployment.
'DWDIORZ
(QHUJ\IORZ After that, the trusted authority generates a set of pseudo-IDS
P ID = {pid1 , pid2 ...}, pidj ∈ P ID.Then T A computes the
Fig. 2. The network model for SG environment. pidj = T Ki ⊕ (IDi ||mi )NT A , the mi is one of a series of
secret random number generated by the trusted authority and
There are four entities to be involved: the trusted authority is used for deriving the pseudo-ID pidj . We note that every mi
(T A), the cloud server (CS), the user’s mobile device (M D) is different from others and the mi do not need to be stored.
and the smart meter (SM ). The scheme includes six phases: At last, the trusted authority sends a smart card to the M Di
1) Pre-deployment; 2) Registration phase; 3) Login phase; in a secure channel, which includes {T Ki , SKi , h (.) , P ID}.
4) Authentication phase; 5) Session key update phase; 6) 3) Step REG3: After the M Di receives the smart card, it
Password and biometric change phase; The notations listed asks the user to enter a password P Wi and imprint personal
in Table I are used in our scheme. We assumed that all the biometrics BIOi at the sensor of M Di , then the M Di
network entities are synchronized with their clocks. computes the RP Wi = h (P Wi ||ni ) and applies the fuzzy
extractor probabilistic generation function Gen (.) to generate
TABLE I the secret biometric key σi and the corresponding public
N OTATION USED IN THIS PAPER parameter τi . The ni is a random secret generated by the
M Di . The detail of the function Gen (.) and the Rep (.) will
Notation Description be found in [24]. Next, the M Di will compute:
TA Trusted authority
Ui , SMj ith user and j th smart meter SKi ∗ = h (IDi ||RP Wi ||σi ) ⊕ SKi (1)
M D, IDi , P Wi Ui ’s mobile device, identity and password
TA Timestamp generated by an entity A CIi = h (IDi ||RP Wi ||σi ) ⊕ T Ki (2)
(X)K Encrypting a message X using a symmetric key K BIi = h (IDi ||σi ) ⊕ ni (3)
EK (X) Encrypting a message X using a asymmetric key K
h (.) A one-way hash function Hi = h (T Ki ) (4)
|| A concatenation operator
⊕ XOR operator Finally, the M Di replaces T Ki , SKi with the {BIi , CIi , Hi }
Gen (.) Fuzzy extractor probabilistic generation procedure and the SKi ∗ , simultaneously, the M Di enters the
Rep (.) Fuzzy extractor deterministic reproduction procedure
σi Biometric secret key of Ui τi to the smart card. So the smart card contains
τi Public reproduction parameter of Ui {BIi , CIi , Hi , SKi ∗ , h (.) , P ID, τi } now.
C. Login phase
When the user approach to the smart meter, and he/she
A. Pre-deployment want his/her automobile to get charged, so he/she needs to
In this phase, each smart meter chooses a private key SSM , get the authentication from the SM through CS before the
and each cloud server chooses a private key SCS , and then they SM begins to provide charging service. The following steps
compute the public key PSM and the PCS , then the CertSM are executed in the login phase by the M Di .
for the smart meter and the CertCS for the cloud server 1) Step L1: The M Di first asks the user Ui to provide
should be certified by the trusted authority. The certificate his/her identity IDi , and then asks the user to input password
Cert contains the identity ID and the public key P . In this P Wi ∗ into the M Di by the mobile device’s peripherals.
paper, we suggest that the Elliptic Curve Cryptosystem (ECC) Finally it let the user imprint his/her biometric BIOi ∗ at the
will be used in the asymmetric encryption part. Meanwhile, sensor of the M Di . After that, the MD will obtain the user’s
the trusted authority will generate a l-bits secret random values input {IDi , P Wi ∗ , BIOi ∗ }.
823
2) Step L2: The M Di first extracts the biometric key m3 = {W, TCS , CertCS , ESCS (h(W, TCS , CertCS ))} to the
σi ∗ = Rep (BIOi ∗ , τi ), then M Di figures out the ni ∗ = corresponding SM .
BIi ⊕ h (IDi ||σi ∗ ), RP Wi ∗ =h (P Wi ∗ ||ni ∗ ), T Ki ∗ = 4) Step ACK4: After receiving the m3 from the CS,
h (IDi ||RP Wi ∗ ||σi ∗ ) ⊕ CIi and Hi ∗ = h (T Ki ∗ ). After the the SM checks the timestamp TCS and verifies the signa-
computations, M Di checks whether the Hi ∗ = Hi holds or ture using the CS ’s public key. If one of them do not
not. If it holds, the user passes both password and the biometric meet the validity requirements, the message will be rejected.
verification. Otherwise, the session will be terminated. Otherwise, the SM decrypts the W using its private key
3) Step L3: At the final of the phase, the IDi computes the to obtain the h (n ⊕ IDF S ) and χ0 . Thus, SM can com-
SKi = h(IDi ||RP Wi ||σi ) ⊕ SKi ∗ while generating a times- pute the session key k = h (h (n ⊕ IDCS ) ||χ0 ) and the
tamp TM D and a secret random number χ0 . Then the M Di m4 = (T CertM D ||h (χ0 ||ρ0 ) ||ρ0 )k , where the T CertM D is
computes the L = h (TM D ⊕ SKi ) as the user’s temporary a message that includes lifetime and other information of the
key and generates the E = (h (IDi ) ||IDSM ||χ0 )L .Then the session and the ρ0 is a random number generated by the CS.
M Di chooses one of the unused pseudo identities pidj ∈ At last, the SM sends the m4 to the M Di .
P ID to compute the s = pidj ⊕ T Ki ∗ . After that, the 5) Step ACK5: Finally, the M Di receives the m4 , and it
IDi sends a login message m1 = {s, E, TM U } to the smart generates the k using the s and the χ0 , which are stored in its
meter which the user wants to get charged. We note that RAM. So it can decrypt the m4 to obtain the T CertM D and
the symmetric encryption algorithm we used at this paper is the ρ0 . Meanwhile, the M Di can computer the h (χ0 ||ρ0 ),
Advanced Encryption Standard (AES). which χ0 is stored in its RAM. And the M Di compares it
with the h (χ0 ||ρ0 ) received. If it does not hold, the SM is not
D. Authentication phase certified, and the M Di will terminate the process. Otherwise,
This phase (shown in Fig 3) helps establish a session key the M Di has finished the authentication to the SM by the
between user and the smart meter. After the SM receiving the CS and a session key is established between the M Di and
login message m1 , the following steps are executed. the SM .
1) Step ACK1: SM first checks the timeliness of TM D
by the condition |TM D − TM D ∗ | < ΔT , where ΔT is the IV. S ECURITY A NALYSIS
maximum transmission delay be defined in advance and the This section shows the ability of our protocol to resist
TM D ∗ is the time when the m1 arrive at the SM . If it holds, various well-known attacks, and it is essential to offer a secure
the SM computers the n = s ⊕ IDCS , where the IDCS is communication environment in SG. We follow the well-know
the identity ID of the cloud server that the SM belonging random oracle model to prove the safety of our scheme. The
to. Then it signs the message h(n, E, TM D , TSM , CertSM ) interaction of adversaries and protocol participants is achieved
using its private key, where the TSM is a timestamp generated through the query of the oracles, which mimics the adversary’s
by the SM . Finally, the SM sends the message m2 = ability in real attacks. For more details on the threat model,
{n, E, TM D , TSM , ESSM (h(n, E, TM D , TSM , CertSM )), please refer to [22].
CertSM } to the cloud server.
2) Step ACK2: With the message m2 arriving at the CS, A. Our scheme achieves the mutual authentication mecha-
the CS verifies the timestamp TSM using the procedure nism.
introduced in Step ACK1. Then it checks whether the cer- 1) : In the absence of symmetric encryption keys and the
tification CertSM is valid or not. At the last, it verifies the password are security, the attacker cannot impersonate the user
signature using SM ’s public key. If among the three TSM , to cheat the SM .
CertSM or the signature is invalid, the CS will drop the To accomplish this goal, the attacker need to obtain the
message. Otherwise, the CS computes the n ⊕ IDCS to get correct value of the s by querying the random oracle. In our
the (IDi ||mi )NT A .The CS decrypts (IDi ||mi )NT A with the design, the s adopts password-based symmetric encryption
NT A stored formerly, so that the CS will get the user’s identity protection. CS can extract IDi from s and verify its validity.
IDi . Subsequently, the CS verifies whether the user is a legal This means that the calculation using the wrong encryption
user through the IDi . If it is invalid, the CS will terminate key can be detected. Therefore, the probatilistic advantage for
the execution. an attacker to successfully forging this message is csend
|D| , and
3) Step ACK3: In this step, the session key will be es- csend is the times of the attacker performs send queries, and
tablished and sent to the corresponding SM . Firstly, the CS |D| is the size of the password dictionary. This probability is
generates L = h (TM D ⊕ h(IDi ||NT A )) and it uses the L unavoidable in the password-based protocol.
to decrypt the E, then the CS will obtain h (IDi ), IDSM 2) : Without obtaining the symmetric encryption key, no
and χ0 . After performing the above operation, CS checks the attacker can imitate to generate a common session key with
IDSM and the identity stored in CertSM . If it does not hold, the mobile user in the last step.
the session will be terminated. Otherwise, the CS computes Assume that an attacker can forge an effective
the W = EPSM (h (n ⊕ IDCS ) ||χ0 ) and signs the message (T CertSK ||h (χ0 ||ρ0 ) ||ρ0 )k to communication with the
ESCS (h (W, TCS , CertCS )), where the TCS is a timestamp mobile user without obtaining a symmetric encryption key
generated by the CS. Subsequently, CS sends the message and a password. There are two ways for the attacker to achieve
824
0RELOH'HYLFH0' 6PDUW0HWHU60 &ORXG6HUYHU&6
0^V ( 708 `
*HQHUDWH 70' F
Q ( 70' 760 &HUW60 °½
&RPSXWH 6. L K ,'L __ 53:L __ V L 6. L
0 °® ¾
°¯ (660 K Q ( 70' 760 &HUW60 °¿
/ K 70' 6. L &KHFN _ 70' 70'
_ '7 "
(QFU\SW ( K ,'L __ ,'60 __ F &RPSXWH Q V ,')6
/
&KRRVH SLG M 3,' *HQHUDWH 760 9HULI\ 760 &HUW60
&RPSXWH V SLG M 7. L
6LJQ K Q ( 70' 760 &HUW60
(660 K Q ( 70' 760 &HUW60
&RPSXWH Q ,'&6
'HFU\SW ,'L __ PL 1 7$
this purpose, One is that when an attacker does a Hash hash users is obtained by hash function and symmetric encryption
query and it happens to be k, the probability advantage is technique. There are two ways for an attacker to obtain NT A .
cHash
, or the attacker uses the random oracle to generate the One is to get it directly through a direct query to a random
2l
|D| , where the |D| is
oracle, the probability advantage is csend
c
k, the probability advantage is cHash
2l
· SendAgent
|D| .They all can
be ignored. the bit length of the key, and the other is to obtain the hash
value through a hash query, the probability advantage is chash2l
.
3) : In the event that an attacker does not obtain pre-shared
So the probability of an attacker breaking the anonymity is
asymmetric keys, the scheme can defense of the fraud between
|D| + 2l , which is negligible.
csend chash
the smart meter and the cloud server.
More importantly, our scheme can keep the user’s move-
If this happened, which means that an attacker can calculate
ment secrets using the one-time-alias feature (P ID), every
the valid signature information through random oracle queries.
time when the user login, the message sent to the smart meter
This contradicts the mathematical problem of ECDLP (Elliptic
is different, and the real IDi is hidden in the pidj , which can
Curve Discrete Logarithm Problem).
only be decrypted by the cloud server. Even if the smart meter
B. Our scheme can provide user with anonymity and untrace- is controlled by the attacker and he/she can get the pidj , he/she
ability. cannot trace the user’s movement. Therefore, our scheme can
achieve the feature of strong anonymity and untraceability.
For obvious reasons, it is desirable to keep the user’s identity
and movement secrets. But in the He et al.’s scheme [25], C. Our scheme can prevent the reply attack.
they only considered the identity’s security, the login message
including the identity is fixed for all authentication process. Suppose an attacker A intercepts the messages, m1 =
The attacker can trace the user’s movement and the current {s, E, TM D }, m2 = {n, E, TM D , TSM , ESSM h(n, E, (TM D
whereabouts if the attacker can get enough the login mes- , TSM , CertSM )), CertSM }, m3 = {W, TCS , CertCS , ESCS
sage [23]. (h(W, TCS , CertCS ))} and m4 = (T CertM D ||h(χ0 ||χ))k
Our scheme’s protection of the user identity likes the during the login and authentication phase, and then tries to
scheme of the He et al. [25], the identity anonymity of the send these messages again after some time. Since the m1 ,
825
m2 and m3 include time-stamp TM D , TSM and TCS , the TABLE III
T HE RUNNING TIME OF THE NOTATIONS USED FOR COMPUTATION COST
validation of the timestamps can result in these messages to ANALYSIS .
be abandoned, meanwhile, when the M D receives the m4 ,
it will decrypt and verify the h (χ0 ||χ), which is different in Notation Description Time/ms
Ts a symmetric encryption/decryption operation 0.527
every authentication process. If the A replays the m4 of former Tcert a certificate generation operation 2.861
authentication process, it will be denied, and if A replays m4 Tcert ver a certificate verification 1.417
of current authentication process, it does not make any sense. Tas a asymmetric encryption/decryption operation 2.714
Th a one-way hash operation 2.859
Hence, our scheme provides the replay attack protection. TM the operation under multiplication group 7.043
TP pairing function 25.856
D. Our scheme can prevent the exotic attack.
Our scheme can resist off-line password guessing attack.
We assume that the attacker obtains the secret information
stored in the smart card {BIi , CIi , Hi , SKi ∗ , h(.), P ID, τi }. compared in the Table. IV. From the table you can see that the
In the smart card, the RP Wi appearances twice, SKi ∗ = computational costs of the proposed scheme are almost equal
h (IDi ||RP Wi ||σi ) ⊕ SKi and CIi = h (IDi ||RP Wi ||σi ) ⊕ to the He et al.’s scheme, even a little lower than it. And
T Ki Obviously, the attacker cannot launch an off-line pass- compared with the other two authentication scheme under the
word guessing attack without knowing the IDi and the σi . In SG environment, our scheme is much more efficient than them.
He et al.’s scheme, the password’s security only depends on
the IDi , which can easily be obtained by the attackers using TABLE IV
C OMPARISON OF THE COMPUTATIONAL COST
the social engineering. But in our scheme, the password’s
security depends on the IDi and the σi . Even if the attacker Scheme Computational cost/ms
Ours 14Th +4Ts +2Tcert +2Tcert ver +2Tas =56.117
can obtain the RP W , he/she cannot guess the real password He et al. (2011) 18Th +5Ts +2Tcert +2Tcert ver +2Tas =68.081
P Wi because of the RP Wi ∗ = h (P Wi ∗ ||ni ∗ ). Saxena et al.(2016) 9Th +14TM +TP +2Ts =151.243
Vaidya et al.(2011) 21Th +14TM +Tcert +Tcert ver =162.919
V. P ERFORMANCE ANALYSIS
In this section, we compare the performance of our pro-
posed scheme with He et al.’s scheme [25], Saxena et al.’s Conclusively, because our protocol uses only lightweight
scheme [26] and Vaidya et al.’s scheme [27]. cryptography algorithms such as symmetric, asymmetric,
Table. II presents the comparison among our scheme and XOR, etc., our protocol is more efficient than other protocols
the other three schemes in terms of the security property. As under the SG. We improve the security of the protocol under
we can see in the table, our scheme is more security than other the premise of ensuring the computational efficiency, it is
three schemes. As mentioned earlier, our scheme can provide much better than He et al. [25]’s scheme, Saxena et al. [26]’s
strong user anonymity and the untraceability, but the He et scheme and Vaidya et al. [27]’s scheme. It is more suitable
al.’s scheme cannot. And our scheme applies the biometrics for authentication services in SG environment.
in the registration phase and the login phase, which improve VI. C ONCLUSION
the security of the scheme.
In this paper, a new remote user authentication scheme
TABLE II
is presented for the cloud server architecture based SG en-
C OMPARISON SECURITY PROFERTIES . vironment. The proposed scheme is inspired by the He et
al.’s scheme [25], we have made some improvements for
Property He et al. Ours Saxena et al. Vaidya et al.
(2011) (2016) (2011) the enhancement in security and applicability. The proposed
S1 No Yes No No scheme is thoroughly analyzed and it shows that the scheme
S2 No Yes No No has the ability to defend various known attacks. It is proved
S3 No Yes No No
S4 No Yes Yes Yes that our scheme highly improves security without sacrificing
S5 Yes Yes Yes Yes the original efficiency compared with the He et al.’s scheme
S6 Low High High Middle and other two schemes in the SG environment. Moreover, it
S7 Low High Low Low
supposes some new functionality features and it is lightweight
S1: Strong User Anonymity;S2: Untraceability; S3: Application of biometrics; compared with other existing schemes in the SG environments.
S4: Robust against forgery attacks;S5: Robust against replay attacks; S6:
Robust against exotic attacks; S7: Overall security impact However, our work is not enough to monitor the overall
security of SG. In the near future, we will expand and optimize
We have implemented the operations in Table. III on a note- our agreement and it can accommodate other Internet of
book PC, (Lenove Y400 with a I5-3230M 2.6Ghz x 4 CPU, Things (IoT) scenarios beyond the SG.
8G bytes memory and the ubuntu16.04 operating system). The
ACKNOWLEDGEMENT
description and the running time of those operations is listed
in Table. III. This work has been partially sponsored by the National
The computational costs for the authentication and key Science Foundation of China (No. 61572355, U1736115),the
agreement phase of our scheme and other three schemes are Tianjin Research Program of Application Foundation and
826
Advanced Technology under grant No. 15JCYBJC15700, and [25] He, D.: A strong user authentication scheme with smart cards for
wireless communications[J]. Computer Communications 34(3), 367–374
the Fundamental Research of Xinjiang Corps under grant No. (2011)
2016AC015. [26] Saxena, N.: Authentication and Authorization Scheme for Various User
Roles and Devices in Smart Grid[J]. IEEE Transactions on Information
Forensics & Security 11(5), 907–921 (2016)
R EFERENCES [27] Vaidya, B., Makrakis, D.: Provisioning Substation-level authentication
in the smart grid networks[C]. In: Wilson, D., Keeler, N. (eds.) Military
[1] Molzahn, D.K.: A Survey of Distributed Optimization and Control Communications Conference 2011, pp. 1189–1194. IEEE(2011).
Algorithms for Electric Power Systems[J]. IEEE Transactions on Smart
Grid 8(6), 2941–2962 (2017)
[2] Iacovella, F.: Cluster Control of Heterogeneous Thermostatically Con-
trolled Loads Using Tracer Devices[J]. IEEE Transactions on Smart Grid
8(2), 528–536 (2017)
[3] Saxena, N.: Network Security and Privacy Challenges in Smart Vehicle-
to-Grid[J]. IEEE Wireless Communications 24(4), 88–98 (2017)
[4] Yu ,R.: Balancing Power Demand Through EV Mobility in Vehicle-
to-Grid Mobile Energy Networks[J]. IEEE Transactions on Industrial
Informatics 12(1), 79–90 (2016)
[5] Khan, A.A.: Cognitive Radio for Smart Grids: Survey of Architectures,
Spectrum Sensing Mechanisms, and Networking Protocols[J]. IEEE
Communications Surveys & Tutorials 18(1), 860–898 (2016)
[6] Guan, Z.: Achieving Efficient and Secure Data Acquisition for Cloud-
supported Internet of Things in Smart Grid[J]. IEEE Internet of Things
Journal 4(6), 1934–1944 (2017)
[7] Chekired, D.A.: Smart Grid Solution for Charging and Discharging
Services Based on Cloud Computing Scheduling[J]. IEEE Transactions
on Industrial Informatics 13(6), 3312–3321 (2017)
[8] Li, H.: An Efficient Merkle-Tree-Based Authentication Scheme for
Smart Grid[J]. IEEE Systems Journal 8(2), 655–663 (2014)
[9] Nicanfar, H.: Efficient Authentication and Key Management Mecha-
nisms for Smart Grid Communications[J]. IEEE Systems Journal 8(2),
629–640 (2014)
[10] Baharlouei, Z.: Efficiency-Fairness Trade-off in Privacy-Preserving Au-
tonomous Demand Side Management[J]. IEEE Transactions on Smart
Grid 5(2), 799–808 (2014)
[11] Liu, D., Li, H.: Achieving Multi-Authority Access Control with Efficient
Attribute Revocation in smart grid[C]. In: Farzad, S., Abbas, J. (eds.)
IEEE International Conference on Communications 2014, pp. 634–
639.IEEE(2016).
[12] He, Y.: Real-time Detection of False Data Injection Attacks in Smart
Grid: A Deep Learning-Based Intelligent Mechanism[J]. IEEE Transac-
tions on Smart Grid 8(5), 2505–2516 (2017)
[13] He, X.: A Big Data Architecture Design for Smart Grids Based on
Random Matrix Theory[J]. IEEE Transactions on Smart Grid 8(2), 647–
686 (2017)
[14] Fouda, M.M.: A Lightweight Message Authentication Scheme for Smart
Grid Communications[J]. IEEE Transactions on Smart Grid 2(4), 675–
685 (2011)
[15] Jo, H.J.: Efficient and Privacy-Preserving Metering Protocols for Smart
Grid Systems[J]. IEEE Transactions on Smart Grid 7(3), 1732–1742
(2016)
[16] He, D.J: An Enhanced Public Key Infrastructure to Secure Smart Grid
Wireless Communication Networks[J]. IEEE Network 28(1), 10–16
(2014)
[17] Tsai, J.L.: Secure Anonymous Key Distribution Scheme for Smart
Grid[J]. IEEE Transactions on Smart Grid 7(2), 906–914 (2016)
[18] Odelu, V.: An Efficient Merkle-Tree-Based Authentication Scheme for
Smart Grid[J]. IEEE Systems Journal PP(99), 1–1 (2016)
[19] Jo, H.J.: Efficient and Privacy-Preserving Metering Protocols for Smart
Grid Systems[J]. IEEE Transactions on Smart Grid 7(3), 1732–1742
(2016)
[20] Bertoni, G :The Keccak Refere,January,2011,http://Keccak.noekeon.org
[21] Wu, C.C.: A Secure Authentication Scheme with Anonymity for Wire-
less Communications[J]. IEEE Communications Letters 12(10), 722–
723 (2008)
[22] Xu, J.: An efficient mutual authentication and key agreement protocol
preserving user anonymity in mobile networks[J]. Computer Communi-
cations 34(3), 319–325 (2011)
[23] Gope, P.: Robust Biometrics-Based Authentication Scheme for Multi
server Environment[J]. Journal of Network & Computer Applications
62(C), 1–8 (2016)
[24] He, D.: An Efficient Merkle-Tree-Based Authentication Scheme for
Smart Grid[J]. IEEE Systems Journal 9(3), 816–823 (2015)
827