PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms

Transcription

1 PET PhD Course 2012 SWITS The Smart Grid and Anonymous Communication Mechanisms Leonardo Martucci Security and Networks Group, ADIT Department of Computer and Information Science

2 About me EE Degree (95-00) + Master in EE (00-02) University of São Paulo PhD in CS (04-09) Karlstad University Postdoc (09-12) Center for Advanced Security Research Technische Universität Darmstadt Postdoc (12- ) Linköping University 2/32

3 The Smart Grid: What we already know We already know: What the Smart Grid is How the Smart Grid is organized Why privacy is a concern in the Smart Grid Standards for the Smart Grid That there are already PET proposals for it 3/32

4 A Sudden Interest 4/32

5 About this presentation Based on the paper: Analysis of Privacy-Enhancing Protocols Based on Anonymity Networks F. Borges, L. Martucci and M. Mühlhäuser to appear SmartGridComm 2012 with some bits from: A Survey on Privacy-Enhancing Technologies for the Smart Grid F. Borges and L. Martucci under submission 5/32

6 In this presentation General Research Question on Privacy in the Smart Grid A theoretical PET for the Smart Grid and PET categories General Anonymous Communication Networks Computational performance against a general homomorphic encryption solution * we that work on privacy 6/32

7 How NIST sees the Smart Grid * National Institute of Standards and Technology 7/32

8 How we* see the Smart Grid SP & O information produces information collects information Personal Identifiable Information * we that work on privacy 8/32

9 How we* see the Smart Grid customer SP & O information produces information collects information Personal Identifiable Information * we that work on privacy 9/32

10 The Information Flow in the Smart Grid Two information flows with different natures customer real-time control data SP & O billing data 10/32

11 Real-Time Control Data 11/32

12 Real-Time Control Data (Nonintrusive Appliance Load Monitoring) 12/32

13 General Research Question Personal Identifiable Information BUT allow billing according to a given pricing scheme allow real-time control over the electricity network 13/32

14 Recalling Two information flows with different natures customer real-time control data SP & O billing data 14/32

15 Testing a theoretical PET Assuming a method M that eliminates the source from real-time control data and direct communication between customer and SP&O IF M customer control data SP & O differentiate sources, but not identify them billing data THEN there is no M that protects privacy 15/32

16 Considering other options Modify the control data customer SP & O f (control data) Solutions based on data aggregation, batteries and micro-generation 16/32

17 Considering other options NO direct communication between customers and SP&O o TTP-based solutions o Use partial identities and distinct communication channels according to the nature of the information flow Real-time control data Billing data customer pseudonym 2 Partial identities customer ID 17/32

18 PET Categories for the Smart Grid The 6 different strategies A. Symmetric Data Aggregation B. Asymmetric Data Aggregation C. Anonymous Communication Networks D. Schemes based on Trusted Third Parties E. Batteries and Local Generation Schemes F. (Hybrid Schemes) * from A Survey in Privacy-Enhancing Technologies for the Smart Grid 18/32

19 Designing PETs for the Smart Grid customer SP & O information 19/32

20 Today we address The 6 different strategies A. Symmetric Data Aggregation B. Asymmetric Data Aggregation C. Anonymous Communication Networks D. Schemes based on Trusted Third Parties E. Batteries and Local Generation Schemes F. (Hybrid Schemes) * from A Survey in Privacy-Enhancing Technologies for the Smart Grid 20/32

21 Anonymous Communication Networks and the Smart Grid Established concept + new application scenario The objective: sender anonymity towards the SP&O Secure Session 21/32

22 The General Solution: Partial Identities and Anonymous Communication begin secure session group ID SP & O customer ID end secure session Group ID is used for geographical reasons 22/32

23 The relation between sets of customers, IDs, pseudonyms and secure sessions customer ID group ID secure sessions 23/32

24 How many messages per session? one secure session only privacy tends to zero 1 pseudonym for all messages one secure session = one key agreement one secure session per message maximum privacy 1 pseudonym per message n messages = n key agreements maximum computational cost (!) 24/32

25 Simulation: Measurements and Sessions Processing time and measurements per session (obviously) 25/32

26 Analysis: Establishing Secure Sessions We analyze and compare the computational performance of a general solution based on homorphic encryption (HF) customer: 2.i.E + i.m E = exponential cost sp&o: (i-1).m M = multiplication cost a solution based on a Diffie-Hellman (DH) key agreement (IK) for customer: 4.j.E sp&o: 4.j.E i = number of measurements j = number of secure sessions 26/32

27 Analysis: Performance HF and IK (i = j) Homorphic functions perform better for i = j (maximum privacy) 27/32

28 Analysis: more measurements / sessions Defining an inequality assuming constant costs for M and E we have i.e. 4 messages / secure session for similar performance 28/32

29 Simulation: measurements / sessions exponention cost is not constant for the chosen bit-lenghts 10-bit message, 1024-bit for all other HF parameters 1024-bit for DH parameters (modulo 2048 bits) 29/32

30 Conclusions There are different PET strategies for the Smart Grid One are the anonymous communication networks. it is about their core (how messages are forwarded) but also about their end-nodes (computational costs) We compared the computational cost for end nodes in: building secure sessions for a general anon. comm. net. and compared against a general homomorphic encr. solution 30/32

31 A final note (again!) Based on the paper: Analysis of Privacy-Enhancing Protocols Based on Anonymity Networks F. Borges, L. Martucci and M. Mühlhäuser to appear SmartGridComm 2012 with some bits from: A Survey on Privacy-Enhancing Technologies for the Smart Grid F. Borges and L. Martucci under submission 31/32

32 32/32

33 33/32