Authentication in the Smart Grids

Transcription

1 Authentication in the Smart Grids Mario H. F. Latuf Universidade Federal de Itajubá UNIFEI July 17,

2 Reference Soohyun, Kwak Jin, Mutual authentication and key establishment mechanism using DCU certificate in Smart Grid, AMIS, 6(2012), No. 1 2

3 Agenda Communication structure in the Smart Grid Authentication mechanism Security requirements Proposed mechanism Analysis Conclusion 3

4 Smart grid 4

5 Smart grid Communication structure AMI Server Advanced Metering Infrastructure DCU Data Concentration Unit Smart meter 5

6 Authentication mechanism 1 - Three standard challenge-response mechanism by ISO (International Organization for Stardadization) and IEC (International Electrotechnical Comission): "ISO Two-Pass Unilateral Authentication Protocol 6

7 Authentication mechanism ISO Two-Pass Unilateral Authentication Protocol using a Cryptographic Check Function(CCF)" TokenAB = Text2 f KAB (R B, Bob, Text2) "ISO Public Key Two-Pass Unilateral Authentication Protocol TokenAB = R A R B Bob Text3 sig A (R A R B Bob Text2) 7

8 Authentication mechanism 2 - Authentication mechanism using AS ( Authentication Server) use a centralized server for mutual authentication between server and client and sharing the session key. Kerberos is one of the most famous types of this method 8

9 Security Requirements Data confidentiality: the information should be encrypted Data Integrity: information should be protected from forgeries and alterations by illegal accesses. System Availability: the availability of devices, systems and networks should be stable and continuous bidirectional real-time communication Non-repudiation: to prevent user s denials on the realtime charge information metered 9

10 Security Requirements Device Integrity: smart meters and DCU s should be protected physically against an attacker that can install malicious software or set new functions. Mutual authentication: an attacker can disguise himself as the power provider or as normal user, hijack users information or interrupt the service provided to the users in the smart grid. Privacy protection: to not expose individual users private information. Light Weighted: high computation efficiency to perform quickly the authentication process in the smart grid. 10

11 Security Requirements 11

12 Security threat X Security requirements 12

13 Mutual authentication between the smart meter and the DCU (Data Concentration Unit), using only DCU s certificate and generating three new keys used in the current session using the pre-shared long-term key. The additional key distribution protocol is required to stop the long-term secret key distributed in advance being used continuously for message encryption after completion of the authentication DCU and all meters must have the public key certificates for the mutual authentication in the method using the public key. Mutual authentication between DCU and the smart meter using only DCU s certificate and generating three new keys used in the current session using the pre-shared long-term key. 13

14 1) The smart meter transmits the authentication request message to the DCU. 14

15 2) The DCU transmits its public key certificate Cert DCU. Cert DCU = DCU s public key certificate 15

16 3) The smart meter verifies the certificate and obtains the DCU's public key. 16

17 4) The smart meter generates a random session key SK and encrypts the session key with DCU's public key. SK : Session key between smart meter and DCU 17

18 5) The smart meter transmits the encrypted session key to DCU. 18

19 6) The DCU decrypts the session key using its own secret key. 19

20 7) The DCU generates the random number Dnonce and computes the following using the session key and pre-shared MK. H1 = H(SK, MK, Dnonce) C1 = E SK (H1, Dnonce) Dnonce/Snonce : a random number generated by DCU/Smart meter MK : Long-term key between Smart meter and DCU SK : Session key between smart meter and DCU H( ) : Cryptographic hash function 20

21 8) The DCU transmits C1 to the smart meter. 21

22 9) The smart meter decrypts C1 and using SK and MK owned by it, checks if the following is satisfied. H1?= H(SK, MK, Dnonce) SK : Session key between smart meter and DCU MK : Long-term key between Smart meter and DCU H( ) : Cryptographic hash function 22

23 10) If 9) is satisfied, the smart meter generates random number Snonce and computes the following using the session key SK and preshared MK. H2 = H(SK, MK, Dnonce, Snonce) C2 = E SK (H1, Dnonce, Snonce) EK() / DK() : Encryption/decryption function of symmetric key cryptosystem using key K 23

24 11) The smart meter transmits C2 to DCU. 24

25 12) Using the session key SK, Dnonce and Snonce, the smart meter computes MIK, TK and KEK as: PRF(SK, Dnonce, Snonce) = MIK TK KEK PRF : Pseudo random function MIK : Key used to generate a message integrity value TK : Temporal key used to encrypt a Message KEK : Key encryption key used to encrypt a group key 25

26 13) The DCU decrypts C2 and using SK and MK owned by it, checks if the following is satisfied. H2?= H(SK, MK, Dnonce, Snonce) 26

27 14) If 13) is satisfied, the DCU, using the SK, Dnonce and Snonce, computes MIK, TK, KEK as: PRF(SK, Dnonce, Snonce) = MIK TK KEK 27

28 15) The DCU encrypts the group key GK using KEK. KEK : Key encryption key used to encrypt a group key 28

29 16) The DCU transmits the encrypted group key to the smart meter. 29

30 17) Using KEK, the smart meter decrypts 16) and obtains the group key GK. KEK : Key encryption key used to encrypt a group key 30

31 Analysis Mutual authentication and key establishment; Key freshness; Forward secrecy; Man-In-The-Middle attack; Efficiency of management; 31

32 Conclusion The proposed mechanism can prevent an attacker from transmitting data by impersonating as a smart meter or a DCU transmitting through mutual authentication. Generates new session keys for each session, providing data secrecy and integrity. Provides key freshness and forward secrecy and is secure against Man-In-The-Middle attack. Advantage in the management, using only DCU s certificates. 32

33 Thank you! Comments & Questions??? 33