# A Secure Charging System for Electric Vehicles Based on Blockchain

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

- (1)
- We demonstrate security weaknesses of Huang et al.’s model, and highlight its inefficiencies.
- (2)
- We propose a secure charging system for EV based on blockchain to solve these security weaknesses and improve efficiency.
- (3)
- We perform informal analysis to demonstrate the proposed system is secure against various attacks, and prove that it provides secure mutual authentication using Burrows–Abadi–Needham (BAN) logic. We also perform formal security verification using the AVISPA tool and compare performances with previous schemes.
- (4)
- We analyze the computational and communication costs compared with other related existing schemes.

#### 1.1. Organization

#### 1.2. Related Works

## 2. System Model

#### 2.1. Hyperledger

- Consensus layer: ensures agreement between transaction order and checks their validation.
- Smart contract layer: processes transaction requests and verifies smart contracts are valid.
- Communication layer: guarantees security for messages transmitted between nodes.
- Data store abstraction: manages data.
- Crypto abstraction: includes cryptographic algorithms or modules.
- Identity service: sets up the blockchain network, manages user and system node registration, and provides authentication and authorization.
- Policy services: provide various policies for blockchain systems.
- APIs: provide various blockchain interfaces.
- Interoperation: allows interoperation among blockchain instances.

#### 2.2. System Model

- EV registers their identity with the operator to access charging services.
- EV and EAG authenticate each other.
- EAG generates transactions.
- EAG verifies the transaction is valid and records transactions on blockchain networks.

## 3. Review of Huang et al.’s Scheme

#### 3.1. Registration Phase

**Step****1:**- EVs $\{{V}_{1},{V}_{2},\cdots ,{V}_{n}\}$ choose a random number $x\in {Z}_{n}^{*}$ and calculate ${Q}_{i}={x}_{i}P$. The EVs request a registration in a blockchain and broadcast ${m}_{i}=I{D}_{i}\left|\right|I{D}_{j}\left|\right|T$,$(1\le j\le n,i\ne j)$, and $({m}_{i},si{g}_{i}\left(H\left({m}_{i}\right)\right))$.
**Step****2:**- CPs check whether the received signature is valid, and then compute signature ${\alpha}_{i}=f\left({x}_{i}{x}_{i+1}\right){x}_{i+2}P$ and ${C}_{i}={E}_{p{w}_{i}}\left({\alpha}_{i}\right)$. Then, CPs send ${m}_{i}=I{D}_{i}\left|\right|s\left|\right|{C}_{i}\left|\right|T$ and $({m}_{i}^{\prime},si{g}_{i}\left(H\left({m}_{i}^{\prime}\right)\right))$ to the OP in the blockchain.
**Step****3:**- OP verifies the received the signature is valid and reuses $P{W}_{i}$, where $P{W}_{i}$ is shared with each participant to decrypt ${\alpha}_{i}$. Subsequently OP computes ${K}_{i}={E}_{P{W}_{i}}(\sum {\alpha}_{j})(1\le j\le n,i\ne j)$ and broadcasts it in the blockchain.
**Step****4:**- After receiving key ${K}_{i}$ from the OP, each participant decrypts ${K}_{i}$ and computes session key $K={\alpha}_{i}+\sum {\alpha}_{j}={\sum}_{i=1}^{n}{\alpha}_{i}=f\left({x}_{1}{x}_{2}P\right){x}_{3}P+\cdots +f\left({x}_{n}{x}_{1}P\right){x}_{2}P$. When a request is recorded in the blockchain, it is checked by all CPs.

#### 3.2. Scheduling Phase

#### 3.3. Authentication Phase

**Step****1:**- EV sends identity $I{D}_{EV}$ to the CP, and then the CP checks whether it is valid through the blockchain networks. If it is valid, the CP returns charging request to the EV.
**Step****2:**- After receiving the charging request from the CP, the EV sends $\{{Q}_{CP},{P}_{CP},I{D}_{CP},{H}_{CP},K\}$ to the CP.
**Step****3:**- CP selects a random number $b\in {Z}_{q}^{*}$, current timestamp ${T}_{i}$, and calculates $PI{D}_{EV}=RI{D}_{EV}\oplus {H}_{1}\left(b{P}_{CP}\right)$, ${Q}_{EV}=bP\oplus K$, ${H}_{tEV}={H}_{2}(I{D}_{EV}$, $PI{D}_{EV},{Q}_{EV},{T}_{EV})$ and $S{K}_{EV}=b+\u03f5{H}_{tEV}$. Then, the CP sends $\{PI{D}_{EV},{Q}_{EV}$, ${T}_{EV},S{K}_{EV}\}$ to the EV.
**Step****4:**- EV selects a random number $c\in {Z}_{q}^{*}$, calculates ${R}_{EV}$=${c}_{EV}P$, ${H}_{EV}$$={H}_{3}(I{D}_{CP}$, $PI{D}_{EV},{Q}_{EV},{R}_{EV},{T}_{EV})$ and ${\xi}_{EV}=S{K}_{EV}+{c}_{EV}{H}_{EV}$, and sends $\{I{D}_{CP}$, $PI{D}_{EV},{Q}_{EV},{R}_{EV},{T}_{EV},{\xi}_{EV}\}$ to the CP via the secure channel.
**Step****5:**- After receiving the message from the EV, the CP computes ${H}_{tEV}$=${H}_{2}$$(I{D}_{EV},PI{D}_{EV},{Q}_{EV},{T}_{EV})$ and ${H}_{EV}={H}_{3}(I{D}_{CP},PI{D}_{EV},{Q}_{EV},{R}_{EV},{T}_{EV})$, and checks the received signature. If it is not valid, the CP aborts the authentication phase. Otherwise, the CP selects a random number $d\in {Z}_{q}^{*}$ and computes ${R}_{CP}=dP$, $SK={H}_{4}(d{R}_{EV},I{D}_{CP},PI{D}_{EV},{Q}_{EV},{T}_{EV})$, ${H}_{CP}={H}_{5}(I{D}_{CP},RI{D}_{CP},{Q}_{EV},SK,d{R}_{EV})$, and ${\xi}_{CP}={\u03f5}_{CP}+d{H}_{CP}$. Finally, the CP sends $\{I{D}_{EV},PI{D}_{EV},{R}_{CP},{\xi}_{CP}\}$ to the EV.
**Step****6:**- After receiving the message from the CP, the EV computes $SK={H}_{4}(c{R}_{CP},I{D}_{CP}$, $RI{D}_{EV},{Q}_{EV},{T}_{EV})$,${H}_{CP}={H}_{5}(RI{D}_{EV}$, and $I{D}_{CP},{Q}_{EV},SK,d{R}_{CP})$. The CP checks the received signature. If valid, the EV and CP achieve mutual authentication. Otherwise, the EV aborts mutual authentication. After mutual authentication, the session key $SK$ is used to encrypt messages to ensure secure communications.

#### 3.4. Charging Phase

**Step****1:**- EV calculates commitment $C={H}_{5}(I{D}_{EV},{R}_{CP},{\xi}_{CP}P)$ including EV’s identity, random parameter, and signature.
**Step****2:**- CP verifies whether commitment $C={H}_{5}(I{D}_{EV},{R}_{CP}{\xi}_{CP}P)$ and current time stamps are valid. If valid, the CP starts charging for EV. Otherwise, this phase is aborted.

## 4. Problems of Huang et al.’s Scheme

#### 4.1. Deposit Problem

#### 4.2. Inefficient Mechanism for Generating Transaction

#### 4.3. Cost of Transaction Fee

#### 4.4. Security of Key

## 5. Proposed Charging System for EV Based on Blockchain

#### 5.1. Initialization Phase

**Step****1:**- OP selects a base point G on the elliptic curve ${E}_{p}$ with order n, where n is a large prime number.
**Step****2:**- EAG generates public key, private key, and random number ${b}_{1}$.
**Step****3:**- OP defines network configuration including channel members and policies, records it in a blockchain, and shares it with system participants.

#### 5.2. Registration Phase

**Step****1:**- EV${}_{i}$ selects their identity $I{D}_{i}$, password $P{W}_{i}$, generates random numbers ${a}_{1}$ and ${r}_{EV}$, calculates a public key ${r}_{EV}\xb7G$ and $HI{D}_{i}=h(I{D}_{i}\left|\right|{a}_{1})$, and then sends $HI{D}_{i}$ and ${a}_{1}$ to OP through a secure channel.
**Step****2:**- OP chooses a random number ${k}_{op}$ and calculates public key $P{K}_{op}={r}_{op}\xb7G$, ${A}_{i}=h(HI{D}_{i}\left|\right|{a}_{1})$, ${B}_{i}={A}_{i}\oplus {k}_{op}$, and ${C}_{i}=h(HI{D}_{i}\left|\right|{a}_{1}\left|\right|{k}_{op})$. Finally, OP sends $\{{B}_{i}$, ${C}_{i}\}$ to EV${}_{i}$, modifies network configurations, and stores details in the blockchain.
**Step****3:**- EV${}_{i}$ computes ${D}_{i}=h(I{D}_{i}\left|\right|P{W}_{i})\oplus {a}_{i}$, ${E}_{i}=h({a}_{1}\left|\right|I{D}_{i}\left|\right|P{W}_{i})\oplus {r}_{EV}$; and stores $\{{B}_{i}$, ${C}_{i}$, ${D}_{i}$, and ${E}_{i}\}$ in memory.

#### 5.3. Authentication Phase

**Step****1:**- EV${}_{i}$ inputs identity $I{D}_{i}$ and password $P{W}_{i}$; and calculates ${a}_{1}={D}_{i}\oplus h(I{D}_{i}\left|\right|P{W}_{i})$, ${r}_{EV}=h({a}_{1}\left|\right|I{D}_{i}\left|\right|P{W}_{i})\oplus {E}_{i}$, ${A}_{i}=h(HI{D}_{i}\left|\right|{a}_{i})$, ${k}_{op}={B}_{i}\oplus {A}_{i}$, and ${C}_{i}^{*}=h(HI{D}_{i}\left|\right|{a}_{1}\left|\right|{k}_{op})$. Then, EV${}_{i}$ checks whether ${C}_{i}^{*}\stackrel{?}{=}{C}_{i}$. If valid, EV${}_{i}$ computes ${M}_{1}=\{{r}_{EV}\xb7G,({a}_{1}\left|\right|HI{D}_{i}\left|\right|{T}_{i})+{r}_{EV}\xb7P{K}_{EAG}\}$, and ${M}_{2}=h({a}_{1}\left|\right|HI{D}_{i}\left|\right|{T}_{1})$; and sends $\{{M}_{1}$, ${M}_{2}$, ${T}_{1}\}$ to EAG.
**Step****2:**- After receiving $\{{M}_{1}$, ${M}_{2}$, ${T}_{1}\}$ from EV${}_{i}$, EAG calculates $({a}_{1}\left|\right|HI{D}_{i}\left|\right|{T}_{1})=({a}_{1}\left|\right|HI{D}_{i}\left|\right|{T}_{1})+{r}_{EV}\xb7P{K}_{EAG}-{r}_{EAG}\xb7({r}_{EV}\xb7G)$ using the private key ${r}_{EAG}$. Then EAG computes ${M}_{2}^{*}=h({a}_{1}\left|\right|HI{D}_{i}\left|\right|{T}_{1})$ and verifies ${M}_{2}^{*}\stackrel{?}{=}{M}_{2}$. If valid, EAG authenticates EV${}_{i}$ and calculates ${M}_{3}={b}_{1}\oplus {a}_{1}$, ${M}_{4}=h(I{D}_{EAG}\left|\right|{a}_{1}\left|\right|{b}_{1}\left|\right|{T}_{2})$, and session key $SK=h\left(HI{D}_{i}\right|\left|I{D}_{EAG}\right|\left|{a}_{1}\right|\left|{b}_{1}\right)$. Finally, EAG sends $\{{M}_{3}$, ${M}_{4}$, ${T}_{2}\}$ to EV${}_{i}$.
**Step****3:**- When EV${}_{i}$ receives $\{{M}_{3}$, ${M}_{4}$, ${T}_{2}\}$ from EAG, it computes ${b}_{1}={M}_{3}\oplus {a}_{1}$ and ${M}_{4}^{*}=h(I{E}_{EAG}\left|\right|{a}_{1}\left|\right|{b}_{1}\left|\right|{T}_{2})$, and verifies ${M}_{4}^{*}\stackrel{?}{=}{M}_{4}$. If valid, mutual authentication between EV${}_{i}$ and EAG has been accomplished. EV${}_{i}$ calculates a shared session key, $SK=h\left(HI{D}_{i}\right|\left|I{D}_{EAG}\right|\left|{a}_{1}\right|\left|{b}_{1}\right)$.

#### 5.4. Charging Phase

**Step****1:**- EV${}_{i}$ generates a transaction ${T}_{x}$ including $HI{D}_{i}$; $I{D}_{EAG}$; charging records, prices, charging time $C{T}_{i}$, signature of EV${}_{i}$ and information of payment, and EV${}_{i}$ computes ${D}_{i}=h(HI{D}_{i}\left|\right|I{D}_{EAG}\left|\right|S{K}_{i})$. After that, EV${}_{i}$ sends $\{{T}_{x},{D}_{i}\}$ to the EAG.
**Step****2:**- After receiving the message from EV${}_{i}$, EAG checks whether ${D}_{i}^{*}\stackrel{?}{=}{D}_{i}$. If it is correct, EAG checks whether the transaction information ${T}_{x}$ is correct. Then, EAG adds the own signature to the transaction. Finally, the charging is started and EAG records the transaction ${T}_{x}$ on the blockchain.

## 6. Security Analysis

#### 6.1. Informal Security Analysis

#### 6.1.1. Impersonation Attack

#### 6.1.2. Session Key Disclosure Attack

#### 6.1.3. Perfect Forward Secrecy

#### 6.1.4. Replay Attack

#### 6.1.5. Mutual Authentication

#### 6.1.6. Anonymity

#### 6.2. Security Analysis Using BAN Logic

#### BAN Logic Rules

**1.**- Message meaning rule:$$\frac{A\phantom{\rule{4pt}{0ex}}|\equiv A\stackrel{K}{\leftrightarrow}B,\phantom{\rule{7.5pt}{0ex}}A\u22b2{\left\{X\right\}}_{K}}{A\phantom{\rule{4pt}{0ex}}\left|\equiv B\phantom{\rule{4pt}{0ex}}\right|\sim X}$$
**2.**- Nonce verification rule:$$\frac{A\phantom{\rule{4pt}{0ex}}\left|\equiv \#\left(X\right),\phantom{\rule{7.5pt}{0ex}}A\phantom{\rule{4pt}{0ex}}\right|\equiv B\phantom{\rule{4pt}{0ex}}|\sim X}{A\phantom{\rule{4pt}{0ex}}\left|\equiv B\phantom{\rule{4pt}{0ex}}\right|\equiv X}$$
**3.**- Jurisdiction rule:$$\frac{A\phantom{\rule{4pt}{0ex}}\left|\equiv B\phantom{\rule{4pt}{0ex}}\right|\u27f9X,\phantom{\rule{7.5pt}{0ex}}A\phantom{\rule{4pt}{0ex}}\left|\equiv B\phantom{\rule{4pt}{0ex}}\right|\equiv X}{A\phantom{\rule{4pt}{0ex}}|\equiv X}$$
**4.**- Freshness rule:$$\frac{A\phantom{\rule{4pt}{0ex}}|\equiv \#(X)}{A\phantom{\rule{4pt}{0ex}}|\equiv \#\left(X,Y\right)}$$
**5.**- Belief rule:$$\frac{A\phantom{\rule{4pt}{0ex}}|\equiv \left(X,Y\right)}{A\phantom{\rule{4pt}{0ex}}|\equiv X.}$$

#### 6.3. Goals

**Goal****1:**- $EV\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)$
**Goal****2:**- $EV\mid \equiv EAG\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)$
**Goal****3:**- $EAG\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)$
**Goal****4:**- $EAG\mid \equiv EV\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)$

#### 6.3.1. Idealized Forms

- $Ms{g}_{1}$:
- $EV\to EAG$: $({a}_{1},HI{D}_{i},{T}_{1})\stackrel{P{K}_{EAG}}{{}_{\u27f6EAG}}$
- $Ms{g}_{2}$:
- $EAG\to EV$: ${({b}_{1},I{D}_{EAG},{T}_{2})}_{{a}_{1}}$

#### 6.3.2. Assumptions

- ${A}_{1}$:
- $EAG\mid \equiv \#\left({T}_{1}\right)$
- ${A}_{2}$:
- $EV\mid \equiv \#\left({T}_{2}\right)$
- ${A}_{3}$:
- $EV\mid \equiv (EAG\stackrel{{a}_{1}}{\u27f7}EV)$
- ${A}_{4}$:
- $EAG\mid \equiv \#\left(P{K}_{EAG}\right)$
- ${A}_{5}$:
- $EAG\mid \equiv \#\left({a}_{1}\right)$
- ${A}_{6}$:
- $EV\mid \equiv \#\left({b}_{1}\right)$
- ${A}_{7}$:
- $EV\mid \equiv EAG\Rightarrow (EV\stackrel{SK}{\u27f7}EAG)$
- ${A}_{8}$:
- $EAG\mid \equiv EV\Rightarrow (EV\stackrel{SK}{\u27f7}EAG)$

#### 6.3.3. Proof using BAN Logic

**Step****1:**- From $Ms{g}_{1}$,$${S}_{1}:EAG\u22b2({a}_{1},HI{D}_{i},{T}_{1})\stackrel{P{K}_{EAG}}{{}_{\u27f6EAG}}$$
**Step****2:**- From the message meaning rule with ${S}_{1}$ and ${A}_{4}$,$${S}_{2}:EAG\mid \equiv EV\sim ({a}_{1},HI{D}_{i},{T}_{1})$$
**Step****3:**- Using the freshness rule with ${A}_{1}$,$${S}_{3}:EAG\mid \equiv \#({a}_{1},HI{D}_{i},{T}_{1})$$
**Step****4:**- From the nonce verification rule with ${S}_{2}$ and ${S}_{3}$,$${S}_{4}:EAG\mid \equiv EV\mid \equiv ({a}_{1},HI{D}_{i},{T}_{1})$$
**Step****5:**- Since the session key $SK=h(HI{D}_{i}|\left|I{D}_{EAG}\right|\left|{a}_{1}\right||{b}_{1})$, from ${S}_{4}$ and ${A}_{5}$,$${S}_{5}:EAG\mid \equiv EV\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)\phantom{\rule{1.em}{0ex}}\phantom{\rule{1.em}{0ex}}\left(\mathbf{Goal}\mathbf{4}\right)$$
**Step****6:**- From the jurisdiction rule with ${S}_{6}$ and ${A}_{8}$,$${S}_{6}:EAG\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)\phantom{\rule{1.em}{0ex}}\phantom{\rule{1.em}{0ex}}\left(\mathbf{Goal}\mathbf{3}\right)$$
**Step****7:**- From the $Ms{g}_{2}$,$${S}_{7}:EV\u22b2{({b}_{1},I{D}_{EAG},{T}_{2})}_{{a}_{1}}$$
**Step****8:**- Using the message meaning rule with ${S}_{8}$ and ${A}_{3}$,$${S}_{8}:EV\mid \equiv EAG\sim {({b}_{1},I{D}_{EAG},{T}_{2})}_{{a}_{1}}$$
**Step****9:**- From the freshness rule with ${A}_{2}$,$${S}_{9}:EV\mid \equiv \#{({b}_{1},I{D}_{EAG},{T}_{2})}_{{a}_{1}}$$
**Step****10:**- From the nonce verification rule with ${S}_{9}$ and ${S}_{10}$,$${S}_{10}:EV\mid \equiv EAG\mid \equiv {({b}_{1},I{D}_{EAG},{T}_{2})}_{{a}_{1}}$$
**Step****11:**- Since the session key $SK=h(HI{D}_{i}|\left|I{D}_{EAG}\right|\left|{a}_{1}\right||{b}_{1})$, from ${S}_{11}$ and ${A}_{6}$,$${S}_{11}:EV\mid \equiv EAG\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)\phantom{\rule{1.em}{0ex}}\phantom{\rule{1.em}{0ex}}\left(\mathbf{Goal}\mathbf{2}\right)$$
**Step****12:**- From the jurisdiction rule with ${S}_{13}$ and ${A}_{7}$,$${S}_{12}:EV\mid \equiv (EV\stackrel{SK}{\u27f7}EAG)\phantom{\rule{1.em}{0ex}}\phantom{\rule{1.em}{0ex}}\left(\mathbf{Goal}\mathbf{1}\right)$$

#### 6.4. Formal Security AVISPA Tool for Formal Security Verification

#### 6.4.1. HLPSL Specification of AVISPA Simulation

#### 6.4.2. AVISPA Verification Results

## 7. Performance Analysis

#### 7.1. Computation Cost

- Bilinear pairing, ${T}_{bp}=4.211$ ms.
- Scalar multiplication with bilinear pairing,${T}_{sm-bp}=1.709$ ms.
- Point addition with bilinear pairing, ${T}_{pa-bp}=0.007$ ms.
- Scalar multiplication with elliptic curve cryptography, ${T}_{sm-ecc}=0.442$ ms.
- Point addition with elliptic curve cryptography, ${T}_{pa-ecc}=0.0018$ ms.
- Encryption with elliptic curve cryptography, ${T}_{enc-ecc}=1.17$ ms.
- Decryption with elliptic curve cryptography, ${T}_{dec-ecc}=0.61$ ms.
- Hash, ${T}_{h}=0.0001$ ms.
- Map-to-point,${T}_{mtp}=4.302$ ms.

#### 7.2. Communication Cost

## 8. Conclusions

## Author Contributions

## Funding

## Conflicts of Interest

## References

- Cheung, V. South Korea Releases Electric Public Transportation System. Available online: http://globalenergyinitiative.org/south-koreareleases-electric-public-transportation-system.html (accessed on 11 May 2019).
- Lo, N.-W.; Tasi, J.-L. An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks without pairings. IEEE Trans. Intell. Transport. Syst.
**2016**, 17, 1319–1328. [Google Scholar] [CrossRef] - Kumari, S.; Karuppiah, M.; Li, X.; Wu, F.; Das, A.K. An enhanced and secure trust-extended authentication mechanism for vehicular ad-hoc networks. Secur. Commun. Netw.
**2016**, 9, 4255–4271. [Google Scholar] [CrossRef] - Chin, W.-L.; Li, W.; Chen, H.-H. Energy big data security threats in IoT-based smart grid communications. IEEE Commun. Mag.
**2017**, 55, 70–75. [Google Scholar] [CrossRef] - Liu, Y.; Wang, Y.; Chang, G. Efficient privacy-preserving dual authentication and key agreement scheme for secure V2V communications in an IoV paradigm. IEEE Trans. Intell. Transport. Syst.
**2017**, 18, 2740–2749. [Google Scholar] [CrossRef] - Mohit, P.; Amin, R.; Biswas, G.P. Design of authentication protocol for wireless sensor network-based smart vehicular system. Veh. Commun.
**2017**, 9, 64–71. [Google Scholar] [CrossRef] - Guo, L.; Dong, M.; Ota, K.; Li, Q.; Ye, T.; Wu, J.; Li, J. A secure mechanism for big data collection in large scale internet of vehicle. IEEE Internet Things J.
**2017**, 4, 601–610. [Google Scholar] [CrossRef] - Zhou, Y.; Zhao, X.; Jiang, Y.; Shang, F.; Deng, S.; Wang, X. An enhanced privacy-preserving authentication scheme for vehicle sensor networks. Sensors
**2017**, 17, 2854. [Google Scholar] [CrossRef] - Shen, J.; Zhou, T.; Wei, F.; Sun, X.; Xiang, Y. Privacy-preserving and lightweight key agreement protocol for V2G in the social internet-of-things. IEEE Internet Things J.
**2018**, 5, 2526–2536. [Google Scholar] [CrossRef] - Wu, L.; Sun, Q.; Wang, X.; Wang, J.; Yu, S.; Zou, Y.; Liu, B.; Zhu, Z. An efficient privacy-preserving mutual authentication scheme for secure V2V communication in vehicular ad hoc network. IEEE Access
**2019**, 7, 55050–55063. [Google Scholar] [CrossRef] - Gan, L.; Topcu, U.; Low, S.H. Optimal decentralized protocol for electric vehicle charging. IEEE Trans. Power Syst.
**2013**, 28, 940–951. [Google Scholar] [CrossRef] - Xu, Y.; Pan, F.; Tong, L. Dynamic Scheduling for Charging Electric Vehicles: A Priority Rule. IEEE. Trans. Autom. Control
**2016**, 61, 4094–4099. [Google Scholar] [CrossRef] - Lu, J.L.; Yeh, M.Y.; Hsu, Y.C.; Yang, S.N.; Gan, C.H.; Chen, M.S. Operating electric taxi fleets: A new dispatching strategy with charging plans. In Proceedings of the 2012 IEEE International Electric Vehicle Conference, Greenville, SC, USA, 4–8 March 2012; pp. 1–8. [Google Scholar]
- Kim, H.J.; Lee, J.; Park, G.L.; Kang, M.J.; Kang, M. An efficient scheduling scheme on charging stations for smart transportation. In Proceedings of the International Conference on Security-Enriched Urban Computing and Smart Grid, Daejeon, Korea, 15–17 September 2010; pp. 274–278. [Google Scholar]
- Tian, Z.; Jung, T.; Wang, Y.; Zhang, F.; Tu, L.; Xu, C.; Tian, C.; Li, X. Real-time charging station recommendation system for electric-vehicle taxis. IEEE Trans. Intell. Transp. Syst.
**2016**, 17, 3098–3109. [Google Scholar] [CrossRef] - Tang, W.; Zhang, Y.J.A. A model predictive control approach for lowcomplexity electric vehicle charging scheduling: Optimality and scalability. IEEE Trans. Power Syst.
**2016**, 32, 1050–1063. [Google Scholar] [CrossRef] - Nakamoto, S. Bitcoin: A Peer-to-Peer Electronic Cash System. Available online: https://bitcoin.org/bitcoin.pdf (accessed on 27 May 2019).
- Pub, N.F. Secure Hash Standard. Available online: https://csrc.nist.gov/csrc/media/publications/fips/180/\2/archive/2002-08-01/documents/fips180-2withchangenotice.pdf (accessed on 27 May 2019).
- Available online: https://www.hyperledger.org/resources/publications#white-papers (accessed on 27 May 2019).
- Huang, X.; Xu, C.; Wang, P.; Liu, H. LNSC: A Security Model for Electric Vehicle and Charging Pile Management Based on Blockchain Ecosystem. IEEE Access
**2018**, 6, 13565–313574. [Google Scholar] [CrossRef] - Poon, J.; Dryja, T. The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments. Available online: http://www.theblockchain.com/docs/Lightning%20Network (accessed on 27 May 2019).
- Surhone, L.M.; Timpledon, M.T.; Marseken, S.F. Smart Contract; Betascript Publishing: Saarbrücken, Germany, 2010; pp. 1–72. ISBN 978-613-0-48941-0. [Google Scholar]
- Roman, R.; Alcaraz, C.; Lopez, J.; Sklavos, N. Key management systems for sensor networks in the context of the Internet of Things. Comput. Electr. Eng.
**2011**, 37, 147–159. [Google Scholar] [CrossRef] - Turkanovic, M.; Brumen, B.; Hölbl, M. A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw.
**2014**, 20, 96–112. [Google Scholar] [CrossRef] - Amin, R.; Biswas, G. A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw.
**2016**, 36, 58–80. [Google Scholar] [CrossRef] - Lu, Y.; Li, L.; Peng, H.; Yang, Y. An energy efficient mutual authentication and key agreement scheme preserving anonymity for wireless sensor networks. Sensors
**2016**, 16, 837. [Google Scholar] [CrossRef] - Magazzeni, D.; McBurney, P.; Nash, W. Validation and verification of smart contracts: A research agenda. Computer
**2017**, 50, 50–57. [Google Scholar] [CrossRef] - Dubois, A.; Wehenkel, A.; Fonteneau, R.; Olivier, F.; Ernst, D. An app-based algorithmic approach for harvesting local and renewable energy using electric vehicles. In Proceedings of the 9th International Conference on Agents and Artificial Intelligence, Porto, Protugal, 24–26 February 2017; pp. 322–327. [Google Scholar]
- Knirsch, F.; Unterweger, A.; Engel, D. Privacy-preserving blockchain based electric vehicle charging with dynamic tariff decisions. Comput. Sci. Res. Dev.
**2017**, 33, 71–79. [Google Scholar] [CrossRef] - Li, Z.; Kang, J.; Yu, R.; Ye, D.; Deng, Q.; Zhang, Y. Consortium Blockchain for Secure Energy Trading in Industrial Internet of Things. IEEE Trans. Ind. Inf.
**2017**, 14, 3690–3700. [Google Scholar] [CrossRef] - Wazid, M.; Das, A.K.; Kumar, N.; Odelu, V.; Reddy, A.G.; Park, K.; Park, Y. Design of lightweight authentication and key agreement protocol for vehicular ad hoc networks. IEEE Access
**2017**, 5, 14966–14980. [Google Scholar] [CrossRef] - Messerges, T.S.; Dabbish, E.A.; Sloan, R.H. Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput.
**2002**, 51, 541–552. [Google Scholar] [CrossRef] - Kocher, P.; Jaffe, J.; Jun, B. Differential power analysis. In Proceedings of the Annual International Cryptology Conference (CRYPTO), Santa Barbara, CA, USA, 15–19 August 1999; pp. 388–397. [Google Scholar]
- Burrows, M.; Abadi, M.; Needham, R. A logic of authentication. ACM Trans. Comput. Syst.
**1990**, 8, 18–36. [Google Scholar] - AVISPA. Automated Validation of Internet Security Protocols and Applications. Available online: http://www.avispaproject.org/ (accessed on 10 May 2019).
- Park, K.; Park, Y.; Park, Y.; Reddy, A.G.; Das, A.K. Provably secure and efficient authentication protocol for roaming service in global mobility networks. IEEE Access
**2017**, 5, 25110–25125. [Google Scholar] [CrossRef] - Park, K.; Park, Y.; Park, Y.; Das, A.K. 2PAKEP: Provably secure and efficient two-party authenticated Key exchange protocol for mobile environment. IEEE Access
**2018**, 6, 30225–30241. [Google Scholar] [CrossRef] - Yu, S.; Lee, J.; Lee, K.; Park, K.; Park, Y. Secure authentication protocol for wireless sensor networks in vehicular communications. Sensors
**2018**, 18, 3191. [Google Scholar] [CrossRef] - Odelu, V.; Das, A.K.; Choo, K.R.; Kumar, N.; Park, Y. Efficient and secure time-key based single sign-on authentication for mobile devices. IEEE Access
**2017**, 5, 27707–27721. [Google Scholar] [CrossRef] - Von Oheimb, D. The high-level protocol specification language HLPSL developed in the EU project avispa. In Proceedings of the APPSEM 2005 Workshop, Tallinn, Finland, 13–15 September 2005; pp. 1–2. [Google Scholar]
- Turuani, M. The CL-Atse protocol analyser. In Proceedings of the 17th International Conference on Rewriting Techniques and Applications (RTA), Seattle, WA, USA, 12–14 August 2006; pp. 277–286. [Google Scholar]
- Basin, D.; Modersheim, S.; Vigano, L. OFMC: A symbolic model checker for security protocols. Int. J. Inf. Secur.
**2005**, 4, 181–208. [Google Scholar] [CrossRef] - SPAN: A Security Protocol Animator for AVISPA. Available online: http://www.avispa-project.org/ (accessed on 4 May 2019).
- Lai, C.; Lu, R.; Li, H.; Zheng, D.; Shen, X.S. Secure machine-type communications in LTE networks. Wirel. Commun. Mob. Comput.
**2016**, 16, 1495–1509. [Google Scholar] [CrossRef] - Qiu, Y.; Ma, M.; Wang, X. A proxy signature-based handover authentication scheme for LTE wireless networks. J. Netw. Comput. Appl.
**2017**, 83, 63–71. [Google Scholar] [CrossRef] - Islam, S.K.H.; Obaidat, M.S.; Vijayakumar, P.; Abdulhay, E.; Li, F.; Reddy, M.K.C. A robust and efficient password-based conditional privacy preserving authentication and group-key agreement protocol for VANETs. Future Gener. Comput. Syst.
**2018**, 84, 216–227. [Google Scholar] [CrossRef] - Nkenyereye, L.; Kwon, J.; Choi, Y. Secure and lightweight cloud-assisted video reporting protocol over 5G-enabled vehicular networks. Sensors
**2017**, 17, 2191. [Google Scholar] [CrossRef] [PubMed] - Lee, H.; Lee, D.; Moon, J.; Jung, J.; Kang, D.; Kim, H.; Won, D. An improved anonymous authentication scheme for roaming in ubiquitous networks. PLoS ONE
**2018**, 13, e0193366. [Google Scholar] [CrossRef] - Yu, Y.; Li, Y.; Du, X.; Chen, R.; Yang, B. Content protection in named data networking: Challenges and potential solutions. IEEE Commun. Mag.
**2018**, 56, 82–87. [Google Scholar] [CrossRef] - Ying, B.; Nayak, A. Lightweight remote user authentication protocol for multi-server 5G networks using self-certified public key cryptography. J. Netw. Comput. Appl.
**2019**, 131, 66–74. [Google Scholar] [CrossRef]

Notations | Meanings |
---|---|

EV | Electric vehicle |

EAG | Energy aggregator |

OP | Operator |

${E}_{p}$ | Elliptic curve over a finite field, where p is a large prime number |

G | Base point in ${E}_{p}$ |

$I{D}_{i}$/$P{W}_{i}$ | Identity/password for entity i |

${r}_{i}$ | Private key for entity i |

$P{K}_{i}$ | Public key for entity i |

a, b | Random number |

${k}_{op}$ | Random number from OP |

$h(\xb7)$ | Hash function |

‖ | Concatenation operation |

⊕ | XOR operation |

$SK$ | Session key |

Notation | Description |
---|---|

$A|\equiv X$ | Abelieves statement X |

#X | Statement X is fresh |

$A\u22b2X$ | Asees statement X |

$A|\sim X$ | A once said X |

$A\Rightarrow X$ | Acontrols statement X |

$<X{>}_{Y}$ | Formula X is combined with formula Y |

${\left\{X\right\}}_{K}$ | X is encrypted under key K |

$A\stackrel{K}{\leftrightarrow}B$ | A and B may use shared key K to communicate |

$\stackrel{K}{{}_{\u27f6B}}$ | B has K as a public key |

$SK$ | Session key used in the current session |

Lai et al. [44] | Qiu et al. [45] | Huang et al. [20] | Proposed | |
---|---|---|---|---|

EV | $7{T}_{sm-bp}+{T}_{pa-bp}+{T}_{mtp}$ | $2{T}_{sm-ecc}+3{T}_{pa-ecc}+8{T}_{h}$ | ${T}_{sm-ecc}+2{T}_{pa-ecc}+4{T}_{h}$ | ${T}_{enc-ecc}+9{T}_{h}$ |

$\approx 16.272$ ms | $\approx 0.8902$ ms | $\approx 0.4460$ ms | $\approx 1.1709$ ms | |

EAG | $2{T}_{bp}+5{T}_{sm-bp}+{T}_{pa-bp}+{T}_{mtp}$ | $2{T}_{sm-ecc}+4{T}_{pa-ecc}+5{T}_{h}$ | $2{T}_{sm-ecc}+2{T}_{pa-ecc}+7{T}_{h}$ | ${T}_{dec-ecc}+4{T}_{h}$ |

$\approx 21.276$ ms | $\approx 0.8917$ ms | $\approx 0.8883$ ms | $\approx 0.6104$ ms |

© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Kim, M.; Park, K.; Yu, S.; Lee, J.; Park, Y.; Lee, S.-W.; Chung, B.
A Secure Charging System for Electric Vehicles Based on Blockchain. *Sensors* **2019**, *19*, 3028.
https://doi.org/10.3390/s19133028

**AMA Style**

Kim M, Park K, Yu S, Lee J, Park Y, Lee S-W, Chung B.
A Secure Charging System for Electric Vehicles Based on Blockchain. *Sensors*. 2019; 19(13):3028.
https://doi.org/10.3390/s19133028

**Chicago/Turabian Style**

Kim, MyeongHyun, KiSung Park, SungJin Yu, JoonYoung Lee, YoungHo Park, Sang-Woo Lee, and BoHeung Chung.
2019. "A Secure Charging System for Electric Vehicles Based on Blockchain" *Sensors* 19, no. 13: 3028.
https://doi.org/10.3390/s19133028