# Smart Grid Security: A PUF-Based Authentication and Key Agreement Protocol

^{1}

^{2}

^{3}

^{4}

^{*}

^{†}

## Abstract

**:**

## 1. Introduction

#### 1.1. Our Contributions

- 1.
- We contribute to the literature on smart meter security by proposing a new protocol based on PUFs and ECC for smart grids named PPSG.
- 2.
- We provide an in-depth security analysis (with a real-or-random model) for the proposed protocol and also the communication and communication overheads analysis (with an Arduino UNO R3 board) to show that it is among the lightest protocols, compared to the recent related proposals.

#### 1.2. Paper Organization

## 2. Related Work

## 3. System Model

## 4. Proposed Protocol (PPSG)

- 1.
- The $S{M}_{i}$ obtains ${I}_{NAN}$ and ${Q}_{NAN}$ from SMI, generates a random number ${r}_{SM}\in {Z}_{q}^{*}$ and the timestamp ${T}_{SM}$, computes $R{1}_{SM}={r}_{SM}.{Q}_{SM}$, $R{2}_{SM}={r}_{SM}.(PUF\left({I}_{SM}\right)\oplus s{d}_{SM}).{Q}_{NAN}$, and $Auth{1}_{SM}=H(R{2}_{SM},{I}_{SM},{T}_{SM})$ and sends the message ${M}_{1}=<({I}_{SM},Auth{1}_{SM})\oplus R{2}_{SM},R{1}_{SM},{T}_{SM}>$ to the $NAN$.
- 2.
- Once the $NA{N}_{j}$ received ${M}_{1}$, it validates ${T}_{SM}$, calculates $R{2}_{SM}^{*}={d}_{NAN}.R{1}_{SM}$, and extracts ${I}_{SM}^{*}$ and $Auth{1}_{SM}^{*}$. Next, it verifies whether $Auth{1}_{SM}^{*}\stackrel{?}{=}H(R{2}_{SM}^{*},{I}_{SM}^{*},{T}_{SM})$ to accept the login request. Assuming the request has been accepted, using ${I}_{SM}^{*}$, $NA{N}_{j}$ obtains ${Q}_{SM}^{*}$ from SMI, generates a random number ${r}_{NAN}\in {Z}_{q}^{*}$ and its timestamp ${T}_{NAN}$ and computes $R{1}_{NAN}={r}_{NAN}.{Q}_{NAN}$, $R{2}_{NAN}={r}_{NAN}.R{2}_{SM}^{*}$ and $Aut{h}_{NAN}=H(R{2}_{NAN},{I}_{NAN}\oplus {I}_{SM},{T}_{SM}\oplus {T}_{NAN})$, and sends the message ${M}_{2}=<Aut{h}_{NAN},R{1}_{NAN},{T}_{NAN}>$ to the $S{M}_{i}$.
- 3.
- Once the $S{M}_{i}$ receives ${M}_{2}$, it validates ${T}_{NAN}$, calculates $R{2}_{NAN}^{*}=(PUF\left({I}_{SM}\right)\oplus s{d}_{SM}).{r}_{sm}.R{1}_{NAN}$, and verifies whether $Aut{h}_{NAN}\stackrel{?}{=}H(R{2}_{NAN}^{*},{I}_{NAN}\oplus {I}_{SM},{T}_{SM}\oplus {T}_{NAN})$ to authenticate the $NA{N}_{j}$. Next, it extracts its current timestamp ${T}_{SM}^{\prime}$ and computes the shared key $SK=H({I}_{NAN}\Vert {I}_{SM}\Vert R{2}_{NAN}^{*}\Vert {T}_{SM}^{\prime}\Vert {T}_{NAN})$ and $Auth{2}_{SM}=H(SK\Vert {T}_{SM}^{\prime})$ and sends ${M}_{3}=<Auth{2}_{SM},{T}_{SM}^{\prime}>$ to the $NA{N}_{j}$.
- 4.
- Once the $NA{N}_{j}$ receives ${M}_{3}$, it verifies ${T}_{SM}^{\prime}$, calculates $S{K}^{*}=H({I}_{NAN}\Vert {I}_{SM}^{*}\Vert R{2}_{NAN}\Vert {T}_{SM}^{\prime}\Vert {T}_{NAN})$, and verifies whether $Auth{2}_{SM}\stackrel{?}{=}H(S{K}^{*}\Vert {T}_{SM}^{\prime})$ to authenticate the $S{M}_{i}$.
- 5.
- Once the legitimacy of both $S{M}_{i}$ and $NA{N}_{j}$ has been verified and they have been successfully authenticated, the mutual authentication and key agreement process concludes, and the shared key will be $SK=H({I}_{NAN}\Vert {I}_{SM}\Vert {r}_{NAN}.{r}_{SM}.{d}_{SM}.{d}_{NAN}.P\Vert {T}_{SM}^{\prime}\Vert {T}_{NAN})$.

## 5. Security Analysis of PPSG

#### 5.1. Heuristic Security Evaluation

#### 5.2. Formal Security Evaluation—RoR

- $\mathrm{Execute}$: it models a passive adversary $\mathcal{A}$, which eavesdrops transferred messages over public channel;
- $\mathrm{Send}$: it models an active adversary on the public channel;
- $\mathrm{Reveal}$ (${N}_{i}$): its output is the session key that is held by the instance ${N}_{i}$;
- $\mathrm{Test}$ (${N}_{i}$): it returns the session key for instance ${N}_{i}$ if $b=1$ or a random value of the same size if $b=0$.

**Theorem**

**1.**

**Proof.**

#### 5.3. Formal Security Validation—Scyther

- Alive: Scyther claims to be able to detect liveness violations, which occur when a protocol becomes stuck or deadlocked;
- Secret: Scyther claims to be able to detect confidentiality violations, which occur when an attacker gains unauthorized access to sensitive information;
- Weakagree: Scyther claims to be able to detect weaknesses in agreement protocols, which are used to establish shared secrets between parties;
- Niagree: Scyther claims to be able to detect non-injective agreement protocols, which can allow an attacker to impersonate one of the parties involved;
- Nisynch: Scyther claims to be able to detect non-injective synchronization protocols, which can allow an attacker to manipulate the order of messages between parties.

## 6. Cost Analysis

## 7. Conclusions and Future Work

## Author Contributions

## Funding

## Data Availability Statement

## Acknowledgments

## Conflicts of Interest

## References

- Agency, I.E. Electricity Grids and Secure Energy Transitions Report. 2023. Available online: https://www.iea.org/reports/electricity-grids-and-secure-energy-transitions (accessed on 25 December 2023).
- What Are Smart Grids? Available online: https://www.iea.org/energy-system/electricity/smart-grids (accessed on 31 October 2023).
- Hossein Motlagh, N.; Mohammadrezaei, M.; Hunt, J.; Zakeri, B. Internet of Things (IoT) and the Energy Sector. Energies
**2020**, 13, 494. [Google Scholar] [CrossRef] - Insights, G.M. Mart Meters Market—By Application (Residential, Commercial, Utility), By Technology (AMI, AMR), by Product (Smart Gas Meter). 2022. Available online: https://www.gminsights.com/industry-analysis/smart-metering-systems-market (accessed on 25 December 2023).
- Analytics, I. Smart Meter Market Report 2019–2024. 2019. Available online: https://iot-analytics.com/product/smart-meter-market-report-2019-2024 (accessed on 25 December 2023).
- Thomson, J.; Motyka, M.; Hardin, K.; Nagdeo, J. Electric Power Supply Chains: Achieving Security, Sustainability, and Resilience. 2022. Available online: https://www2.deloitte.com/us/en/insights/industry/power-and-utilities/supply-chain-resilience-electric-power-sector.html (accessed on 31 October 2023).
- Columbus, L. Benchmarking Your Cybersecurity Budget in 2023. 2023. Available online: https://venturebeat.com/security/benchmarking-your-cybersecurity-budget-in-2023/ (accessed on 31 October 2023).
- Ghiasi, M.; Niknam, T.; Wang, Z.; Mehrandezh, M.; Dehghani, M.; Ghadimi, N. A comprehensive review of cyber-attacks and defense mechanisms for improving security in smart grid energy systems: Past, present and future. Electr. Power Syst. Res.
**2023**, 215, 108975. [Google Scholar] [CrossRef] - Hasan, M.K.; Habib, A.A.; Shukur, Z.; Ibrahim, F.; Islam, S.; Razzaque, M.A. Review on cyber-physical and cyber-security system in smart grid: Standards, protocols, constraints, and recommendations. J. Netw. Comput. Appl.
**2023**, 209, 103540. [Google Scholar] [CrossRef] - Mazhar, T.; Irfan, H.M.; Khan, S.; Haq, I.; Ullah, I.; Iqbal, M.; Hamam, H. Analysis of Cyber Security Attacks and Its Solutions for the Smart Grid Using Machine Learning and Blockchain Methods. Future Internet
**2023**, 15, 83. [Google Scholar] [CrossRef] - Kumar, P.; Gurtov, A.; Sain, M.; Martin, A.; Ha, P.H. Lightweight authentication and key agreement for smart metering in smart energy networks. IEEE Trans. Smart Grid
**2018**, 10, 4349–4359. [Google Scholar] [CrossRef] - Baghestani, S.H.; Moazami, F.; Tahavori, M. Lightweight Authenticated Key Agreement for Smart Metering in Smart Grid. IEEE Syst. J.
**2022**, 16, 4983–4991. [Google Scholar] [CrossRef] - Kumar, N.; Aujla, G.S.; Das, A.K.; Conti, M. ECCAuth: A Secure Authentication Protocol for Demand Response Management in a Smart Grid System. IEEE Trans. Ind. Inform.
**2019**, 15, 6572–6582. [Google Scholar] [CrossRef] - Yu, S.; Park, K.; Lee, J.; Park, Y.; Park, Y.; Lee, S.; Chung, B. Privacy-preserving lightweight authentication protocol for demand response management in smart grid environment. Appl. Sci.
**2020**, 10, 1758. [Google Scholar] [CrossRef] - Wu, F.; Xu, L.; Li, X.; Kumari, S.; Karuppiah, M.; Obaidat, M.S. A lightweight and provably secure key agreement system for a smart grid with elliptic curve cryptography. IEEE Syst. J.
**2018**, 13, 2830–2838. [Google Scholar] [CrossRef] - Garg, S.; Kaur, K.; Kaddoum, G.; Rodrigues, J.J.P.C.; Guizani, M. Secure and Lightweight Authentication Scheme for Smart Metering Infrastructure in Smart Grid. IEEE Trans. Ind. Inform.
**2020**, 16, 3548–3557. [Google Scholar] [CrossRef] - He, D.; Wang, H.; Khan, M.K.; Wang, L. Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography. IET Commun.
**2016**, 10, 1795–1802. [Google Scholar] [CrossRef] - Abbasinezhad-Mood, D.; Nikooghadam, M. An Anonymous ECC-Based Self-Certified Key Distribution Scheme for the Smart Grid. IEEE Trans. Ind. Electron.
**2018**, 65, 7996–8004. [Google Scholar] [CrossRef] - Khan, A.A.; Kumar, V.; Ahmad, M.; Rana, S.; Mishra, D. PALK: Password-based anonymous lightweight key agreement framework for smart grid Author links open overlay panel. Int. J. Electr. Power Energy Syst.
**2020**, 121, 106121. [Google Scholar] [CrossRef] - Tanveer, M.; Kumar, N.; Naushad, A.; Chaudhry, S.A. A robust access control protocol for the smart grid systems. IEEE Internet Things J.
**2021**, 9, 6855–6865. [Google Scholar] [CrossRef] - Chaudhry, S.A.; Yahya, K.; Garg, S.; Kaddoum, G.; Hassan, M.M.; Zikria, Y.B. LAS-SG: An elliptic curve-based lightweight authentication scheme for smart grid environments. IEEE Trans. Ind. Inform.
**2022**, 19, 1504–1511. [Google Scholar] [CrossRef] - Rincón, A.E.R.; Melo, W.S.; de Farias, C.M.; Carmo, L.F.R.C. Securing Smart Meters Through Physical Properties of Their Components. IEEE Trans. Instrum. Meas.
**2021**, 70, 1–11. [Google Scholar] [CrossRef] - Gope, P.; Sikdar, B. Privacy-aware authenticated key agreement scheme for secure smart grid communication. IEEE Trans. Smart Grid
**2018**, 10, 3953–3962. [Google Scholar] [CrossRef] - Braeken, A.; Kumar, P.; Martin, A. Efficient and provably secure key agreement for modern smart metering communications. Energies
**2018**, 11, 2662. [Google Scholar] [CrossRef] - Rostampour, S.; Bagheri, N.; Ghavami, B.; Bendavid, Y.; Kumari, S.; Martin, H.; Camara, C. Using a Privacy-Enhanced Authentication Process to Secure IoT-based Smart Grid Infrastructures. Available online: https://www.researchsquare.com/article/rs-2802756/v1 (accessed on 25 December 2023).
- Mustapa, M.; Niamat, M.Y.; Nath, A.P.D.; Alam, M. Hardware-Oriented Authentication for Advanced Metering Infrastructure. IEEE Trans. Smart Grid
**2018**, 9, 1261–1270. [Google Scholar] [CrossRef] - Harishma, B.; Mathew, P.; Patranabis, S.; Chatterjee, U.; Agarwal, U.; Maheshwari, M.; Dey, S.; Mukhopadhyay, D. Safe is the New Smart: PUF-Based Authentication for Load Modification-Resistant Smart Meters. IEEE Trans. Dependable Secur. Comput.
**2022**, 19, 663–680. [Google Scholar] [CrossRef] - Liu, J.; Ke, L. New efficient identity based encryption without pairings. J. Ambient. Intell. Humaniz. Comput.
**2019**, 10, 1561–1570. [Google Scholar] [CrossRef] - Salimi, M. A New Efficient Identity-Based Encryption Without Pairing. Cryptol. Eprint Arch.
**2021**, 10, 1561–1570. [Google Scholar] - Lounis, K. PUF Security: Reviewing The Validity of Spoofing Attack Against Safe is the New Smart. Available online: https://eprint.iacr.org/2021/985 (accessed on 25 December 2023).
- Safkhani, M.; Rostampour, S.; Bendavid, Y.; Sadeghi, S.; Bagheri, N. Improving RFID/IoT-based generalized ultra-lightweight mutual authentication protocols. J. Inf. Secur. Appl.
**2022**, 67, 103194. [Google Scholar] [CrossRef] - Badshah, A.; Waqas, M.; Abbas, G.; Muhammad, F.; Abbas, Z.H.; Vimal, S.; Bilal, M. LAKE-BSG: Lightweight authenticated key exchange scheme for blockchain-enabled smart grids. Sustain. Energy Technol. Assess.
**2022**, 52, 102248. [Google Scholar] [CrossRef] - Canetti, R.; Krawczyk, H. Universally Composable Notions of Key Exchange and Secure Channels. In Lecture Notes in Computer Science, Proceedings of the Advances in Cryptology—EUROCRYPT 2002, International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, The Netherlands, 28 April–2 May 2002; Knudsen, L.R., Ed.; Springer: Berlin/Heidelberg, Germany, 2002; Volume 2332, pp. 337–351. [Google Scholar] [CrossRef]
- Dolev, D.; Yao, A. On the security of public key protocols. IEEE Trans. Inf. Theory
**1983**, 29, 198–208. [Google Scholar] [CrossRef] - Jangirala, S.; Das, A.K.; Vasilakos, A.V. Designing secure lightweight blockchain-enabled RFID-based authentication protocol for supply chains in 5G mobile edge computing environment. IEEE Trans. Ind. Inform.
**2019**, 16, 7081–7093. [Google Scholar] [CrossRef] - Khalafalla, M.; Gebotys, C.H. PUFs Deep Attacks: Enhanced modeling attacks using deep learning techniques to break the security of double arbiter PUFs. In Proceedings of the Design, Automation & Test in Europe Conference & Exhibition, Florence, Italy, 25–29 March 2019; pp. 204–209. [Google Scholar]
- Zalivaka, S.S.; Ivaniuk, A.A.; Chang, C. Reliable and Modeling Attack Resistant Authentication of Arbiter PUF in FPGA Implementation With Trinary Quadruple Response. IEEE Trans. Inf. Forensics Secur.
**2019**, 14, 1109–1123. [Google Scholar] [CrossRef] - Cremers, C.J.F. The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols. In Proceedings of the Computer Aided Verification, Princeton, NJ, USA, 7–14 July 2008; Springer: Berlin/Heidelberg, Germany, 2008; pp. 414–418. [Google Scholar]
- Abdalla, M.; Fouque, P.; Pointcheval, D. Password-Based Authenticated Key Exchange in the Three-Party Setting. In Lecture Notes in Computer Science, Proceedings of the Public Key Cryptography—PKC 2005, 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, 23–26 January 2005; Vaudenay, S., Ed.; Springer: Berlin/Heidelberg, Germany, 2005; Volume 3386, pp. 65–84. [Google Scholar]
- Wang, R.; Selimis, G.; Maes, R.; Goossens, S. Long-term Continuous Assessment of SRAM PUF and Source of Random Numbers. In Proceedings of the 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE), Grenoble, France, 9–13 March 2020; pp. 7–12. [Google Scholar] [CrossRef]
- Tsai, J.; Lo, N. Secure Anonymous Key Distribution Scheme for Smart Grid. IEEE Trans. Smart Grid
**2016**, 7, 906–914. [Google Scholar] [CrossRef] - Leurent, G.; Peyrin, T. From Collisions to Chosen-Prefix Collisions Application to Full SHA-1. In Lecture Notes in Computer Science, Proceedings of the Advances in Cryptology—EUROCRYPT 2019—38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, 19–23 May 2019; Part III; Ishai, Y., Rijmen, V., Eds.; Springer: Berlin/Heidelberg, Germany, 2019; Volume 11478, pp. 527–555. [Google Scholar]
- Atmel. 8-Bit AVR Microcontroller with 32K Bytes In-System Programmable Flash. Microchip. Available online: http://ww1.microchip.com/downloads/en/DeviceDoc/Atmel-7810-Automotive-Microcontrollers-ATmega328P_Datasheet.pdf (accessed on 10 June 2020).
- Young, R.; McCue, J.; Grant, C. The Power Is On: How IoT Technology Is Driving Energy Innovation. 2016. Available online: https://www2.deloitte.com/us/en/insights/focus/internet-of-things/iot-in-electric-power-industry.html (accessed on 25 December 2023).

Symbol | Description |
---|---|

P | Generator point of a large group G |

q | A large prime number |

${N}_{i}$ | ith IoT node |

$CA$ | A trusted server |

$I{D}_{i}$ | The unique identifier of ${N}_{i}$ |

${d}_{SM}$ | The ECC based private key of the smart meter ($SM$) |

${d}_{NAN}$ | The ECC based private key of neighborhood area network gateway ($NAN$) |

${Q}_{SM/NAN}$ | The ECC based public key of $SM$/$NAN$ |

${r}_{SM/NAN}$ | A random number generated by $SM$/$NAN$ |

$Aut{h}_{SM/NAN}$ | Authentication token generated by $SM$/$NAN$ |

$H(.)$ | One-way hash function |

${T}_{SM/NAN}$ | Timestamp of $SM$/$NAN$ |

${I}_{SM/NAN}$ | Identifier of $SM$/$NAN$ |

$a.P$ | Multiplying a point P on the elliptic curve E by natural number (scalar) a, results another point on the curve |

‖ | Concatenation |

$\mathrm{\Delta}T$ | An acceptable threshold for time |

$SK$ | The shared session key between $SM$ and $NAN$ gateway |

$\left|X\right|$ | Cardinality of the set X |

Protocol | Computations | Time (ms) | Communications (Bit) | Energy (mJ) |
---|---|---|---|---|

[15] | $2\times {T}_{2ECC}+6\times {T}_{ECC}+11\times {T}_{h}$ | $211\phantom{\rule{3.33333pt}{0ex}}$ | 1600 | 18.568 |

[16] | $2\times {T}_{2ECC}+6\times {T}_{ECC}+8\times {T}_{h}$ | $202\phantom{\rule{3.33333pt}{0ex}}$ | 1344 | 17.776 |

[17] | $2\times {T}_{2ECC}+6\times {T}_{ECC}+5\times {T}_{h}$ | $193\phantom{\rule{3.33333pt}{0ex}}$ | 1632 | 16.984 |

[18] | $8\times {T}_{ECC}+10\times {T}_{h}+$ | $198\phantom{\rule{3.33333pt}{0ex}}$ | 1440 | 17.424 |

[19] | $8\times {T}_{ECC}+4\times {T}_{Es}+19\times {T}_{h}$ | $240\phantom{\rule{3.33333pt}{0ex}}$ | 2912 | 21.12 |

[20] | $8\times {T}_{h}+{T}_{PUF}+{T}_{FE.REC}+3\times {T}_{ECC}+4\times {T}_{Es}$ | $198\phantom{\rule{3.33333pt}{0ex}}$ | 1408 | 17.414 |

[21] | $10\times {T}_{h}+4\times {T}_{SE}+7\times {T}_{ECC}$ | 205 | 1536 | 18.034 |

[23] | $11\times {T}_{h}+{T}_{PUF}+{T}_{FE.GEN}+{T}_{FE.REC}$ | $156\phantom{\rule{3.33333pt}{0ex}}$ | 896 | 13.728 |

[25] | $9\times {T}_{h}+{T}_{PUF}+6\times {T}_{ECC}$ | 156 | 1408 | 13.728 |

[32] | $16\times {T}_{h}+1\times {T}_{SE}+3\times {T}_{ECC}+{T}_{PUF}+2\times {T}_{FE.GEN}$ | 180 | 1664 | 15.835 |

PPSG | $8\times {T}_{h}+6\times {T}_{ECC}+1\times {T}_{PUF}$ | 153 | 1376 | 13.468 |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Bagheri, N.; Bendavid, Y.; Safkhani, M.; Rostampour, S.
Smart Grid Security: A PUF-Based Authentication and Key Agreement Protocol. *Future Internet* **2024**, *16*, 9.
https://doi.org/10.3390/fi16010009

**AMA Style**

Bagheri N, Bendavid Y, Safkhani M, Rostampour S.
Smart Grid Security: A PUF-Based Authentication and Key Agreement Protocol. *Future Internet*. 2024; 16(1):9.
https://doi.org/10.3390/fi16010009

**Chicago/Turabian Style**

Bagheri, Nasour, Ygal Bendavid, Masoumeh Safkhani, and Samad Rostampour.
2024. "Smart Grid Security: A PUF-Based Authentication and Key Agreement Protocol" *Future Internet* 16, no. 1: 9.
https://doi.org/10.3390/fi16010009