Journal of Computer Applications ›› 2019, Vol. 39 ›› Issue (3): 779-783.DOI: 10.11772/j.issn.1001-9081.2018071486

Previous Articles     Next Articles

Authentication scheme for smart grid communication based on elliptic curve cryptography

LIU Xindong, XU Shuishuai, CHEN Jianhua   

  1. School of Mathematics and Statistics, Wuhan University, Wuhan Hubei 430072, China
  • Received:2018-07-19 Revised:2018-09-03 Online:2019-03-10 Published:2019-03-11
  • Contact: 刘欣东

基于椭圆曲线密码的智能电网通信认证协议

刘欣东, 徐水帅, 陈建华   

  1. 武汉大学 数学与统计学院, 武汉 430072
  • 作者简介:刘欣东(1993-),男,山东济南人,硕士研究生,主要研究方向:密码学;徐水帅(1993-),男,河南安阳人,硕士研究生,主要研究方向:信息安全;陈建华(1963-),男,湖北武汉人,教授,博士,主要研究方向:密码学、信息安全、椭圆曲线。

Abstract: To ensure the security and reliability of communication in the smart grid, more and more authentication protocols have been applied in the communication process. For the authentication protocol proposed by Mahmood et al. (MAHMOOD K, CHAUDHRY S A, NAQVI H, et al. An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Future Generation Computer Systems. 2018,81:557-565), some defects were pointed out. For example, this protocol can be easily attacked by internal privileged personnel, is lack of password replacement phase and unfriendly to users, in which unique username cannot be guaranteed, even a formula error exists. To improve this protocol, an authentication protocol based on elliptic curve was proposed. Firstly, a login phase between the user and the device was added in the improved protocol. Secondly, elliptic curve cryptography puzzle was used to realize information exchange. Finally, the password replacement phase was added. Through the formal analysis by BAN (Burrows-Abadi-Needha) logic, the improved protocol is safe and feasible, which can resist internal personnel attacks, has password replacement and unique username, and is more friendly to users.

Key words: smart grid, authentication, key agreement, Elliptic Curve Cryptography (ECC), BAN (Burrows-Abadi-Needha) logic

摘要: 为了确保通信在智能电网中的安全可靠,越来越多的认证协议被应用在通信过程中。针对Mahmood等(MAHMOOD K,CHAUDHRY S A,NAQVI H,et al.An elliptic curve cryptography based lightweight authentication scheme for smart grid communication.Future Generation Computer Systems,2018,81:557-565)提出的认证协议,指出此协议易受到内部特权人员攻击,缺少更换口令阶段,对用户缺少亲和性,无法保证用户有唯一的用户名,并有一个公式的错误。为改进此协议,提出一个基于椭圆曲线的认证协议。首先,增加用户与设备之间的登录阶段,其次,利用椭圆曲线密码学难题进行信息交互,最后补充口令更换阶段。通过BAN逻辑形式化分析,改进协议安全可行,能抵挡住内部人员攻击,并具有口令更换、用户名唯一、对用户有亲和性的特点。

关键词: 智能电网, 认证, 密钥协商, 椭圆曲线密码学, BAN逻辑

CLC Number: