© 2023 IIETA. This article is published by IIETA and is licensed under the CC BY 4.0 license (http://creativecommons.org/licenses/by/4.0/).
OPEN ACCESS
The burgeoning Internet of Energy (IoE) paradigm, a fusion of the Internet of Things (IoT) and Smart Grid (SG) technologies, holds the promise of significantly enhancing the reliability and efficiency of energy production, transmission, and consumption across the entire energy chain, from generation to the end user. Two central technical aspects that enable this innovation are the advent of smart consumer electronics and the establishment of bidirectional IoT communications. These developments have facilitated the incorporation of novel applications into the Smart Grid, including smart metering, Consumer Demand-Response (CDR) management, and prepayment. In this study, our focus lies primarily on the development of a secure and efficient key management system for CDR communications. It is demonstrated herein that a previous key graph-based scheme, called EDR, is susceptible to collusion attacks and lacks support for broadcast CDR communications. In response to these vulnerabilities, we propose a novel key management scheme, referred to as Secure and Efficient key management scheme for CDR communications (SE-CDR). This scheme retains the strengths of the EDR while introducing a modified multi-group key graph technique, designed to ensure the secure, efficient, and scalable management of unicast, multicast, and broadcast CDR communications. The presented security analysis and performance evaluation results establish the robust security of the SE-CDR scheme. Moreover, a comparative analysis revealed that this new approach offers significant improvements in terms of storage and communication efficiency, outperforming existing state-of-the-art methods. This study thus presents a promising advancement in the realm of secure and efficient key management for the Internet of Energy paradigm.
security, efficiency, key management, consumer demand response communications, internet of energy
The escalating demand for efficient energy management and distribution has emerged as a potent catalyst for research into the Internet of Energy (IoE) paradigm. The IoE concept is a product of the synergistic integration of the Internet of Things (IoT) and Smart Grids (SG) visions [1, 2]. The application of the IoT communication paradigm to oversee power generation, distribution, and management has been demonstrated to enhance the dependability, effectiveness, flexibility, and cost-effectiveness of the SG.
In recent times, Consumer Demand-Response (CDR) management has been identified as a critical element for augmenting the efficiency of power networks, offering benefits to consumers and power utilities alike [3]. CDR programs, which are agreements between consumers and power utilities stipulating specific prices and load conditions, facilitate consumers in overseeing their energy usage and reconfiguring their energy consumption patterns in return for incentives or favorable pricing [4, 5]. The implementation of CDR can involve postponing high-energy tasks or shutting down appliances like heaters, air conditioners, and washing machines. Examples of such programs include the Emergency Demand Reduction (EDR) program [6], Real-Time Pricing (RTP) program [7], and Direct Load Control (DLC) program [8].
Given its pivotal role in the power network, CDR management has become an attractive target for potential attacks. For example, compromising the real-time pricing channel could lead to energy theft or unauthorized manipulation of appliances, thus presenting a considerable challenge for ensuring the security of CDR communications [9, 10]. In general, the security requirements for CDR programs are:
To meet these security requirements, an effective Key Management Scheme (KMS) must be implemented. However, it is critical that security operations, such as key updates, are also secure as inadequate key update procedures pose risks of potential key exposure, thereby undermining the overall objective of CDR management.
The KMS in IoE networks must also exhibit efficiency in minimizing overhead, given that key management operations are often conducted frequently among a multitude of entities with constrained resources [11-16].
Moreover, the KMS should be scalable in the sense that it must be able to handle large networks of IoT devices, potentially numbering in the millions, while still maintaining its performance even if expansion is needed. The KMS must also be versatile, capable of supporting all forms of communication, including [10]:
1.1 Related work
Over the past several years, the scientific community has made substantial strides in proposing a variety of Key Management Schemes (KMS) designed to secure communications within the framework of Internet of Energy (IoE) networks [17-33]. However, a minority of these efforts have been aimed at developing a secure, efficient, and versatile KMS specifically for Consumer Demand-Response (CDR) communications.
A scalable and fault-tolerant KMS was presented by Wu and Zhou [17], which incorporated symmetric key techniques and Elliptic Curve Cryptography (ECC). Despite its innovative approach, this scheme was later found to be vulnerable to Man-In-The-Middle (MITM) attacks, as highlighted by Xia and Wang [18].
Building on previous work, Liu et al. [19] developed a flexible KMS for securing CDR communications. Their approach, which leveraged simple mathematical functions for key agreement and renewal, was particularly suited to addressing the resource constraints of smart meters. Following a similar line of thought, Yu et al. [20] proposed a novel KMS for Information Centric Networking in the IoE, dubbed ICN-KMS. Regrettably, these schemes proved susceptible to desynchronization attacks, as demonstrated by Wan et al. [21]. In response, Wan et al. offered an efficient scheme that combined an effective key graph technique with an Identity-Based Cryptosystem (IBC) to secure CDR communications.
Tsai and Lo [22] designed an innovative IBC-based scheme with a tamper-proof module, aiming to ensure efficient key distribution and ward off probing attacks. However, this proposed solution was later found to be insecure against impersonation and ephemeral key compromise attacks, as noted by Odelu et al. [23]. Meanwhile, Yan et al. [24] introduced a lightweight approach designed to provide a key agreement and mutual authentication mechanism. This solution, however, was later shown to be susceptible to various attacks like Denial of Service (DoS) and replay attacks as noted by Shariat and Safkhani [34].
Mahmood et al. [25] proposed a solution that relied on ECC to facilitate peer-to-peer communication within the Smart Grid (SG). Despite its potential, Abbasinezhad-Mood and Nikooghadam [26] identified weaknesses in this scheme, including a lack of perfect forward secrecy. A versatile and scalable KMS for CDR communication security was proposed by Benmalek et al. [27], but it was found that the proposed broadcast update process led to excessive communication overhead.
In a further development, Mohammadali et al. [28] created two distinct authenticated key agreement schemes that relied on ECC. Later, Zhang et al. [29] proposed an efficient authenticated key agreement protocol that utilized symmetric encryption and secure hash functions to achieve Smart Meter (SM) anonymity and untraceability, while maintaining a low computational overhead.
Gope [30] proposed a scheme for establishing privacy-preserving multi-factor authentication keys that relied on one-way hash functions, reverse fuzzy extractors, and Physical Uncloneable Functions (PUFs). This scheme provided mutual authentication and untraceability. Concurrently, Benmalek et al. [31] focused on securing CDR programs and introduced a novel KMS, termed EDR, for secure CDR communications. This scheme employed a novel key graph technique to enhance the security of multicast and unicast CDR communications within extensive IoE networks. Moreover, this scheme facilitated the administration of dynamic CDR programs.
Most recently, Xiang and Cao [32] proposed an authenticated key agreement protocol that ensures privacy-preservation for IoE communications. Concurrently, Nkurunziza et al. [33] proposed a secure certificateless key agreement and authentication protocol, specifically designed to meet the resource constraints of devices, while ensuring secure communication between legitimate parties.
In summary, while the field has seen substantial progress, the development of a secure, efficient, and versatile KMS for CDR communications remains a critical area of research. The challenges in this domain are complex and multi-faceted, necessitating further investigation and innovative solutions.
1.2 Our contributions
In this study, an initial examination is made of the EDR scheme [31] which reveals a lack of versatility, particularly in supporting broadcast Consumer Demand-Response (CDR) communications. Furthermore, the scheme is identified as susceptible to collusion attacks. To address these shortcomings, we propose a more efficient, scalable, secure, and versatile Key Management Scheme (KMS) specifically tailored for secure CDR communications. The pivotal findings of this study are as follows:
1.3 Paper organization
The structure of this study unfolds as follows: A comprehensive system model is delineated in Section 2, accompanied by an outline of the key management design objectives. Section 3 embarks on a scrutinizing review of the existing Key Management Scheme (KMS) as proposed by Benmalek et al. [31], shedding light on its inherent weaknesses. Armed with the identification of these shortcomings, an improved KMS is proposed in Section 4, wherein the design of this refined scheme is presented and its enhancements thoroughly discussed.
Section 5 is dedicated to a rigorous performance and security evaluation of the proposed solution, providing a robust assessment of its efficacy. The comparative analysis undertaken in Section 6 juxtaposes the proposed scheme against four existing schemes across both performance and security metrics [19-21, 31]. The study concludes in the final section, encapsulating the key findings and underlining the significant contributions of this research.
In essence, this study embarks on a critical examination of the existing KMS, identifies its shortcomings, and proposes an improved system. Through a series of rigorous analyses, evaluations, and comparative studies, the efficacy, performance, and security enhancements of the proposed scheme are conclusively demonstrated. The study concludes by summarizing these key findings and emphasizing the significant contributions to the field, setting the stage for further research and innovation.
In the upcoming section, we will describe the system model and outline the security and performance requirements associated with key management in IoE.
2.1 System model
The Internet of Energy network adheres to the structure depicted in Figure 1. It comprises:
Figure 1. System Model for IoE network
2.2 Key management requirements
In the subsequent sections, we examine the fundamental security and performance requirements essential for an efficient and secure KMS.
2.2.1 Security requirements
Below are the summarized security requirements that a KMS must verify to ensure secure CDR communications.
2.2.2 Non-security requirements
Satisfying the following performance requirements is of great importance for an effective KMS.
EDR scheme was proposed to provide secure CDR communications in IoE [31]. It uses a key graph approach to efficiently manage keys for both unicast and multicast communications, reducing storage and communication costs. In the following, we will briefly examine the two KMS (i.e., unicast and multicast key management protocols) of EDR scheme and highlight their vulnerabilities.
3.1 Description of EDR scheme
EDR scheme consists of two key management protocols:
3.1.1 Unicast key management
A secure method of exchanging keys is employed to set up individual symmetric keys $\left\{k_1, \ldots, k_n\right\}$ between the SMs and the CC. These symmetric keys are employed for the secure unicast CDR communications.
3.1.2 Multicast key management
The previous individual keys are used to form a key graph structure used to secure the multicast CDR communications between the control center and the smart meters. The designed structure enables the handling of dynamic and multiple CDR programs for each consumer simultaneously.
As depicted in Figure 2, the formed key graph structure is designed as follows:
As the consumers subscribed to CDR programs are not fixed, the proposed multicast KMS efficiently updates the CDR Group members while ensuring group secrecy, backward secrecy and forward secrecy.
Figure 2. Example of EDR’s key graph structure
3.2 Weaknesses of EDR scheme
EDR scheme has the following weaknesses: 1) Binary OFT key trees form the lower layer in the key graph structure for EDR. The classical OFT mechanism is used to update the keys in SubG-trees. Then, the keys of the lower level are used to update those of the upper level. However, this scheme is vulnerable to the collusion attack and does not guarantee either backward or forward secrecy; 2) EDR does not support secure broadcast CDR communications.
3.2.1 Collusion attack on EDR scheme
The collusion attack can be described as follows:
CC → SubG3: Encrypt (SK3−4(t1), SK3(t0)) (1)
CC → SubG4: Encrypt (SK3−4(t1), SK4(t1)) (2)
Then, the CDR1 group key GK1(t0) is updated to GK1(t1) and distributed to consumers in SubG-tree1and SubG-tree2:
CC → SubG1, SubG2: Encrypt (GK1(t1), SK1-2(t0)) (3)
Finally, GK1(t1) is distributed to consumers belonging to SubG-tree3and SubG-tree4 as follows:
CC → SubG3, SubG4: Encrypt (GK1(t1), SK3-4(t1)) (4)
Figure 3. EDR’s key graph structure at t0
Figure 4. EDR’s key graph structure at t1
Figure 5. EDR’s key graph structure at t2
In order to overcome the weaknesses described in Section 3.2, we propose a more Secure and Efficient key management scheme for CDR communications, named SE-CDR. Our improved scheme not only inherits the advantages of EDR scheme in terms of efficiency, but it also enhances the security. In the proposed scheme, we use a new key graph approach to ensure efficient management of the CDR communications. Later, we will show that our KMS scales to large IoE networks while meeting consumer SM’s resource constraints. Table 1 summarizes the terminology used to describe our proposed scheme.
Table 1. Notation table
Notation |
Description |
m |
Number of CDR programs |
N |
Number of consumers in IoT network |
d |
LKH key tree degree |
H (.) |
One-way hash function |
Encrypt (msg, k) |
Encrypt msg with key k |
Ci |
The ith consumer |
GKi |
The ith CDR program’s group key |
SKi |
The ith Subscription Group key |
CDRi |
The ith CDR program |
SubGi |
The ith Subscription Group |
CDrGi |
The ith CDR Group |
|CDrGi| |
Number of subscribers in CDrGi |
|SubGi| |
Number of subscribers in SubGi |
X → Y: msg |
X sends a msg to Y |
4.1 Initialization
4.2 SE-CDR key graph structure
Efficient and scalable broadcast key management can be achieved by using key graph techniques. An easy approach is to use a separate LKH key tree for the broadcast rekeying process. However, if a consumer subscribes to one or multiple CDR programs at the same time, he has to store: (1) keys from the key graph structure used for secure multicast CDR communication, and (2) keys from the new LKH tree used for secure broadcast CDR communication. Thus, the application use of a separate LKH tree for broadcast key management results in a significant overhead for key storage.
To this end, we propose to exploit the advantage of EDR’s key graph structure and modify it so that we reduce the number of stored keys. The new key graph structure can be modeled as shown in Figure 6. Indeed, in addition to EDR’s key graph structure properties, our new key graph structure has the following properties:
Figure 6. Example of SE-CDR multi-group key graph structure (LKH key tree degree d=2)
4.3 Key management for multicast CDR communications
In order to guarantee collusion freedom, we adopt LKH key tree of degree d (instead of binary OFT key trees) as the basis of the lower level in our key graph structure. In LKH, any set of consumers that unsubscribe from a CDR program can’t be able to deduce the current used group key, because when any consumer leaves a CDR program, all the affected keys will be replaced and the new keys are independent. Thus, the multicast KMS preserves collusion freedom.
The multicast KMS, proposed in EDR, remains the same in SE-CDR. However, we change the standard OFT keys update process to the standard LKH keys update process in the rekeying operations. Algorithm 1 describes the rekey procedure conducted by the CC upon receipt of a consumer Ck's join/leave request (i.e., Ck will switch from SubGi to SubGj):
Algorithm 1: Multicast Rekeying Algorithm |
|
1: |
Procedure MulticastRekeying (Ck, SubGi, SubGj) |
2: |
# The first phase Update keys in SubG-treei and SubG-treej using the standard LKH update mechanism; |
3: |
# The second phase Update keys in $\overline{\beta_l^k} \cap \beta_j^k$ by applying a one-way hash function; |
4: |
Update keys in $\beta_i^k \cap \overline{\beta_j^k}$ by generating new keys and distributing them encrypted by their children node keys from bottom to up, similar to the procedure for consumer’s departure in LKH protocol; |
4.4 Key management for Broadcast CDR communications
In this section, we describe our new KMS for Broadcast CDR communications. It consists of the leaving and joining phases. The main idea is to use the SubG-tree0 and the m group keys of CDR programs during the key update process.
4.4.1 Leaving phase
When a consumer Ci sends a request to leave the system to the CC, GK0 and the other keys that Ci owns should immediately be updated to protect broadcast CDR communications from unauthorized access by this leaving consumer. To do this, the CC will execute the following operations (Algorithm 2):
Algorithm 2: Broadcast Leaving Algorithm |
|
1: |
Procedure BroadcastLeaving (Ci, CDR0) |
2: |
Update the keys for consumers in SubG-tree0 using the standard LKH update mechanism; |
3: |
Generate the new broadcast key (GK’0), and send it to consumers in SubG-tree0 encrypted by the newly-generated SK’0; |
4: |
Send GK’0 to consumers subscribed to the other CDRj encrypted, respectively, by the jth group key GKj; |
For instance, when the consumer C5 shown in Figure 6 sends a request to leave the IoE network, the key k5-6 is deleted and {k4-6, SK0} are updated to {k’4-6, SK’0} and distributed as follows:
CC → {C6}: Encrypt (k’4-6, k5) (5)
CC → {C4}: Encrypt (k’4-6, k4) (6)
CC → {C4,C6}: Encrypt (SK’0, k’4-6) (7)
CC → {C1,C2,C3}: Encrypt (SK’0, k1-3) (8)
Then, the new broadcast key GK’0 is sent to consumers in SubG-tree0 as follows:
CC → SubG0: Encrypt (GK’0, SK’0) (9)
After that, GK’0 is sent to consumers subscribed to CDR1, CDR2 and CDR3, respectively, as follows:
CC → CDrG1: Encrypt (GK’0, GK1) (10)
CC → CDrG2: Encrypt (GK’0, GK2) (11)
CC → CDrG3: Encrypt (GK’0, GK3) (12)
4.4.2 Joining phase
When a new consumer Ci sends a request to join the IoE network, the broadcast key GK0 should be updated to prevent this joining consumer from illegally accessing the previously performed broadcast CDR communications. To this end, the CC will add the joining consumer into the SubG-tree0, update all the keys affected by the joining operation (the broadcast key GK0, the root key of SubG-tree0and some internal keys) using a one-way hash function, and increase the counter of these new keys. Thus, the other consumers in SubG0 will know about the keys change when being used and compute the new keys using the same one-way hash function. All the other consumers in CDrG0 will also compute the new GK’0=H(GK0). Thus, no rekeying messages are necessary for the joining phase and the CC has only to send keys for the newly joining consumer encrypted with its individual key.
In this section, we delve into the examination of security and performance aspects.
5.1 Security analysis
SE-CDR scheme satisfies the following properties:
5.1.1 SE-CDR ensures forward secrecy
A consumer who leaves a CDR program or the IoE network should not be able to access future secret keys.
Proof: When a consumer Ci sends a request to leave the IoE network, all keys known by the departing consumer in both lower and upper level (ki, internal keys in SubG−tree0, SK0 and GK0) are changed and redistributed securely by the CC. According to Algorithm 2, the new generated keys are independents and encrypted when being broadcasted, which prevents the departing consumer from having access to the new keys without knowing the decryption keys. On the other hand, and according to the proposed multicast key management (Section 4.3), the keys update process avoids any consumer who leaves a CDR program from decrypting the future multicast CDR communications. Hence, SE-CDR ensures forward secrecy for both broadcast and multicast communications.
5.1.2 SE-CDR ensures backward secrecy
A consumer who joins a CDR program or the IoE network should not be able to access previously used secret keys.
Proof: When a new consumer Ci sends a request to join the IoE network, the CC changes all the affected keys in both lower and upper level (using a one-way hash function). This ensures that none of the old keys can be recovered by the new coming consumer. Moreover, the proposed multicast key management updates all the affected keys in the CDrG-tree and SubG-trees when a new consumer joins a CDR program and the newly joined consumer can’t get access to previous communications used in this CDR program. Hence, SE-CDR ensures backward secrecy for both broadcast and multicast communications.
5.1.3 SE-CDR guarantees collusion freedom
This means that a group of consumers who leave a CDR program or the IoE network should not be able to deduce the current used CDRs group keys or the current used broadcast key through collusion.
Proof: According to the rekeying operations, evicted consumers can’t get the new broadcast key GK’0 by cooperating. As SE-CDR uses LKH as the basis of both lower and upper level, whenever a consumer leaves the IoE network, all affected keys are updated. Moreover, all the new keys are independent and unknown to any previously removed consumers. Likewise for the multicast key management protocol. Hence, SE-CDR guarantees collusion freedom for both broadcast and multicast communications.
5.2 Performance analysis
In this section, we analyze the performance of SE-CDR with respect to two aspects: storage and communication.
Let us assume that each subscription contains the same number of consumers denoted by {∀ j ≠ 0: |SubGj| = |SubG|}. Likewise, we assume that the CDR groups contain the same number of consumers denoted by {∀ k ≠ 0: |CDrGk| = |CDrG|}. Moreover, it is assumed that used key trees are fully loaded (i.e., each node in the tree contains a key associated with it) and constructed as a balanced trees (i.e., the tree remains relatively balanced in terms of its shape, which allows for efficient search, insertion, and deletion operations).
5.2.1 Storage cost
We estimate the storage cost with the number of keys stored in SMs, and used for secure broadcast, unicast and multicast CDR communications. As mentioned earlier, the storage cost in SMs can’t be neglected due to the facts that: (1) SM’s storage ability is limited and (2) the secret keys need to be stored in a secure storage space [11-16]. As a result, the reduction in key storage is desirable.
Let Stor(SMi) denote the storage cost at the SMi. In SE-CDR, two types of consumers are considered:
Stor(SMi) = logd (|SubG0|) + 2 (13)
When |SubG0|→∞, Eq. (13) leads to:
Stor(SMi) ∼ O(log (|SubG0|)) (14)
Stor(SMi) ∼ O(log (|SubG|)) (15)
5.2.2 Communication cost
We estimate the communication cost by considering the number of rekeying messages disseminated during the joining/leaving phase of the broadcast key management scheme. Note that, the communication cost for the multicast key management is in the order of O(log(|SubG|)) for both joining and leaving phases as shown by Benmalek et al. [31].
Let Comjoin(Ci, CDR0) and Comleave(Ci, CDR0) denote the communication cost of our broadcast KMS when a consumer Ci sends a request to join/leave the IoE network.
Comleave(Ci, CDR0) = dlogd(|SubG0|) + m (16)
When |SubG0|→∞, we can see that:
Comleave(Ci, CDR0) ∼ O(log (|SubG0|)) (17)
Comjoin (Ci, CDR0) ∼ O(1) (18)
We compare our KMS with the following four schemes: KMSCC [19], SKM [20], ICN-KMS [21], and EDR [31]. We make the comparison according to the storage cost needed on consumer side and the communication cost required by the multicast/broadcast key management schemes.
6.1 Simulation model
We perform simulations with a custom script in Python to model an IoE network with the following parameters. The power utility provides the following 6 CDR programs to consumers:
We assume that 50% of the Consumers-Type2 only subscribe to one CDR program and 50% subscribe to multiple CDR programs [39]. In the Key Management Scheme (KMS) proposed herein, 4-ary key trees are employed, echoing the findings of previous investigations which demonstrated that the Logical Key Hierarchy (LKH) key tree exhibits optimal performance when d = 4 [36, 40, 41].
6.2 Simulation results
6.2.1 Storage cost
Figure 7 shows the average storage cost at SMs for Consumers-Type1 (i.e., who do not subscribe to any CDR program) with respect to CDrG0 group’s size. In KMSCC and ICN-KMS, the storage cost is not affected by the number of consumers in CDrG0 (the storage cost is equal to 2) because each consumer only stores his individual key and the broadcast group key. Moreover, SE-CDR (which is key graph-based scheme) produces little more storage cost compared to the two other schemes. However, this cost is minor regarding the overall advantages of SE-CDR, mainly when considering the low communication cost induced during the broadcast rekeying operations. Indeed, KMSCC and ICN-KMS do not exploit the advantage of key graph during the broadcast key management. As a consequence, these two schemes induces low storage cost (in the order of O(1)) and very high communication cost.
Figure 8 shows the average storage cost at SMs for Consumers-Type2 (i.e., who subscribe to one or many CDR programs) with respect to the number of subscribers in CDR programs under the assumption that the power utility provides 6 CDR programs. In both KMSCC and ICN-KMS, a SM only stores his individual key and the CDrG group keys. As a consequence, the CDrG groups size does not affect the storage cost (which is in the order of O(1)). Whereas, SKM, EDR and SE-CDR adopt a key graph technique to manage the different CDrG groups. Thus, the CDrG groups size affects the storage cost for these schemes. As the number of consumers subscribed to CDR programs increases, the storage cost increases due to the rise of the height of the used key trees. However, SE-CDR decreases the storage cost by 73% and by 39%, respectively, compared with SKM and EDR.
Figure 7. Storage cost for Consumer-Type1 with respect to CDrG0 group’s size
Figure 8. Storage cost for Consumer-Type2 with respect to CDrG group’s size
Figure 9. Storage cost for Consumer-Type2 with respect to the number of CDR programs
Figure 9 shows how the storage cost varies for Consumers-Type2 as a function of the number of provided CDR programs. We assume that an average number of 100000 consumers subscribe to each CDR program. We note that the storage costs of the two schemes KMSCC and ICN-KMS (which do not adopt a key graph technique as mentioned earlier) are less affected by the number of CDR programs than the other schemes (i.e., SKM, EDR, and SE-CDR). In the key graph-based schemes, we can notice that in SE-CDR, a smart meter retains significantly fewer keys compared to the two other schemes SKM and EDR. Indeed, since SKM uses and independent-tree for each CDR program, the storage cost increases proportionally with the number of subscribed CDR programs.
From the above results, it is seen that our proposed scheme SE-CDR is less sensitive to the CDrG group’s size and the number of provided CDR programs compared to the other key graph-based schemes (i.e., SKM and EDR), and it can reduce the per-consumer storage cost more efficiently.
6.2.2 Communication cost
Figure 10 and Figure 11 show the average number of rekeying messages per event (join/leave) with respect to the number of subscribers in CDR programs under the assumption that the power utility provides 6 CDR programs (as mentioned in Section 6.1). In both KMSCC and ICN-KMS, when a consumer subscribes/unsubscribes to/from a CDR program (CDRi) the CC updates the CDRi’s group key and sends the new key individually for all consumers subscribed to this CDR program. Thus, the communication cost increases linearly with the number of CDR program subscribers (which is in the order of O(|CDrGi|), with |CDrGi| being the number of consumers subscribed to CDRi). Whereas, the cost remains much lower in the other schemes (i.e., SKM, EDR and SE-CDR) as shown in Figure 11. Through the used key-graph structure, the rekeying efficiency of EDR and SE-CDR is decreased compared to SKM (which is based on the usage of multiple separate OFT key trees). However, the extra communication cost induced by EDR and SE-CDR remains minimal when compared to the benefits of these schemes, mainly when considering the storage cost as indicated above.
Figure 10. Average multicast communication cost with respect to CDrG group’s size
Figure 12 and Figure 13 show the average number of rekeying messages per event against the number of CDR programs. We consider CDR programs of average 100000 subscribers. This indicates that the communication costs of KMSCC and ICN-KMS are significantly greater compared to the other three schemes due to their inefficient multicast key management. On the other hand, SKM is less affected by the number of CDR programs. However, the use of multiple OFT key trees requires larger storage cost when the number of CDR programs increases. Moreover, we notice that the number of provided CDR programs does not significantly affect the communication cost of EDR and SE-CDR due to the proposed key graph structure.
Figure 11. Zoom of Figure 10
Figure 12. Average multicast communication cost with respect to number of CDR programs
Figure 13. Zoom of Figure 12
According to Table 2, SKM and EDR do not have the capability to facilitate secure broadcast CDR communications, which is a crucial aspect with diverse applications in CDR management. However, the three other schemes (KMSCC, ICN-KMS and SE-CDR) are versatile.
Figure 14 and Figure 15 show a comparison of communication cost per event (leave/join) for the three schemes (KMSCC, ICN-KMS and SE-CDR) with respect to the number of Consumers-Type1. We consider CDR programs of average 100000 subscribers.
Figure 14 and Figure 15 show that the average broadcast communication cost in KMSCC and ICN-KMS is remarkably high. In fact, it scales with the total number of consumers in the Internet of Energy (IoE) network, denoted as N, following an order of O(N). Moreover, this cost increases linearly as the size of the CDrG0 group grows. In contrast, the SE-CDR scheme shows significantly lower communication cost compared to the other two schemes.
The efficiency of SE-CDR originates from its streamlined broadcast rekeying process. This efficient approach significantly minimizes the volume of rekeying messages that are exchanged during both the joining and leaving phases of the system. By implementing this optimized procedure, SE-CDR markedly reduces the communication cost that is typically associated with such cryptographic systems. Impressively, SE-CDR achieves an exceptional reduction of over 99% when compared to the two other methods KMSCC and INC-KMS. This not only demonstrates SE-CDR's superior efficiency but also underscores its potential to drastically enhance resource utilization, communication speed, and overall system performance within cooperative data replication scenarios.
Figure 14. Average broadcast communication cost per “leave event” with respect to CDrG0 group’s size
Figure 15. Average broadcast communication cost per “join event” with respect to CDrG0 group’s size
Table 2. Comparison of key management schemes
|
[19] |
[20] |
[21] |
[31] |
SE-CDR |
|||
|
Immediate keys update |
✓ |
✓ |
✓ |
✓ |
✓ |
||
Security |
Forward secrecy |
✓ |
x |
✓ |
x |
✓ |
||
Backward secrecy |
✓ |
x |
✓ |
x |
✓ |
|||
Collusion freedom |
✓ |
x |
✓ |
x |
✓ |
|||
Versatility |
Unicast communications |
✓ |
✓ |
✓ |
✓ |
✓ |
||
Multicast communications |
✓ |
✓ |
✓ |
✓ |
✓ |
|||
Broadcast communications |
✓ |
x |
✓ |
x |
✓ |
|||
Efficiency |
Storage cost |
Consumer-Type1 |
O(1) |
- |
O(1) |
- |
O(log(|SubG0|)) |
|
Consumer-Type2 |
O(1) |
O(log(|CDrG|)) |
O(1) |
O(log(|SubG|)) |
O(log(|SubG|)) |
|||
Communication cost |
Multicast |
Join |
O(|CDrG|) |
O(log(|CDrG|)) |
O(|CDrG|) |
O(log(|SubG|)) |
O(log(|SubG|)) |
|
Leave |
O(|CDrG|) |
O(log(|CDrG|)) |
O(|CDrG|) |
O(log(|SubG|)) |
O(log(|SubG|)) |
|||
Broadcast |
Join |
O(N) |
- |
O(N) |
- |
O(1) |
||
Leave |
O(N) |
- |
O(N) |
- |
O(log(|SubG0|)) |
In this work, we proposed new efficient, versatile, secure and scalable KMS for CDR communications. We have identified weaknesses in EDR scheme. To remedy its security and efficiency flaws, we have proposed a more secure and efficient KMS (called SE-CDR), which allows dynamic and multiple CDR programs’ subscriptions while ensuring the immediate key update, group secrecy, forward/backward secrecy and collusion freedom. Our performance analysis and simulations reveal that SE-CDR induces low storage cost at consumers’ SM in comparison to existing schemes. Moreover, the communication cost induced by SE-CDR is far less than all other schemes. Hence, SE-CDR fulfills the diverse requirements of the power utility. As a potential avenue for future research, the development of a more advanced statistical dynamic membership model would allow for a comprehensive examination of the impact of consumer behaviors and a more thorough assessment of the efficiency of our scheme.
[1] Bui, N., Castellani, A.P., Casari, P., Zorzi, M. (2012). The internet of energy: A web-enabled smart grid system. IEEE Network, 26(4): 39-45. https://doi.org/10.1109/MNET.2012.6246751
[2] Aguida, M.A., Ouchani, S., Benmalek, M. (2020). A review on cyber physical systems: Models and architectures. 2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 1-4. https://doi.org/10.1109/WETICE49692.2020.00060
[3] Deng R., Yang, Z.Y., Chow, M.Y., Chen, J.M. (2015). A survey on demand response in smart grids: mathematical models and approaches. IEEE Transactions on Industrial Informatics, 11(3): 570-582. https://doi.org/10.1109/TII.2015.2414719
[4] Albadi, M., El-Saadany, E. (2008). A summary of demand response in electricity markets. Electric Power Systems Research, 78(11): 1989-1996. https://doi.org/10.1016/j.epsr.2008.04.002
[5] Ancillotti, E., Bruno, R., Conti, M. (2013). The role of communication systems in smart grids: Architectures, technical solutions and research challenges. Computer Communications, 37(17-18): 1665-1697. https://doi.org/10.1016/j.comcom.2013.09.004
[6] Fan, Z., Kulkarni, P., Gormus, S., Efthymiou, C., Kalogridis, G., Sooriyabandara, M., Zhu, Z., Lambotharan, S., Chin, W.H. (2013). Smart grid communications: overview of research challenges, solutions, and standardization activities. IEEE Communications Surveys & Tutorials, 15(1): 21-38. https://doi.org/10.1109/SURV.2011.122211.00021
[7] Kuzlu, M., Pipattanasomporn, M., Rahman, S. (2014). Communication network requirements for major SG applications in HAN, NAN and WAN. Computer Networks, 67: 74-88. https://doi.org/10.1016/j.comnet.2014.03.029
[8] Tyagi, R., Black, J.W. (2010). Emergency demand response for distribution system contingencies. Proceedings of IEEE PES T&D, pp. 1-4. https://doi.org/10.1109/TDC.2010.5484598
[9] Tan, R., Krishna, V.B., Yau, D.K.Y., Kalbarczyk, Z. (2015). Integrity attacks on real-time pricing in electric power grids. ACM Transactions on Information and System Security, 18(2): 5:1-5:33. https://doi.org/10.1145/2790298
[10] Ericson, T. (2009). Direct load control of residential water heaters. Energy Policy, 37(9): 3502-3512. https://doi.org/10.1016/j.enpol.2009.03.063
[11] Li, H., Lu, R., Zhou, L., Yang, B., Shen, X. (2014). An efficient Merkle-tree-based authentication scheme for smart grid. IEEE Systems Journal, 8(2): 655-663. https://doi.org/10.1109/jsyst.2013.2271537
[12] Das, S., Ohba, Y., Kanda, M., Famolari, D., Das, S.K. (2013). A key management framework for AMI in SG. IEEE Communications Magazine, 50(8): 30-37. https://doi.org/10.1109/MCOM.2012.6257524
[13] Benmalek, M., Challal, Y. (2015). eSKAMI: Efficient and scalable multi-group key management for advanced metering infrastructure in smart grid. 2015 IEEE Trustcom/BigDataSE/ISPA, pp. 782-789. https://doi.org/10.1109/Trustcom.2015.447
[14] Benmalek, M., Challal, Y. (2016). MK-AMI: Efficient multi-group key management scheme for secure communications in AMI systems. 2016 IEEE Wireless Communications and Networking Conference, pp. 1-6. https://doi.org/10.1109/WCNC.2016.7565124
[15] Liu, Y., Cheng, C., Gu, T., Jiang, T., Li, X. (2016). A lightweight authenticated communication scheme for smart grid. IEEE Sensors Journal, 16(3): 836-842. https://doi.org/10.1109/JSEN.2015.2489258
[16] Benmalek M., Challal Y., Derhab A. (2019). Authentication for smart grid AMI systems: Threat models, solutions, and challenges. 2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 208-213. https://doi.org/10.1109/WETICE.2019.00052
[17] Wu, D., Zhou, C. (2011). Fault-tolerant and scalable key management for smart grid. IEEE Transactions on Smart Grid, 2(2): 375-381. https://doi.org/10.1109/TSG.2011.2120634
[18] Xia, J., Wang, Y. (2012). Secure key distribution for the smart grid. IEEE Transactions on Smart Grid, 3(3): 1437-1443. https://doi.org/10.1109/TSG.2012.2199141
[19] Liu, N., Chen, J., Zhu, L., Zhang, J., He, Y. (2013). A key management scheme for secure communications of advanced metering infrastructure in smart grid. IEEE Transactions on Industrial Electronics, 60(10): 4746-4756. https://doi.org/10.1109/TIE.2012.2216237
[20] Yu, K., Arifuzzaman, M., Wen, Z., Zhang, D., Sato, T. (2015). A key management scheme for secure communications of information centric advanced metering infrastructure in smart grid. IEEE Transactions on Instrumentation & Measurement, 64(8): 2072-2085. https://doi.org/10.1109/TIM.2015.2444238
[21] Wan, Z., Wang, G., Yang, Y., Shi, S. (2014). SKM: scalable key management for advanced metering infrastructure in smart grids. IEEE Transactions on Industrial Electronics, 61(12): 7055-7066. https://doi.org/10.1109/TIE.2014.2331014
[22] Tsai, J.L., Lo, N.W. (2016). Secure anonymous key distribution scheme for smart grid. IEEE Transactions on Smart Grid, 7(2): 906-914. https://doi.org/10.1109/TSG.2015.2440658
[23] Odelu, V., Das, A.K., Kumari, S., Huang, X.Y., Wazid, M. (2017). Provably secure authenticated key agreement scheme for distributed mobile cloud computing services. Future Generation Computer Systems, 68: 74-88. https://doi.org/10.1016/j.future.2016.09.009
[24] Yan, L., Chang, Y., Zhang, S. (2017). A lightweight authentication and key agreement scheme for smart grid. International Journal of Distributed Sensor Networks, 13(2): 1-7. https://doi.org/10.1177/1550147717694173
[25] Mahmood, K., Chaudhry, S.A., Naqvi, H., Kumari, S., Li, X., Sangaiah, A.K. (2018). An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Future Generation Computer Systems, 81: 557-565. https://doi.org/10.1016/j.future.2017.05.002
[26] Abbasinezhad-Mood, D., Nikooghadam, M. (2018). Design and hardware implementation of a security-enhanced elliptic curve cryptography based lightweight authentication scheme for smart grid communications. Future Generation Computer Systems, 84: 47-57. https://doi.org/10.1016/j.future.2018.02.034
[27] Benmalek, M., Challal, Y., Derhab, A., Bouabdallah, A. (2018). VerSAMI: Versatile and scalable key management for smart grid AMI systems. Computer Networks, 132: 161-179. https://doi.org/10.1016/j.comnet.2018.01.010
[28] Mohammadali, A., Sayad Haghighi, M., Tadayon, M.H., Mohammadi-Nodooshan, A. (2018). A novel identity-based key establishment method for advanced metering infrastructure in smart grid. IEEE Transactions on Smart Grid, 9(4): 2834-2842. https://doi.org/10.1109/TSG.2016.2620939
[29] Zhang, L., Zhao, L.C., Yin, S.J., Chi, C.H., Liu, R., Zhang, Y.X. (2019). A lightweight authentication scheme with privacy protection for SG communications. Future Generation Computer Systems, 100: 770-778. https://doi.org/10.1016/j.future.2019.05.069
[30] Gope, P. (2020). PMAKE: Privacy-aware multi-factor authenticated key establishment scheme for advance metering infrastructure in smart grid. Computer Communications, 152: 338-344. https://doi.org/10.1016/j.comcom.2019.12.042
[31] Benmalek, M., Challal, Y., Derhab, A., Gheid, Z. (2020). An efficient key management scheme for secure demand-response communications in smart grid. 2019 International Conference on Advances in the Emerging Computing Technologies (AECT), pp. 1-6. https://doi.org/10.1109/AECT47998.2020.9194168
[32] Xiang, X., Cao, J. (2022). An efficient authenticated key agreement scheme supporting privacy-preservation for SG communication. Electric Power Systems Research, 203: 107630. https://doi.org/10.1016/j.epsr.2021.107630
[33] Nkurunziza, E., Tandoh, L., Elfadul, I., Li, F. (2022). ECAAP-SG: Efficient certificateless anonymous authentication protocol for Smart Grid. Security and Privacy, 6(1): e273. https://doi.org/10.1002/spy2.273
[34] Shariat, M., Safkhani, M. (2017). How the control over smart meters is lost in the Yan et al. lightweight AKA scheme for smart grids. 2017 9th International Conference on Information and Knowledge Technology, pp. 82-84. https://doi.org/10.1109/IKT.2017.8258622
[35] Grew, D.A.M., Sherman, A.T. (2003). Key establishment in large dynamic groups: using one-way function trees. IEEE Transactions on Software Engineering, 29(5): 444-458. https://doi.org/10.1109/TSE.2003.1199073
[36] Wong, C.K., Gouda, M., Lam, S. (2000). Secure group communication using key graphs. IEEE/ACM Transactions on Networking, 8(1): 16-30. https://doi.org/10.1109/90.836475
[37] Herter K. (2007). Residential implementation of critical-peak pricing of electricity. Energy Policy, 35(4): 2121-2130. https://doi.org/10.1016/j.enpol.2006.06.019
[38] Albadi, M.H., El-Saadany, E.F. (2008). A summary of demand response in electricity markets. Electric Power Systems Research, 78(11): 1989-1996. https://doi.org/10.1016/j.epsr.2008.04.002
[39] Benmalek, M., Challal, Y., Derhab, A. (2019). An improved key graph based key management scheme for smart grid AMI systems. 2019 IEEE Wireless Communications and Networking Conference, pp. 1-6. https://doi.org/10.1109/WCNC.2019.8885646
[40] Bruhadeshwar, B., Kulkarni, S.S. (2011). Balancing revocation and storage trade-offs in secure group communication. IEEE Transactions on Dependable and Secure Computing. 8(1): 58-73. https://doi.org/10.1109/TDSC.2009.27
[41] Mehdizadeh, A., Hashim, F., Othman, M. (2014). Lightweight decentralized multicast–unicast key management method in wireless IPv6 networks. Journal of Network and Computer Applications. 42: 59-69. https://doi.org/10.1016/j.jnca.2014.03.013