面向智能电网的安全两方认证密钥协商协议研究

doi:10.3778/j.issn.1002-8331.2311-0085

摘要/Abstract

摘要： 在智能电网SG（smart grid）中设备间的认证和安全通信是至关重要的。然而现有的认证密钥协商协议中，智能电表和服务提供商的密钥完全由可信第三方生成，若第三方遭受攻击则会导致系统中所有用户的私钥泄露。为解决上述问题，提出了一种安全增强的两方认证密钥协商协议，即使可信第三方遭受攻击也不会泄露其他用户的私钥。在该协议中，可信第三方仅为智能电表和服务提供商生成部分密钥，智能电表和服务提供商自身生成完整的私钥，进一步相互认证建立秘密会话密钥，保证通信安全，防止隐私数据泄露。该协议在CDH（computational Diffie-Hellman）问题假设下是可证安全的，同时协议具有前向安全性和身份匿名性。最后，通过理论分析和实验仿真表明，协议在认证密钥协商阶段的计算开销和通信开销方面具有一定的优势。

关键词: 智能电网, 认证密钥协商, 椭圆曲线, 双线性对, 部分密钥

Abstract: Authentication and secure communication between devices in a smart grid (SG) are essential. However, in the existing authentication key agreement protocols, the keys of smart meters and service providers are completely generated by a trusted third party. If the third party is attacked, the private keys of all users in the system will be leaked. To solve the above problems, this paper proposes a security enhanced two-party authentication key agreement protocol, which will not reveal other users’private keys even if a trusted third party is attacked. In this protocol, the trusted third party only generates partial keys for smart meters and service providers, while smart meters and service providers themselves generate complete private keys to further authenticate and establish secret session keys to ensure communication security and prevent privacy data leakage. The proposed protocol is provably secure under the assumption of CDH (computational Diffie-Hellman) problem, while the proposed protocol has forward security and identity anonymity. Finally, through theoretical analysis and experimental simulation, it is shown that the proposed protocol has certain advantages in the calculation cost and communication cost of the authentication key agreement stage.

Key words: smart grid, authentication key agreement, elliptic curve, bilinear pairing, partial key

赵磊, 罗维, 马玉龙, 洪海敏, 王逸民. 面向智能电网的安全两方认证密钥协商协议研究[J]. 计算机工程与应用, 2025, 61(5): 279-288.

ZHAO Lei, LUO Wei, MA Yulong, HONG Haimin, WANG Yimin. Research on Secure Two-Party Authentication Key Agreement Protocol for Smart Grid[J]. Computer Engineering and Applications, 2025, 61(5): 279-288.

参考文献

[1] KOMNINOS N, PHILIPPOU E, PITSILLIDES A. Survey in smart grid and smart home security: issues, challenges and countermeasures[J]. IEEE Communications Surveys & Tutorials, 2014, 16(4): 1933-1954.
[2] LIU Y, CHENG C, GU T, et al. A lightweight authenticated communication scheme for smart grid[J]. IEEE Sensors Journal, 2015, 16(3): 836-842.
[3] TSAI J L, LO N W. Secure anonymous key distribution scheme for smart grid[J]. IEEE Transactions on Smart Grid, 2016, 7(2): 906-914.
[4] YAN L, CHANG Y, ZHANG S. A lightweight authentication and key agreement scheme for smart grid[J]. International Journal of Distributed Sensor Networks, 2017, 13(2): 34791657.
[5] ODELU V, DAS A K , WAZID M, et al. Provably secure authenticated key agreement scheme for smart grid[J]. IEEE Transactions on Smart Grid, 2018, 9(3): 1900-1910.
[6] KUMAR P, GURTOV A, SAIN M, et al. Lightweight authentication and key agreement for smart metering in smart energy networks[J]. IEEE Transactions on Smart Grid, 2018, 10(4): 4349-4359.
[7] GOPE P, SIKDAR B. Privacy-aware authenticated key agreement scheme for secure smart grid communication[J]. IEEE Transactions on Smart Grid, 2018, 10(4): 3953-3962.
[8] 许盛伟, 任雄鹏, 陈诚, 等. 可证安全的无证书两方认证密钥协商协议[J]. 密码学报, 2020, 7(6): 886-898.
XU S W, REN X P, CHEN C, et al. Provably secure certificateless two-party authenticated key agreement protocol[J]. Journal of Cryptologic Research, 2020, 7(6): 886-898.
[9] GUPTA D S, ISLAM S K H, OBAIDAT M S, et al. A provably secure and lightweight identity-based two-party authenticated key agreement protocol for IIoT environments[J]. IEEE Systems Journal, 2020, 15(2): 1732-1741.
[10] QI M, CHEN J. Two-pass privacy preserving authenticated key agreement scheme for smart grid[J]. IEEE Systems Journal, 2020, 15(3): 3201-3207.
[11] KHAN A A, KUMAR V, AHMAD M, et al. LAKAF: lightweight authentication and key agreement framework for smart grid network[J]. Journal of Systems Architecture, 2021, 116: 102053.
[12] DENG L, GAO R. Certificateless two-party authenticated key agreement scheme for smart grid[J]. Information Sciences, 2021, 543: 143-156.
[13] SAFKHANI M, KUMARI S, SHOJAFAR M, et al. An authentication and key agreement scheme for smart grid[J]. Peer-to-Peer Networking and Applications, 2022, 15(3): 1595-1616.
[14] KHAN A A, KUMAR V, AHMAD M, et al. PALK: password-based anonymous lightweight key agreement framework for smart grid[J]. International Journal of Electrical Power & Energy Systems, 2020, 121: 106121.
[15] TOMAR A, TRIPATHI S. Blockchain-assisted authentication and key agreement scheme for fog-based smart grid[J]. Cluster Computing, 2022, 25(1): 1-18.
[16] YU S J, PARK K S. ISG-SLAS: secure and lightweight authentication and key agreement scheme for industrial smart grid using fuzzy extractor[J]. Journal of Systems Architecture, 2022, 131: 102698.
[17] BAGHESTANI S H, MOAZAMI F, TAHAVORI M. Lightweight authenticated key agreement for smart metering in smart grid[J]. IEEE Systems Journal, 2022, 16(3): 4983-4991.
[18] TAQI S A M, JALILI S. LSPA-SGs: a lightweight and secure protocol for authentication and key agreement based elliptic curve cryptography in smart grids[J]. Energy Reports, 2022, 8: 153-164.
[19] HU S, CHEN Y, ZHENG Y, et al. Provably secure ECC-based authentication and key agreement scheme for advanced metering infrastructure in the smart grid[J]. IEEE Transactions on Industrial Informatics, 2022, 19(4): 5985-5994.
[20] 喇元, 赵继光, 张伟. 基于SM9门限签名的电力终端安全认证协议[J]. 电力科学与技术学报, 2022, 37(4): 183-188.
LA Y, ZHAO J G, ZHANG W. Security authentication scheme for power terminals based on the SM9 threshold signature[J]. Journal of Electric Power Science and Technology, 2022, 37(4): 183-188.
[21] 丁志帆, 胡洪波, 杨庆余, 等. 安全增强的智能电网轻量级匿名认证协议[J]. 计算机应用研究, 2022, 39(10): 3124-3129.
DING Z F, HU H B, YANG Q Y, et al. Security enhanced lightweight anonymous authentication scheme for smart grid[J]. Application Research of Computers, 2022, 39(10): 3124-3129.
[22] 程庆丰,马玉千. 两个认证密钥协商协议的前向安全性分析[J]. 电子与信息学报, 2022, 44(12): 4294-4303.
CHENG Q F, MA Y Q. Cryptoanalysis on the forward security of two authenticated key protocols[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4294-4303.
[23] AKRAM M A, GHAFFAR Z, MAHMOOD K, et al. An anonymous authenticated key-agreement scheme for multi-server infrastructure[J]. Human-Centric Computing and Information Sciences, 2020, 10(1): 1-18.
[24] SURESHKUMAR V, ANANDHI S, AMIN R, et al. Design of robust mutual authentication and key establishment security protocol for cloud-enabled smart grid communication[J]. IEEE Systems Journal, 2020, 15(3): 3565-3572.
[25] WANG W, HUANG H, XIAO F, et al. An adaptive secure handover authenticated key agreement for multi-server architecture communication applications[J]. IEEE Transactions on Vehicular Technology, 2022, 71(9): 9830-9839.
[26] 宋庆, 马米米, 邓淼磊, 等. 轻量级的两方认证密钥协商协议[J]. 计算机工程与应用, 2024, 60(14): 283-293.
SONG Q, MA M M, DENG M L, et al. Lightweight two-party authentication key agreement protocol[J]. Computer Engineering and Applications, 2024, 60(14): 283-293.