SlideShare a Scribd company logo

Authentication in Smart Grid

Sherif Abdelfattah
Sherif Abdelfattah

This document summarizes two authentication algorithms for smart grids. Algorithm 1 describes authentication between a cloud, reader, and smart meter. It uses digital signatures and timestamps to prevent replay and man-in-the-middle attacks. One-time session keys provide forward secrecy. Algorithm 2 uses bilinear pairings for registration and authentication between two entities. It achieves security goals like preventing replay attacks through timestamps, ensuring message integrity with signatures, and providing private key privacy and perfect forward secrecy through its key establishment method. Both algorithms aim to securely authenticate communications in smart grids.

Engineering
1 of 44
Download to read offline
Authentication in Smart Grid (Part 4) PRESENTED BY: SHERIF ABDELFATTAH 1 ECE department sabdelfat42@students.tntech.edu
Introduction •Smart meters (SMs) now a days are widely used for demand and supply management in SGs. •It needs to communicate with other entities in the network system. So, there is a need for a secure communication system that can ensure a secure information exchange between the legal entities while maintaining its privacy. •Thus, authentication become critical security component in the smart metering infrastructure (SMI) which provides privacy preservation in order to provide reliable power services to the SG. •Authentication is the process that ensures that the communication occurs between two legitimate entities by verifying their identities. •of the smart grid communication network can affect the availability, reliability, safety, and productivity of the power system. •There is some security issues that can effect on the privacy of the users. Also, because of the high dependency on communication and networking systems makes the SG infrastructure vulnerable to different threats. These threats include the potential for several types of cyber-attacks, such as man- in-the-middle (MinM) attacks, impersonation attacks, replaying, and injecting messages. 2
Introduction Why is this topic important •To ensure the security of two-way communication between smart grid entities, authentication and key establishment is a necessary, which enables the entities to verify the legitimacy of the entity with which they communicate, and to build a shared key with the legitimate entity for further communication. •The user needs to authenticate the utility company or its representing node to protect his privacy by ensuring that his consumption is sent to the right place. •The utility company needs to authenticate the user to save the network from any malicious user that can send false data to affect the network performance or shut it down. •For example, an attacker may change the user’s power consumption readings sent to the utility by a smart meter, which can lead to wrong decision-making by the control center. 3
Common Challenges •Security against cyber-attacks like eavesdropping, replay attacks, man-in-the-middle (MitM) attacks, and impersonation attacks. •Ensure the integrity of the message while the authentication process. •Lightweight authentication are needed due to the limited computation resources of the smart meters. •Decrease computation and communication overheads. •Mutual authentication. •Session key agreement. 4
Common Attacks •Eavesdropping: Eavesdropping is an attack to capture the unauthorized information that is confidential. •Replay attack: The external adversary 𝒜 captures the previous message and replays the out-of- date messages to gateway. •Brute-Force Attack: Brute-force attack is to try every possible key on a piece of cipher text until an intelligible translation into plain text is obtained. •Man-in-the-Middle Attack: A Man-In-The-Middle (MITM) attack is the attack in which the attacker pretends to be the right person during the communication and uses the information received from one side to fool the other side. Both sides of victims feel that they are exchanging information directly. 5
Common Attacks •Impersonation Attack: A device attack aims to impersonate a legitimate device, such as a smart meter. •Internal Attack: An internal attack happens when an attacker is from the organization or has the assets that can help him to access the unauthorized resource. •Forward Secrecy: Forward secrecy ensures that even if one session key gets compromised, other session keys can not be compromised. •Denial-of-Service Attack: an attacker attempts to prevent legitimate users from accessing information or services, by targeting the hosting devise 6
Preliminaries - Bilinear Map Pairing Let 𝐺1, 𝐺2 and 𝐺𝑇 be cyclic group of prime order 𝑞. Let 𝑃1 is a generator of 𝐺1 and 𝑃2 is a generator of 𝐺2. Let 𝑒 be a map 𝑒: 𝐺1 × 𝐺2 → 𝐺𝑇 which is called a pairing The Bilinear pairing has the property that for all 𝑃 ∈ 𝐺1, 𝑄 ∈ 𝐺2 and all 𝑎, 𝑏 ∈ 𝑍 we have 𝑒 𝑎𝑃, 𝑏𝑄 = 𝑒 𝑃, 𝑄 𝑎𝑏. ▪ 𝑒 𝑎𝑃, 𝑏𝑄 = 𝑒 𝑎𝑏𝑃, 𝑄 = 𝑒 𝑃, 𝑎𝑏𝑄 = 𝑒 𝑃, 𝑄 𝑎𝑏 = 𝑒(𝑏𝑃, 𝑎𝑄) ▪ 𝑒 𝑃 + 𝑃1, 𝑄 = 𝑒 𝑃, 𝑄 𝑒(𝑃1, 𝑄) ▪ 𝑒 𝑃, 𝑄 + 𝑄1 = 𝑒 𝑃, 𝑄 𝑒 𝑃, 𝑄1 ▪ 𝑒 𝑃 + 𝑃1, 𝑄 + 𝑄1 = 𝑒 𝑃, 𝑄 + 𝑄1 𝑒 𝑃1, 𝑄 + 𝑄1 = 𝑒 𝑃, 𝑄 𝑒 𝑃, 𝑄1 𝑒 𝑃1, 𝑄 𝑒 𝑃1, 𝑄1 ▪ If 𝑒 is symmetric then 𝑒 𝑃, 𝑄 = 𝑒(𝑄, 𝑃) 7
Algorithm 1 [1] There are usually two types of smart grid devices, networked and isolated. ▪ The networked smart grid devices are a part of a smart grid data communication network. ▪ The isolated smart grid devices exist in the area that is not covered by a smart grid communication network. Isolated devices are resulted from many causes including agreement between the electricity user and the utility company, and cost-effective considerations not to cover faraway devices. 8 [1] Sha, Kewei, Naif Alatrash, and Zhiwei Wang. "A secure and efficient framework to read isolated smart grid devices." IEEE Transactions on Smart Grid 8, no. 6 (2016): 2519-2531.
Algorithm 1 •Network Model Three parties, the electricity service provider cloud (referred as cloud), the reader, and the smart grid device. 1. Request: the Kth round of data reading request is issued by the reader to the smart grid device. 2. Replay: smart grid device then responds by sending its ID in a message {Mid, TMSP}SKk-1 , where Mid is the smart grid device ID and TMSP is the timestamp of this message 9
Algorithm 1 •Challenges 1. An eavesdropper may listen on the communication channel between the smart grid device and the reader. 2. A fake device reader may be used to read the data from the smart grid device. 3. Someone who is not working in the company may take a reader to read data. 4. A worker who is not assigned the task, but tries to use a reader to read the data from meter. 5. The smart grid device may be modified to provide incorrect data. 10
Algorithm 1 •Security Goals To work against these attacks 1. Eavesdropping 2. Brute-Force Attack 3. Man-in-the-Middle Attack 4. Device Attack 5. Internal Attack 6. Replay Attack 7. Forward Secrecy 8. Denial-of-Service Attack 11
Algorithm 1 Notation Description Rid reader ID TR reader’s request timestamp Key one-time session key Pri(R) reader’s private key Pub(C) cloud’s public key C cloud ID Uid worker ID 12 •Authentication process. Between the cloud and the reader
Algorithm 1 13 •Authentication process. Between the reader and the smart meter
Algorithm 1 14
Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Brute-Force Attack. using modern cryptographic algorithms like AES, the basic brute-force attacks have been proved to be blocked by using appropriately sized keys like 256-bit keys. Security Goal 2 15
Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Brute-Force Attack. using modern cryptographic algorithms like AES, the basic brute-force attacks have been proved to be blocked by using appropriately sized keys like 256-bit keys. Security Goal 2 Man-in-the-Middle Attack. an MITM attacker is not possible to forge the digital signature without the right private key. Security Goal 3 Device Attack. fake reader has no way to get authenticated, because it cannot get a valid private key. Security Goal 4 Internal Attack. The authentication request from a lost legitimate reader can be blocked, because the reader cannot provide the right task information. Security Goal 5 16
Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Brute-Force Attack. using modern cryptographic algorithms like AES, the basic brute-force attacks have been proved to be blocked by using appropriately sized keys like 256-bit keys. Security Goal 2 Man-in-the-Middle Attack. an MITM attacker is not possible to forge the digital signature without the right private key. Security Goal 3 Device Attack. fake reader has no way to get authenticated, because it cannot get a valid private key. Security Goal 4 Internal Attack. The authentication request from a lost legitimate reader can be blocked, because the reader cannot provide the right task information. Security Goal 5 Replay Attack. attack can be mostly disabled by the use of one-time shared key in the reader-device authentication. In addition, use timestamps to prevent reply attack. Security Goal 6 17
Algorithm 1 18
Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Man-in-the-Middle Attack. In the reader-device authentication, a symmetric key is shared between the reader and the smart device. Anyone who does not have the key cannot win the trust from either the reader or the smart grid device. Security Goal 3 19
Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Man-in-the-Middle Attack. In the reader-device authentication, a symmetric key is shared between the reader and the smart device. Anyone who does not have the key cannot win the trust from either the reader or the smart grid device. Security Goal 3 Forward Secrecy. the compromise of one shared key will not cause the compromise of others without knowing three other parameters used in new key generation. Security Goal 7 20
Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Man-in-the-Middle Attack. In the reader-device authentication, a symmetric key is shared between the reader and the smart device. Anyone who does not have the key cannot win the trust from either the reader or the smart grid device. Security Goal 3 Forward Secrecy. the compromise of one shared key will not cause the compromise of others without knowing three other parameters used in new key generation. Security Goal 7 DoS Attack. all rounds of message exchange between the reader and the device are encrypted using a key shared between them, and any message without this encryption can be neglected. Security Goal 8 21
•Network Model Algorithm 2 [2] 22 [2] Chen, Yuwen, José-Fernán Martínez, Pedro Castillejo, and Lourdes López. "A bilinear map pairing based authentication scheme for smart grid communications: Pauth." IEEE Access 7 (2019): 22633-22643.
Algorithm 2 •Security Goals 1. Work against replay attack 2. Message integrity 3. Private key privacy 4. Perfect forward privacy 5. Early detection of illegal message 23
•Registration process Algorithm 2 24
•Registration process Algorithm 2 The proposed registration scheme is secure against an external adversary under the assumption of ECDL problem Elliptic Curve Discrete Logarithm (ECDL) problem. Suppose 𝐺1 is a cyclic additive group of prime order 𝑞, 𝑃 is a generator of 𝐺1. Given an element 𝑄 Of 𝐺1, it is computationally intractable to find a 𝑐 ∈ 𝑍𝑞 ∗ such that 𝑄 = 𝑐𝑃. Complexity 25
•Authentication process. Algorithm 2 26
•Authentication process. Algorithm 2 The proposed scheme achieves mutual authentication under the assumption of the ECCDH problem the Elliptic Curve Computational Diffie-Hellman (ECCDH) problem. Suppose 𝐺1 is a cyclic additive group of prime order 𝑞, 𝑃 is a generator of 𝐺1. For any 𝑎, 𝑏, 𝑐 ∈ 𝑍𝑞 ∗ , given an instance < 𝑎𝑃, 𝑏𝑃 > , it is computationally intractable to compute 𝑐𝑃 = 𝑎𝑏𝑃. Complexity Point in a group Point in a group 27
•Authentication process. Algorithm 2 28
•Authentication process. Algorithm 2 The proposed scheme achieves perfect forward privacy under the assumption of the BCDH problem Bilinear Computational Diffie- Hellman (BCDH) problem. Suppose 𝐺1 is a cyclic additive group of prime order 𝑞, 𝑃 is a generator of 𝐺1. For any 𝑎, 𝑏, 𝑐 ∈ 𝑍𝑞 ∗ , given an instance < 𝑎𝑃, 𝑏𝑃, 𝑐𝑃 > , it is computationally intractable to compute 𝑒 𝑃, 𝑃 𝑎𝑏𝑐 . Complexity 29
•Authentication process. Algorithm 2 30
•Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 31
•Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 32
•Authentication process. Algorithm 2 𝑑𝑖 = 𝑒𝑖 ∙ 𝑘𝑛 + 𝑘𝑢 + 𝑑𝑥 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 PRIVATE KEY PRIVACY. the private key of an entity is 𝑑𝑖 the network manager knows 𝑑𝑥 , 𝑒𝑖 and 𝑘𝑛 , however, it does not know 𝑘𝑢, it is unable to know the private key of an arbitrary entity Security Goal 3 33
•Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 PRIVATE KEY PRIVACY. the private key of an entity is 𝑑𝑖 the network manager knows 𝑑𝑥 , 𝑒𝑖 and 𝑘𝑛 , however, it does not know 𝑘𝑢, it is unable to know the private key of an arbitrary entity Security Goal 3 PERFECT FORWARD PRIVACY. For the scheme, even if the private keys of both entities are leaked, the adversary is unable to get the shared key of the past sessions. Security Goal 4 34
•Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 PRIVATE KEY PRIVACY. the private key of an entity is 𝑑𝑖 the network manager knows 𝑑𝑥 , 𝑒𝑖 and 𝑘𝑛 , however, it does not know 𝑘𝑢, it is unable to know the private key of an arbitrary entity Security Goal 3 PERFECT FORWARD PRIVACY. For the scheme, even if the private keys of both entities are leaked, the adversary is unable to get the shared key of the past sessions. Security Goal 4 EARLY DETECTION OF ILLEGAL MESSAGE. For the proposed scheme, if an adversary sends a fake message to entity 𝑉 𝑗. 𝑉 𝑗 can find out this message is not a legitimate one by checking the timestamp and the signature Security Goal 5 35
Algorithm 3 [3] •Network Model [3] Wazid, Mohammad, Ashok Kumar Das, Neeraj Kumar, and Joel JPC Rodrigues. "Secure three-factor user authentication scheme for renewable-energy-based smart grid environment." IEEE Transactions on Industrial Informatics 13, no. 6 (2017): 3144-3153. 36
Algorithm 3 •Security Goals 1. Man-in-the-Middle Attack 2. Smart Meter Impersonation Attack 3. User Impersonation Attack 4. Privileged-Insider Attack 5. Password Change Attack 6. Replay Attack 7. Ephemeral Secret Leakage (ESL) Attack 8. Anonymity and Untraceability 37
Algorithm 3 𝑅𝐼𝐷𝑖 = ℎ(𝐼𝐷𝑖 ∥ 𝑘) 𝑅𝐼𝐷𝑆𝑀 = ℎ(𝐼𝐷𝑆𝑀 ∥ 𝑘) Registration on mobile device Password & Biometric 1 1 2 3 4 Login Authentication 𝑅𝐼𝐷𝑇𝐴 = ℎ(𝐼𝐷𝑇𝐴 ∥ 𝑘) & 𝑅𝐼𝐷𝑇𝐴 & 𝑅𝐼𝐷𝑇𝐴 38
Algorithm 3 𝑅𝐼𝐷𝑖 = ℎ(𝐼𝐷𝑖 ∥ 𝑘) 𝑅𝐼𝐷𝑆𝑀 = ℎ(𝐼𝐷𝑆𝑀 ∥ 𝑘) Registration on mobile device Password & Biometric 1 1 2 3 4 Login Authentication Man-in-the-Middle Attack. it is not possible to fool both sides if the attacker does not know secret credentials RIDi, RIDSM and RIDTA. Security Goal 1 Smart Meter Impersonation Attack. Without having the secret credentials RIDSM and RIDTA, the attacker cannot impersonate the smart meter. Security Goal 2 𝑅𝐼𝐷𝑇𝐴 = ℎ(𝐼𝐷𝑇𝐴 ∥ 𝑘) & 𝑅𝐼𝐷𝑇𝐴 & 𝑅𝐼𝐷𝑇𝐴 User Impersonation Attack. Without having the secret credentials RIDi and RIDTA, also, the Password & Biometric. The attacker cannot impersonate the user. Security Goal 3 Privileged-Insider Attack. if the attacker is insider user and can get the registration information, Without having the biometric key and the password, he cannot use the mobile device. Security Goal 4 Password Change Attack. To change the password to another password the attacker require to input the correct ID and the old password and the biometric of the user. Security Goal 5 Suppose an adversary has stolen mobile device of a registered user. 39
Algorithm 3 40
Algorithm 3 Replay Attack. all these messages include the timestamps T1, T2, and T3, validity of the timestamps will fail. Security Goal 6 Ephemeral Secret Leakage (ESL) Attack. The attacker should know the secrets rui and rsj, also, the RIDI, RIDSM and RIDTA to calculate the secret shared key Security Goal 7 Anonymity and Untraceability. Due to usage of the random, current timestamps and the collision- resistant on-way hash function, the messages exchanged during the login, and authentication and key agreement phases are different for each session. Security Goal 8 41
Security Comparison Security Feature [1] [2] [3] Eavesdropping X X ✓ Replay attack ✓ ✓ ✓ Private key privacy ✓ ✓ ✓ Perfect forward privacy X ✓ ✓ Early detection of illegal entities X ✓ X Message integrity X ✓ X Man-in-the-Middle ✓ X ✓ Impersonation ✓ ✓ ✓ Internal Attack ✓ X ✓ Ephemeral Secret Leakage ✓ X X Brute-Force X X X Denial-of-Service X X ✓ Anonymity and Untraceability ✓ X X Password Change ✓ X X 42
Authentication Schemes Summary Authentication ID Based Hash function [1] Bilinear pairing [2] Encryption [3] 43
44 Thank You Any Questions?

Recommended

A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...
eSAT Journals
 
A novel approach to information security using safe
A novel approach to information security using safeA novel approach to information security using safe
A novel approach to information security using safe
eSAT Publishing House
 
Ijtra150171
Ijtra150171Ijtra150171
Ijtra150171
International Journal of Technical Research & Application
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
NEHA PATEL
 
Paper1
Paper1Paper1
Paper1
SpacSec
 
Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...
eSAT Publishing House
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)
Hemal Joshi
 
Enhancement in network security with security
Enhancement in network security with securityEnhancement in network security with security
Enhancement in network security with security
eSAT Publishing House
 

Recommended

A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...
eSAT Journals
 
A novel approach to information security using safe
A novel approach to information security using safeA novel approach to information security using safe
A novel approach to information security using safe
eSAT Publishing House
 
Ijtra150171
Ijtra150171Ijtra150171
Ijtra150171
International Journal of Technical Research & Application
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
NEHA PATEL
 
Paper1
Paper1Paper1
Paper1
SpacSec
 
Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...
eSAT Publishing House
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)
Hemal Joshi
 
Enhancement in network security with security
Enhancement in network security with securityEnhancement in network security with security
Enhancement in network security with security
eSAT Publishing House
 
Enhancement in network security with security protocols
Enhancement in network security with security protocolsEnhancement in network security with security protocols
Enhancement in network security with security protocols
eSAT Journals
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
WE-IT TUTORIALS
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Eric Vanderburg
 
Cryptography
CryptographyCryptography
Cryptography
Sourabh Badve
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
Netwax Lab
 
Securing information in wireless sensor networks
Securing information in wireless sensor networksSecuring information in wireless sensor networks
Securing information in wireless sensor networks
eSAT Publishing House
 
Cryptography
CryptographyCryptography
Cryptography
Abhi Prithi
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - Security
Wayne Jones Jnr
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
Shah Sheikh
 
D03302030036
D03302030036D03302030036
D03302030036
theijes
 
Ethical hacking for information security
Ethical hacking for information securityEthical hacking for information security
Ethical hacking for information security
Jayanth Vinay
 
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAREAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
ijp2p
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
Shah Sheikh
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Abhinav Biswas
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
IOSR Journals
 
Privacy & Security Aspects in Mobile Networks
Privacy & Security Aspects in Mobile NetworksPrivacy & Security Aspects in Mobile Networks
Privacy & Security Aspects in Mobile Networks
DefCamp
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
Shah Sheikh
 
A Review on Various Methods of Cryptography for Cyber Security
A Review on Various Methods of Cryptography for Cyber SecurityA Review on Various Methods of Cryptography for Cyber Security
A Review on Various Methods of Cryptography for Cyber Security
rahulmonikasharma
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
Cmano Kar
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
editor1knowledgecuddle
 
Cyber-security of smart grids
Cyber-security of smart gridsCyber-security of smart grids
Cyber-security of smart grids
Hamza AlBzoor
 
A Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart PhonesA Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart Phones
IJERA Editor
 

More Related Content

What's hot

Enhancement in network security with security protocols
Enhancement in network security with security protocolsEnhancement in network security with security protocols
Enhancement in network security with security protocols
eSAT Journals
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
WE-IT TUTORIALS
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Eric Vanderburg
 
Cryptography
CryptographyCryptography
Cryptography
Sourabh Badve
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
Netwax Lab
 
Securing information in wireless sensor networks
Securing information in wireless sensor networksSecuring information in wireless sensor networks
Securing information in wireless sensor networks
eSAT Publishing House
 
Cryptography
CryptographyCryptography
Cryptography
Abhi Prithi
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - Security
Wayne Jones Jnr
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
Shah Sheikh
 
D03302030036
D03302030036D03302030036
D03302030036
theijes
 
Ethical hacking for information security
Ethical hacking for information securityEthical hacking for information security
Ethical hacking for information security
Jayanth Vinay
 
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAREAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
ijp2p
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
Shah Sheikh
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Abhinav Biswas
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
IOSR Journals
 
Privacy & Security Aspects in Mobile Networks
Privacy & Security Aspects in Mobile NetworksPrivacy & Security Aspects in Mobile Networks
Privacy & Security Aspects in Mobile Networks
DefCamp
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
Shah Sheikh
 
A Review on Various Methods of Cryptography for Cyber Security
A Review on Various Methods of Cryptography for Cyber SecurityA Review on Various Methods of Cryptography for Cyber Security
A Review on Various Methods of Cryptography for Cyber Security
rahulmonikasharma
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
Cmano Kar
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
editor1knowledgecuddle
 

What's hot (20)

Enhancement in network security with security protocols
Enhancement in network security with security protocolsEnhancement in network security with security protocols
Enhancement in network security with security protocols
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
 
Cryptography
CryptographyCryptography
Cryptography
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
 
Securing information in wireless sensor networks
Securing information in wireless sensor networksSecuring information in wireless sensor networks
Securing information in wireless sensor networks
 
Cryptography
CryptographyCryptography
Cryptography
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - Security
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
 
D03302030036
D03302030036D03302030036
D03302030036
 
Ethical hacking for information security
Ethical hacking for information securityEthical hacking for information security
Ethical hacking for information security
 
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAREAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
 
Privacy & Security Aspects in Mobile Networks
Privacy & Security Aspects in Mobile NetworksPrivacy & Security Aspects in Mobile Networks
Privacy & Security Aspects in Mobile Networks
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
 
A Review on Various Methods of Cryptography for Cyber Security
A Review on Various Methods of Cryptography for Cyber SecurityA Review on Various Methods of Cryptography for Cyber Security
A Review on Various Methods of Cryptography for Cyber Security
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 

Similar to Authentication in Smart Grid

Cyber-security of smart grids
Cyber-security of smart gridsCyber-security of smart grids
Cyber-security of smart grids
Hamza AlBzoor
 
A Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart PhonesA Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart Phones
IJERA Editor
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
amaljose949563
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a survey
eSAT Publishing House
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
SHUBHA CHATURVEDI
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptx
BisharSuleiman
 
Cyber security
Cyber securityCyber security
Cyber security
Aman Pradhan
 
Physical Layer Essay
Physical Layer EssayPhysical Layer Essay
Physical Layer Essay
Jenny Richardson
 
CyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurityCyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurity
Home
 
Internet of things , presentation, rajiv gandhi university
Internet of things , presentation, rajiv gandhi universityInternet of things , presentation, rajiv gandhi university
Internet of things , presentation, rajiv gandhi university
PulakMandal14
 
Prevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network SecurityPrevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network Security
Editor IJMTER
 
Module 1.pptx
Module 1.pptxModule 1.pptx
Module 1.pptx
ssuser6e8e41
 
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsDetecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
CSCJournals
 
Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...
eSAT Journals
 
dccn ppt-1.pptx
dccn ppt-1.pptxdccn ppt-1.pptx
dccn ppt-1.pptx
FreefireGarena22
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
IOSR Journals
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1
JeevananthamArumugam
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
Rishabh Gupta
 
A Survey Paper on Jamming Attacks and its Countermeasures in Wireless Networks
A Survey Paper on Jamming Attacks and its Countermeasures in Wireless NetworksA Survey Paper on Jamming Attacks and its Countermeasures in Wireless Networks
A Survey Paper on Jamming Attacks and its Countermeasures in Wireless Networks
IRJET Journal
 
cns unit 1.pptx
cns unit 1.pptxcns unit 1.pptx
cns unit 1.pptx
Saranya Natarajan
 

Similar to Authentication in Smart Grid (20)

Cyber-security of smart grids
Cyber-security of smart gridsCyber-security of smart grids
Cyber-security of smart grids
 
A Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart PhonesA Novel Key Generation Technique Used In Tablets and Smart Phones
A Novel Key Generation Technique Used In Tablets and Smart Phones
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a survey
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Physical Layer Essay
Physical Layer EssayPhysical Layer Essay
Physical Layer Essay
 
CyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurityCyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurity
 
Internet of things , presentation, rajiv gandhi university
Internet of things , presentation, rajiv gandhi universityInternet of things , presentation, rajiv gandhi university
Internet of things , presentation, rajiv gandhi university
 
Prevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network SecurityPrevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network Security
 
Module 1.pptx
Module 1.pptxModule 1.pptx
Module 1.pptx
 
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsDetecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
 
Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...Data security for any organization by using public key infrastructure compone...
Data security for any organization by using public key infrastructure compone...
 
dccn ppt-1.pptx
dccn ppt-1.pptxdccn ppt-1.pptx
dccn ppt-1.pptx
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
 
A Survey Paper on Jamming Attacks and its Countermeasures in Wireless Networks
A Survey Paper on Jamming Attacks and its Countermeasures in Wireless NetworksA Survey Paper on Jamming Attacks and its Countermeasures in Wireless Networks
A Survey Paper on Jamming Attacks and its Countermeasures in Wireless Networks
 
cns unit 1.pptx
cns unit 1.pptxcns unit 1.pptx
cns unit 1.pptx
 

Recently uploaded

Mechanical Engineering on AAI Summer Training Report-003.pdf
Mechanical Engineering on AAI Summer Training Report-003.pdfMechanical Engineering on AAI Summer Training Report-003.pdf
Mechanical Engineering on AAI Summer Training Report-003.pdf
21UME003TUSHARDEB
 
An Introduction to the Compiler Designss
An Introduction to the Compiler DesignssAn Introduction to the Compiler Designss
An Introduction to the Compiler Designss
ElakkiaU
 
Open Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surfaceOpen Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surface
Indrajeet sahu
 
2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt
abdatawakjira
 
Transformers design and coooling methods
Transformers design and coooling methodsTransformers design and coooling methods
Transformers design and coooling methods
Roger Rozario
 
Introduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.pptIntroduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.ppt
Dwarkadas J Sanghvi College of Engineering
 
OOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming languageOOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming language
PreethaV16
 
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELDEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
ijaia
 
TIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptxTIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptx
CVCSOfficial
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
uqyfuc
 
Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...
Prakhyath Rai
 
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICSUNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
vmspraneeth
 
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
sydezfe
 
Object Oriented Analysis and Design - OOAD
Object Oriented Analysis and Design - OOADObject Oriented Analysis and Design - OOAD
Object Oriented Analysis and Design - OOAD
PreethaV16
 
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
shadow0702a
 
AI-Based Home Security System : Home security
AI-Based Home Security System : Home securityAI-Based Home Security System : Home security
AI-Based Home Security System : Home security
AIRCC Publishing Corporation
 
Height and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdfHeight and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdf
q30122000
 
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
ijseajournal
 
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Sinan KOZAK
 
Generative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdfGenerative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdf
mahaffeycheryld
 

Recently uploaded (20)

Mechanical Engineering on AAI Summer Training Report-003.pdf
Mechanical Engineering on AAI Summer Training Report-003.pdfMechanical Engineering on AAI Summer Training Report-003.pdf
Mechanical Engineering on AAI Summer Training Report-003.pdf
 
An Introduction to the Compiler Designss
An Introduction to the Compiler DesignssAn Introduction to the Compiler Designss
An Introduction to the Compiler Designss
 
Open Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surfaceOpen Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surface
 
2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt
 
Transformers design and coooling methods
Transformers design and coooling methodsTransformers design and coooling methods
Transformers design and coooling methods
 
Introduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.pptIntroduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.ppt
 
OOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming languageOOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming language
 
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELDEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
 
TIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptxTIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptx
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
 
Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...
 
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICSUNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
 
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
一比一原版(uoft毕业证书)加拿大多伦多大学毕业证如何办理
 
Object Oriented Analysis and Design - OOAD
Object Oriented Analysis and Design - OOADObject Oriented Analysis and Design - OOAD
Object Oriented Analysis and Design - OOAD
 
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
 
AI-Based Home Security System : Home security
AI-Based Home Security System : Home securityAI-Based Home Security System : Home security
AI-Based Home Security System : Home security
 
Height and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdfHeight and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdf
 
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...Call For Paper -3rd International Conference on Artificial Intelligence Advan...
Call For Paper -3rd International Conference on Artificial Intelligence Advan...
 
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
 
Generative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdfGenerative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdf
 

Authentication in Smart Grid

  • 1. Authentication in Smart Grid (Part 4) PRESENTED BY: SHERIF ABDELFATTAH 1 ECE department sabdelfat42@students.tntech.edu
  • 2. Introduction •Smart meters (SMs) now a days are widely used for demand and supply management in SGs. •It needs to communicate with other entities in the network system. So, there is a need for a secure communication system that can ensure a secure information exchange between the legal entities while maintaining its privacy. •Thus, authentication become critical security component in the smart metering infrastructure (SMI) which provides privacy preservation in order to provide reliable power services to the SG. •Authentication is the process that ensures that the communication occurs between two legitimate entities by verifying their identities. •of the smart grid communication network can affect the availability, reliability, safety, and productivity of the power system. •There is some security issues that can effect on the privacy of the users. Also, because of the high dependency on communication and networking systems makes the SG infrastructure vulnerable to different threats. These threats include the potential for several types of cyber-attacks, such as man- in-the-middle (MinM) attacks, impersonation attacks, replaying, and injecting messages. 2
  • 3. Introduction Why is this topic important •To ensure the security of two-way communication between smart grid entities, authentication and key establishment is a necessary, which enables the entities to verify the legitimacy of the entity with which they communicate, and to build a shared key with the legitimate entity for further communication. •The user needs to authenticate the utility company or its representing node to protect his privacy by ensuring that his consumption is sent to the right place. •The utility company needs to authenticate the user to save the network from any malicious user that can send false data to affect the network performance or shut it down. •For example, an attacker may change the user’s power consumption readings sent to the utility by a smart meter, which can lead to wrong decision-making by the control center. 3
  • 4. Common Challenges •Security against cyber-attacks like eavesdropping, replay attacks, man-in-the-middle (MitM) attacks, and impersonation attacks. •Ensure the integrity of the message while the authentication process. •Lightweight authentication are needed due to the limited computation resources of the smart meters. •Decrease computation and communication overheads. •Mutual authentication. •Session key agreement. 4
  • 5. Common Attacks •Eavesdropping: Eavesdropping is an attack to capture the unauthorized information that is confidential. •Replay attack: The external adversary 𝒜 captures the previous message and replays the out-of- date messages to gateway. •Brute-Force Attack: Brute-force attack is to try every possible key on a piece of cipher text until an intelligible translation into plain text is obtained. •Man-in-the-Middle Attack: A Man-In-The-Middle (MITM) attack is the attack in which the attacker pretends to be the right person during the communication and uses the information received from one side to fool the other side. Both sides of victims feel that they are exchanging information directly. 5
  • 6. Common Attacks •Impersonation Attack: A device attack aims to impersonate a legitimate device, such as a smart meter. •Internal Attack: An internal attack happens when an attacker is from the organization or has the assets that can help him to access the unauthorized resource. •Forward Secrecy: Forward secrecy ensures that even if one session key gets compromised, other session keys can not be compromised. •Denial-of-Service Attack: an attacker attempts to prevent legitimate users from accessing information or services, by targeting the hosting devise 6
  • 7. Preliminaries - Bilinear Map Pairing Let 𝐺1, 𝐺2 and 𝐺𝑇 be cyclic group of prime order 𝑞. Let 𝑃1 is a generator of 𝐺1 and 𝑃2 is a generator of 𝐺2. Let 𝑒 be a map 𝑒: 𝐺1 × 𝐺2 → 𝐺𝑇 which is called a pairing The Bilinear pairing has the property that for all 𝑃 ∈ 𝐺1, 𝑄 ∈ 𝐺2 and all 𝑎, 𝑏 ∈ 𝑍 we have 𝑒 𝑎𝑃, 𝑏𝑄 = 𝑒 𝑃, 𝑄 𝑎𝑏. ▪ 𝑒 𝑎𝑃, 𝑏𝑄 = 𝑒 𝑎𝑏𝑃, 𝑄 = 𝑒 𝑃, 𝑎𝑏𝑄 = 𝑒 𝑃, 𝑄 𝑎𝑏 = 𝑒(𝑏𝑃, 𝑎𝑄) ▪ 𝑒 𝑃 + 𝑃1, 𝑄 = 𝑒 𝑃, 𝑄 𝑒(𝑃1, 𝑄) ▪ 𝑒 𝑃, 𝑄 + 𝑄1 = 𝑒 𝑃, 𝑄 𝑒 𝑃, 𝑄1 ▪ 𝑒 𝑃 + 𝑃1, 𝑄 + 𝑄1 = 𝑒 𝑃, 𝑄 + 𝑄1 𝑒 𝑃1, 𝑄 + 𝑄1 = 𝑒 𝑃, 𝑄 𝑒 𝑃, 𝑄1 𝑒 𝑃1, 𝑄 𝑒 𝑃1, 𝑄1 ▪ If 𝑒 is symmetric then 𝑒 𝑃, 𝑄 = 𝑒(𝑄, 𝑃) 7
  • 8. Algorithm 1 [1] There are usually two types of smart grid devices, networked and isolated. ▪ The networked smart grid devices are a part of a smart grid data communication network. ▪ The isolated smart grid devices exist in the area that is not covered by a smart grid communication network. Isolated devices are resulted from many causes including agreement between the electricity user and the utility company, and cost-effective considerations not to cover faraway devices. 8 [1] Sha, Kewei, Naif Alatrash, and Zhiwei Wang. "A secure and efficient framework to read isolated smart grid devices." IEEE Transactions on Smart Grid 8, no. 6 (2016): 2519-2531.
  • 9. Algorithm 1 •Network Model Three parties, the electricity service provider cloud (referred as cloud), the reader, and the smart grid device. 1. Request: the Kth round of data reading request is issued by the reader to the smart grid device. 2. Replay: smart grid device then responds by sending its ID in a message {Mid, TMSP}SKk-1 , where Mid is the smart grid device ID and TMSP is the timestamp of this message 9
  • 10. Algorithm 1 •Challenges 1. An eavesdropper may listen on the communication channel between the smart grid device and the reader. 2. A fake device reader may be used to read the data from the smart grid device. 3. Someone who is not working in the company may take a reader to read data. 4. A worker who is not assigned the task, but tries to use a reader to read the data from meter. 5. The smart grid device may be modified to provide incorrect data. 10
  • 11. Algorithm 1 •Security Goals To work against these attacks 1. Eavesdropping 2. Brute-Force Attack 3. Man-in-the-Middle Attack 4. Device Attack 5. Internal Attack 6. Replay Attack 7. Forward Secrecy 8. Denial-of-Service Attack 11
  • 12. Algorithm 1 Notation Description Rid reader ID TR reader’s request timestamp Key one-time session key Pri(R) reader’s private key Pub(C) cloud’s public key C cloud ID Uid worker ID 12 •Authentication process. Between the cloud and the reader
  • 13. Algorithm 1 13 •Authentication process. Between the reader and the smart meter
  • 15. Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Brute-Force Attack. using modern cryptographic algorithms like AES, the basic brute-force attacks have been proved to be blocked by using appropriately sized keys like 256-bit keys. Security Goal 2 15
  • 16. Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Brute-Force Attack. using modern cryptographic algorithms like AES, the basic brute-force attacks have been proved to be blocked by using appropriately sized keys like 256-bit keys. Security Goal 2 Man-in-the-Middle Attack. an MITM attacker is not possible to forge the digital signature without the right private key. Security Goal 3 Device Attack. fake reader has no way to get authenticated, because it cannot get a valid private key. Security Goal 4 Internal Attack. The authentication request from a lost legitimate reader can be blocked, because the reader cannot provide the right task information. Security Goal 5 16
  • 17. Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Brute-Force Attack. using modern cryptographic algorithms like AES, the basic brute-force attacks have been proved to be blocked by using appropriately sized keys like 256-bit keys. Security Goal 2 Man-in-the-Middle Attack. an MITM attacker is not possible to forge the digital signature without the right private key. Security Goal 3 Device Attack. fake reader has no way to get authenticated, because it cannot get a valid private key. Security Goal 4 Internal Attack. The authentication request from a lost legitimate reader can be blocked, because the reader cannot provide the right task information. Security Goal 5 Replay Attack. attack can be mostly disabled by the use of one-time shared key in the reader-device authentication. In addition, use timestamps to prevent reply attack. Security Goal 6 17
  • 19. Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Man-in-the-Middle Attack. In the reader-device authentication, a symmetric key is shared between the reader and the smart device. Anyone who does not have the key cannot win the trust from either the reader or the smart grid device. Security Goal 3 19
  • 20. Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Man-in-the-Middle Attack. In the reader-device authentication, a symmetric key is shared between the reader and the smart device. Anyone who does not have the key cannot win the trust from either the reader or the smart grid device. Security Goal 3 Forward Secrecy. the compromise of one shared key will not cause the compromise of others without knowing three other parameters used in new key generation. Security Goal 7 20
  • 21. Algorithm 1 Eavesdropping. all communications are encrypted to prevent eavesdropping. Security Goal 1 Man-in-the-Middle Attack. In the reader-device authentication, a symmetric key is shared between the reader and the smart device. Anyone who does not have the key cannot win the trust from either the reader or the smart grid device. Security Goal 3 Forward Secrecy. the compromise of one shared key will not cause the compromise of others without knowing three other parameters used in new key generation. Security Goal 7 DoS Attack. all rounds of message exchange between the reader and the device are encrypted using a key shared between them, and any message without this encryption can be neglected. Security Goal 8 21
  • 22. •Network Model Algorithm 2 [2] 22 [2] Chen, Yuwen, José-Fernán Martínez, Pedro Castillejo, and Lourdes López. "A bilinear map pairing based authentication scheme for smart grid communications: Pauth." IEEE Access 7 (2019): 22633-22643.
  • 23. Algorithm 2 •Security Goals 1. Work against replay attack 2. Message integrity 3. Private key privacy 4. Perfect forward privacy 5. Early detection of illegal message 23
  • 25. •Registration process Algorithm 2 The proposed registration scheme is secure against an external adversary under the assumption of ECDL problem Elliptic Curve Discrete Logarithm (ECDL) problem. Suppose 𝐺1 is a cyclic additive group of prime order 𝑞, 𝑃 is a generator of 𝐺1. Given an element 𝑄 Of 𝐺1, it is computationally intractable to find a 𝑐 ∈ 𝑍𝑞 ∗ such that 𝑄 = 𝑐𝑃. Complexity 25
  • 27. •Authentication process. Algorithm 2 The proposed scheme achieves mutual authentication under the assumption of the ECCDH problem the Elliptic Curve Computational Diffie-Hellman (ECCDH) problem. Suppose 𝐺1 is a cyclic additive group of prime order 𝑞, 𝑃 is a generator of 𝐺1. For any 𝑎, 𝑏, 𝑐 ∈ 𝑍𝑞 ∗ , given an instance < 𝑎𝑃, 𝑏𝑃 > , it is computationally intractable to compute 𝑐𝑃 = 𝑎𝑏𝑃. Complexity Point in a group Point in a group 27
  • 29. •Authentication process. Algorithm 2 The proposed scheme achieves perfect forward privacy under the assumption of the BCDH problem Bilinear Computational Diffie- Hellman (BCDH) problem. Suppose 𝐺1 is a cyclic additive group of prime order 𝑞, 𝑃 is a generator of 𝐺1. For any 𝑎, 𝑏, 𝑐 ∈ 𝑍𝑞 ∗ , given an instance < 𝑎𝑃, 𝑏𝑃, 𝑐𝑃 > , it is computationally intractable to compute 𝑒 𝑃, 𝑃 𝑎𝑏𝑐 . Complexity 29
  • 31. •Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 31
  • 32. •Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 32
  • 33. •Authentication process. Algorithm 2 𝑑𝑖 = 𝑒𝑖 ∙ 𝑘𝑛 + 𝑘𝑢 + 𝑑𝑥 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 PRIVATE KEY PRIVACY. the private key of an entity is 𝑑𝑖 the network manager knows 𝑑𝑥 , 𝑒𝑖 and 𝑘𝑛 , however, it does not know 𝑘𝑢, it is unable to know the private key of an arbitrary entity Security Goal 3 33
  • 34. •Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 PRIVATE KEY PRIVACY. the private key of an entity is 𝑑𝑖 the network manager knows 𝑑𝑥 , 𝑒𝑖 and 𝑘𝑛 , however, it does not know 𝑘𝑢, it is unable to know the private key of an arbitrary entity Security Goal 3 PERFECT FORWARD PRIVACY. For the scheme, even if the private keys of both entities are leaked, the adversary is unable to get the shared key of the past sessions. Security Goal 4 34
  • 35. •Authentication process. Algorithm 2 REPLAY ATTACK. in the scheme there is a timestamp 𝑇1 in the message Security Goal 1 MESSAGE INTEGRITY. the signature in message ensure the integrity of the message Security Goal 2 PRIVATE KEY PRIVACY. the private key of an entity is 𝑑𝑖 the network manager knows 𝑑𝑥 , 𝑒𝑖 and 𝑘𝑛 , however, it does not know 𝑘𝑢, it is unable to know the private key of an arbitrary entity Security Goal 3 PERFECT FORWARD PRIVACY. For the scheme, even if the private keys of both entities are leaked, the adversary is unable to get the shared key of the past sessions. Security Goal 4 EARLY DETECTION OF ILLEGAL MESSAGE. For the proposed scheme, if an adversary sends a fake message to entity 𝑉 𝑗. 𝑉 𝑗 can find out this message is not a legitimate one by checking the timestamp and the signature Security Goal 5 35
  • 36. Algorithm 3 [3] •Network Model [3] Wazid, Mohammad, Ashok Kumar Das, Neeraj Kumar, and Joel JPC Rodrigues. "Secure three-factor user authentication scheme for renewable-energy-based smart grid environment." IEEE Transactions on Industrial Informatics 13, no. 6 (2017): 3144-3153. 36
  • 37. Algorithm 3 •Security Goals 1. Man-in-the-Middle Attack 2. Smart Meter Impersonation Attack 3. User Impersonation Attack 4. Privileged-Insider Attack 5. Password Change Attack 6. Replay Attack 7. Ephemeral Secret Leakage (ESL) Attack 8. Anonymity and Untraceability 37
  • 38. Algorithm 3 𝑅𝐼𝐷𝑖 = ℎ(𝐼𝐷𝑖 ∥ 𝑘) 𝑅𝐼𝐷𝑆𝑀 = ℎ(𝐼𝐷𝑆𝑀 ∥ 𝑘) Registration on mobile device Password & Biometric 1 1 2 3 4 Login Authentication 𝑅𝐼𝐷𝑇𝐴 = ℎ(𝐼𝐷𝑇𝐴 ∥ 𝑘) & 𝑅𝐼𝐷𝑇𝐴 & 𝑅𝐼𝐷𝑇𝐴 38
  • 39. Algorithm 3 𝑅𝐼𝐷𝑖 = ℎ(𝐼𝐷𝑖 ∥ 𝑘) 𝑅𝐼𝐷𝑆𝑀 = ℎ(𝐼𝐷𝑆𝑀 ∥ 𝑘) Registration on mobile device Password & Biometric 1 1 2 3 4 Login Authentication Man-in-the-Middle Attack. it is not possible to fool both sides if the attacker does not know secret credentials RIDi, RIDSM and RIDTA. Security Goal 1 Smart Meter Impersonation Attack. Without having the secret credentials RIDSM and RIDTA, the attacker cannot impersonate the smart meter. Security Goal 2 𝑅𝐼𝐷𝑇𝐴 = ℎ(𝐼𝐷𝑇𝐴 ∥ 𝑘) & 𝑅𝐼𝐷𝑇𝐴 & 𝑅𝐼𝐷𝑇𝐴 User Impersonation Attack. Without having the secret credentials RIDi and RIDTA, also, the Password & Biometric. The attacker cannot impersonate the user. Security Goal 3 Privileged-Insider Attack. if the attacker is insider user and can get the registration information, Without having the biometric key and the password, he cannot use the mobile device. Security Goal 4 Password Change Attack. To change the password to another password the attacker require to input the correct ID and the old password and the biometric of the user. Security Goal 5 Suppose an adversary has stolen mobile device of a registered user. 39
  • 41. Algorithm 3 Replay Attack. all these messages include the timestamps T1, T2, and T3, validity of the timestamps will fail. Security Goal 6 Ephemeral Secret Leakage (ESL) Attack. The attacker should know the secrets rui and rsj, also, the RIDI, RIDSM and RIDTA to calculate the secret shared key Security Goal 7 Anonymity and Untraceability. Due to usage of the random, current timestamps and the collision- resistant on-way hash function, the messages exchanged during the login, and authentication and key agreement phases are different for each session. Security Goal 8 41
  • 42. Security Comparison Security Feature [1] [2] [3] Eavesdropping X X ✓ Replay attack ✓ ✓ ✓ Private key privacy ✓ ✓ ✓ Perfect forward privacy X ✓ ✓ Early detection of illegal entities X ✓ X Message integrity X ✓ X Man-in-the-Middle ✓ X ✓ Impersonation ✓ ✓ ✓ Internal Attack ✓ X ✓ Ephemeral Secret Leakage ✓ X X Brute-Force X X X Denial-of-Service X X ✓ Anonymity and Untraceability ✓ X X Password Change ✓ X X 42
  • 43. Authentication Schemes Summary Authentication ID Based Hash function [1] Bilinear pairing [2] Encryption [3] 43