PASS: Privacy-preserving authentication scheme for smart grid network

A smart grid power system is capable of adjusting the amount of electricity generated based on real-time requests from the smart meters of customers, thus avoiding excess electricity generation and facilitating reliable and effective transmission of electricity. To ensure that requests are sent from a valid user, all request messages must be authenticated. On the other hand, by analyzing the electricity usage pattern of a customer, the daily habit of the customer, such as when he is away, may be revealed. Thus, a proper privacy preserving mechanism has to be adopted. This paper attempts to develop a scheme to address these two seemingly contradicting requirements efficiently. By using a tamper-resistant device at the smart appliance and pseudo identities, we derive a privacy preserving authentication scheme to solve the problem. The authentication process is made very efficient by means of Hash-based Message Authentication Code (HMAC). Through simulation, we show that with our scheme, the transmission and signature verification delay induced are very small and the message overhead is only 20 bytes per request message. With our efficient verification process, even under attack, the substation can effectively drop all attack messages, allowing 6 times more valid messages to reach the control center when compared to the case without any verification. Thus our scheme is both efficient and effective.