Investigating Public-Key Certificate Revocation in Smart Grid

The public key cryptography (PKC) is essential for securing many applications in smart grid. For the secure use of the PKC, certificate revocation schemes tailored to smart grid applications should be adopted. However, little work has been done to study certificate revocation in smart grid. In this paper, we first explain different motivations that necessitate revoking certificates in smart grid. We also identify the applications that can be secured by PKC and thus need certificate revocation. Then, we explain existing certificate revocation schemes and define several metrics to assess them. Based on this assessment, we identify the applications that are proper for each scheme and discuss how the schemes can be modified to fully satisfy the requirements of its potential applications. Finally, we study certificate revocation in pseudonymous public key infrastructure (PPKI), where a large number of certified public/private keys are assigned for each node to preserve privacy. We target vehicles-to-grid communications as a potential application. Certificate revocation in this application is a challenge because of the large number of certificates. We discuss an efficient certificate revocation scheme for PPKI, named compressed certificate revocation lists (CRLs). Our analytical results demonstrate that one revocation scheme cannot satisfy the overhead/security requirements of all smart grid applications. Rather, different schemes should be employed for different applications. Moreover, we used simulations to measure the overhead of the schemes.