Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems

This paper studies the security requirements for remote authentication and communication in smart grid systems. Though smart card based authentication techniques have been a successful solution for addressing key management challenges in several cryptographic authentication systems, they may not be applicable to smart grid systems. For example, in order to unlock the credentials stored in tamper-resistant components (which could either be integrated in smart meters and collectors or be separate components that could be inserted into smart meters and collectors), one generally needs to input a password or PIN number to the smart meters or collectors. Since most smart meters and collectors are unattended, they could be maliciously modified or impersonated. Thus there is no trusted platform for the device owners or service provider agents to input the PIN number. Furthermore, the tamper resistant components (either integrated or separated) that hold the secret credentials could be easily accessed by an attacker and offline dictionary attacks could be easily mounted against these devices to retrieve the password or PIN number. In this paper, we review the security requirements for smart grid authentication systems and propose trust models for smart grid remote authentication systems. Finally, we propose secure authentication protocols within these trust models to defeat the common attacks such as offline dictionary attacks.