With the enablement of Internet of Things technology, the electrical grid is currently undergoing a drastic revolution, which is known as smart grid. Since massive sensitive data and control commands transmitted via public channels, the smart grid is challenged by various cyber threats. Authenticated key agreement protocols in smart grid effectively ensure the confidentiality and authentication of communication through mutual authentication and establishing session keys. In this article, we review the existing elliptic curve cryptography (ECC)-based authentication and key agreement protocols in smart gird and perform a security analysis of Hu et al.’s protocol. We exhibit that the protocol fails to resist key compromise impersonation (KCI) attack and cannot provide untraceability. Furthermore, we propose a security-enhanced authentication and key agreement protocol based on ECC, which performs registration, authentication, and key agreement phases over public channels to enable mutual authentication and to establish session keys. The protocol is also proved to be security-enhanced by formal proof and informal analysis. The performance analysis results demonstrate that the proposed protocol is comparable to other existing protocols while achieving enhanced security. Therefore, the protocol satisfies the deployment requirements for resource-constrained smart grid.

中文翻译：

---

智能电网中安全增强的认证和密钥协商协议


随着物联网技术的推动，电网目前正在经历一场剧烈的革命，这就是所谓的智能电网。由于海量敏感数据和控制命令通过公共渠道传输，智能电网面临着各种网络威胁的挑战。智能电网中的认证密钥协商协议通过相互认证和建立会话密钥，有效地保证了通信的保密性和认证性。在本文中，我们回顾了智能电网中现有的基于椭圆曲线加密（ECC）的身份验证和密钥协商协议，并对 Hu 等人的协议进行了安全分析。我们证明该协议无法抵御密钥泄露模拟（KCI）攻击，并且无法提供不可追踪性。此外，我们提出了一种基于 ECC 的安全增强型身份验证和密钥协商协议，该协议通过公共通道执行注册、身份验证和密钥协商阶段，以实现相互身份验证并建立会话密钥。通过正式证明和非正式分析，该协议还被证明是安全增强的。性能分析结果表明，所提出的协议与其他现有协议相当，同时实现了增强的安全性。因此，该协议满足资源受限的智能电网的部署要求。