Neetesh Saxena

Authentication and Authorization Scheme for Various User Roles and Devices in Smart Grid

The smart grid, as the next generation of the power grid, is characterized by employing many different types of intelligent devices, such as intelligent electronic devices located at substations, smart meters positioned in the home area network, and outdoor field equipment deployed in the fields. In addition, there are various users in the smart grid network, including customers, operators, maintenance personnel, and so on, who use these devices for various purposes. Therefore, a secure and efficient mutual authentication and authorization scheme is needed in the smart grid to prevent various insider and outsider attacks on many different devices. In this paper, we propose an authentication and authorization scheme for mitigating outsider and insider threats in the smart grid by verifying the user authorization and performing the user authentication together whenever a user accesses the devices. The proposed scheme computes each user role dynamically using an attribute-based access control and verifies the identity of the user together with the device. Security and performance analysis show that the proposed scheme resists various insider as well as outsider attacks, and is more efficient in terms of communication and computation costs in comparison with the existing schemes. The correctness of the proposed scheme is also proved using BAN-Logic and Proverif.

EasySMS: A Protocol for End-to-End Secure Transmission of SMS

Nowadays, short message service (SMS) is being used in many daily life applications, including healthcare monitoring, mobile banking, mobile commerce, and so on. But when we send an SMS from one mobile phone to another, the information contained in the SMS transmit as plain text. Sometimes this information may be confidential like account numbers, passwords, license numbers, and so on, and it is a major drawback to send such information through SMS while the traditional SMS service does not provide encryption to the information before its transmission. In this paper, we propose an efficient and secure protocol called EasySMS, which provides end-to-end secure communication through SMS between end users. The working of the protocol is presented by considering two different scenarios. The analysis of the proposed protocol shows that this protocol is able to prevent various attacks, including SMS disclosure, over the air modification, replay attack, man-in-the-middle attack, and impersonation attack. The EasySMS protocol generates minimum communication and computation overheads as compared with existing SMSSec and PK-SIM protocols. On an average, the EasySMS protocol reduces 51% and 31% of the bandwidth consumption and reduces 62% and 45% of message exchanged during the authentication process in comparison to SMSSec and PK-SIM protocols respectively. Authors claim that EasySMS is the first protocol completely based on the symmetric key cryptography and retain original architecture of cellular network.

Authentication Scheme for Flexible Charging and Discharging of Mobile Vehicles in the V2G Networks

Navigating security and privacy challenges is one of the crucial requirements in the vehicle-to-grid (V2G) network. Since electric vehicles (EVs) need to provide their private information to aggregators/servers when charging/discharging at different charging stations, privacy of the vehicle owners can be compromised if the information is misused, traced, or revealed. In a wide V2G network, where vehicles can move outside of their home network to visiting networks, security and privacy become even more challenging due to untrusted entities in the visiting networks. Although some privacy-preserving solutions were proposed in the literature to tackle this problem, they do not protect against well-known security attacks and generate a huge overhead. Therefore, we propose a mutual authentication scheme to preserve privacy of the EVs information from aggregators/servers in the home as well as distributed visiting V2G networks. Our scheme, based on a bilinear pairing technique with an accumulator performing batch verification, yields higher system efficiency, defeats various security attacks, and maintains untraceability, forward privacy, and identity anonymity. A performance analysis shows that our scheme, in comparison with the existing solutions, significantly generates lower communication and computation overheads in the home and centralized V2G networks, and comparable overheads in the distributed visiting V2G networks.

SecureSMS: A secure SMS protocol for VAS and other applications

Nowadays, the SMS is a very popular communication channel for numerous value added services (VAS), business and commercial applications. Hence, the security of SMS is the most important aspect in such applications. Recently, the researchers have proposed approaches to provide end-to-end security for SMS during its transmission over the network. Thus, in this direction, many SMS-based frameworks and protocols like Markos SMS framework, Songyangs SMS framework, Alfredos SMS framework, SSMS protocol, and, Marko and Konstantins protocol have been proposed but these frameworks/protocols do not justify themselves in terms of security analysis, communication and computation overheads, prevention from various threats and attacks, and the bandwidth utilization of these protocols. The two protocols SMSSec and PK-SIM have also been proposed to provide end-to-end security and seem to be little better in terms of security analysis as compared to the protocols/framework mentioned above. In this paper, we propose a new secure and optimal protocol called SecureSMS, which generates less communication and computation overheads. We also discuss the possible threats and attacks in the paper and provide the justified prevention against them. The proposed protocol is also better than the above two protocols in terms of the bandwidth utilization. On an average the SecureSMS protocol reduces 71% and 59% of the total bandwidth used in the authentication process as compared to the SMSSec and PK-SIM protocols respectively. Apart from this, the paper also proposes a scheme to store and implement the cryptographic algorithms onto the SIM card. The proposed scheme provides end-to-end SMS security with authentication (by the SecureSMS protocol), confidentiality (by encryption AES/Blowfish; preferred AES-CTR), integrity (SHA1/MD5; preferred SHA1) and non-repudiation (ECDSA/DSA; preferred ECDSA).

Authentication Protocol for an IoT-Enabled LTE Network

The Evolved Packet System-based Authentication and Key Agreement (EPS-AKA) protocol of the long-term evolution (LTE) network does not support Internet of Things (IoT) objects and has several security limitations, including transmission of the object’s (user/device) identity and key set identifier in plaintext over the network, synchronization, large overhead, limited identity privacy, and security attack vulnerabilities. In this article, we propose a new secure and efficient AKA protocol for the LTE network that supports secure and efficient communications among various IoT devices as well as among the users. Analysis shows that our protocol is secure, efficient, and privacy preserved, and reduces bandwidth consumption during authentication.

Secure encryption with digital signature approach for Short Message Service

As Short Message Service (SMS) is now widely used as business tool, its security has become a major concern for business organizations and customers. However, their security is a critical issue cumbering their application and development. This paper analyses the most popular digital signature algorithms such as DSA, RSA and ECDSA and compared these algorithms. These signature algorithms were implemented in Java with various different key sizes set. Experimental comparison results of the three signature algorithms were presented and analysed. The results show that ECDSA is more suitable to generate the signature and RSA is more suitable to verify the signature on mobile devices. The experimental results are presented to show the effectiveness of each algorithm and to choose the most suitable algorithm for SMS digital signature. Next, we propose a new algorithm for digital signature based on ECDSA. At the end, conclusion and future extension of this work is discussed.

Integrated Distributed Authentication Protocol for Smart Grid Communications

In the smart grid, an integrated distributed authentication protocol is needed to not only securely manage the system but also efficiently authenticate many different entities for the communications. In addition, a lightweight authentication protocol is required to handle frequent authentications among billions of devices. Unfortunately, in the literature, there is no such integrated protocol that provides mutual authentication among the home environment, energy provider, gateways, and advanced metering infrastructure network. Therefore, in this paper, we propose a lightweight cloud-trusted authorities-based integrated (centrally controlled) distributed authentication protocol that provides mutual authentications among communicated entities in a distributed manner. Based on certificateless cryptosystem, our protocol is lightweight and efficient even when there are invalid requests in a batch. Security and performance analysis show that the protocol provides privacy preservation, forward secrecy, semantic security, perfect key ambiguous, and protection against identity thefts while generating lower overheads in comparison with the existing protocols. Also, the protocol is secure against man-in-the-middle attacks, redirection attacks, impersonation attacks, and denial-of-service attacks. Moreover, our protocol provides a complete resistance against flood-based denial-of-service attacks.

Network Security and Privacy Challenges in Smart Vehicle-to-Grid

Smart vehicle-to-grid (V2G) involves intelligent charge and discharge decisions based on user operational energy requirements, such as desired levels of charging and waiting time. V2G is also supported by information management capabilities enabled by a secure network, such as a reliable privacy-preserving payment system. In this article, we describe the network security and privacy requirements and challenges of V2G applications. We present a new network security architecture to support V2G. We propose a scheme with the following security and privacy-preserving features: anonymous authentication, fine-grained access control, anonymous signatures, information confidentiality, message integrity, remote attestation, and a payment system. This article is oriented toward practitioners interested in designing and implementing secure and privacy-preserving networks for smart V2G applications.

A secure approach for SMS in GSM network

The Short Message Service (SMS) is one of very popular kind of superior and well-tried services with a global availability in GSM networks. This paper deals with an SMS security for mobile communication. The transmission of an SMS in GSM network is not secure; therefore it is desirable to secure SMS by additional encryption. A proposed approach, based on encryption and digital signature efficiently embeds the confidentiality, integrity, authentication, and non-repudiation in the SMS messages. In the next part, there is the description of design and implementation of the application, which encrypts SMS by DES, Triple DES, AES and Blowfish algorithms and finally signs SMS by DSA or RSA algorithm respectively. At the end, we described attacks on secured SMS and future extension of the application.

Dynamic Secrets and Secret Keys Based Scheme for Securing Last Mile Smart Grid Wireless Communication

An integrated and optimized smart grid cannot be achieved without a secure communication network. Due to the large-scale nature of the power system, the variety of technologies used, and limitations of communication bandwidth, supervisory applications for smart grid still use weak security in many deployments. Adversaries can potentially modify measurement values or inject bad commands over the network. In this paper, we propose a novel scheme based on dynamic secrets and encryption with secret keys. The scheme generates a series of dynamic secrets over the communication network, which are used to generate secret keys for data encryption. The generation of dynamic secret is frequent and no adversary can compromise the network for a longer period, even if he/she knows a secret key. The scheme is secure against eavesdropping, malicious communication injection, man-in-the-middle attacks, replay attacks, impersonation attacks, and chosen-plaintext attacks. The security analysis and performance evaluation show that our scheme is feasible to be used in the communications between supervisory and control nodes of various smart grid applications.