The digital signature appends with the encrypted data is transmitted to the ..... Surveys and tutorials, Vol.14, No.4, Fourth Quarter, 2012. [3] Jing Liu, Yang Xiao, ...
A Novel Dual Euclidean Algorithm for Secure Data Transmission in Smart Grid System R. Vijayanand
D. Devaraj
B. Kannapiran
Research Scholar Department of CSE Kalasalingam University, Tamil nadu, India
Professor and Head Department of EEE, Kalasalingam University, Tamil nadu, India
Assoc.Professor and Head Department of ICT Kalasalingam University, Tamil nadu, India
Abstract--Smart Grid is a widely distributed automated energy delivery network, which uses two way flows of energy and data to deliver the electricity to the customer with minimum disturbance. The backbone of smart grid is the communication network. The reliability of the smart grid depends on the data received from various distributed domains of the network. Because of the multifaceted nature of the network, the smart grid is highly prone to attacks. Another issue is the generation of vast amount of data. The massiveness of devices and data collected in smart grid makes the system unable to use the existing cryptographic algorithms. So, there is a need for a security algorithm that provides high security as well as executes promptly. In this paper, we propose an efficient security algorithm that can encrypt large amount of data in short time. The algorithm we propose uses the dual Euclidean algorithm with two keys k1 and k2. The keys are distributed by the trusted third party through secure channel. It provides NP-hard complexity and will not be able to disclose without knowing both keys. The security and performance of the algorithm are analyzed by comparing it with the widely used AES algorithm. Simulation results demonstrate the suitability of the proposed scheme for the vast data generating systems. Index Terms--Dual Euclidean, data security, smart grid, secure data transmission, secure message transmission.
I. INTRODUCTION Our millennium old grid system is unable to supply the todays electricity needs. There are a number of blackouts like North eastern blackouts in india, Italian blackouts which occurred in the last decade alone. There is a need for upgrading our existing electric grid facilities. The existing power generation techniques cause severe harm to the environment in the form of pollution. The integration of new power generation techniques with grid also needs high expenditure. This inflexibility and unreliability of the existing power grid urges the integration of supervisory control and data acquisition (SCADA) networks with ICT which leads to the emergence of the new technology named as smart grid. Smart grid is the network of networks that consists of various devices like Phasor Measurement Unit (PMU), Smart Meter (SM), etc to maintain the stability of the system by monitoring the real time power flow. Smart grid effectively balances the energy between generation and distribution. The reliability of the network depends on the underlying communication network. The communication infrastructure is distributed in multiple levels like Wide area network (WAN), Neighborhood
978-1-4799-3972-5/14/$31.00 ©2014 IEEE
area network (NAN) and Home area network (HAN) based on their functioning. This communication networks will provide a number of new technologies like plug-in hybrid electric vehicles, load shedding, cost savings during peak load times, etc. The working of smart grid depends on the real time data received from various domains like generation, transmission, distribution, market, etc. The data is sensitive and it needs to be well protected. Different users use the data for different purpose; for example, the electricity board needs the data for network monitoring and cost calculation. Altered data may cause severe adverse effects to the entire network. The various security methods are available for providing security to the data. Although contemporary security technologies [15], such as virtual private networks (VPNs), intrusion detection systems (IDSs), public key infrastructure (PKI), anti-virus software, firewalls, etc., have well protected the IT infrastructure, they cannot be directly deployed them in smart grid without changes due to their inherent characteristics. There is a need for refreshing or revoking cryptographic keys periodically while using the existing security algorithms. For example, the manual update of 5.5 million smart meters once a year require the processing an average of 10 key pairs every minute [1]. Even though several intrusion detection and prevention systems are available that prevent attacks effectively through machine learning techniques, the confidentiality of the data is questionable. Due to these issues, there is a need of security algorithm specifically developed for smart grid system. The algorithm must be suitable for all the communication technologies used in smart grid. II. RELATED WORK Recent works have addressed the needs of security in smart grid communication [2], and the issues in providing cyber security to the different infrastructures of smart grid [3]. In [1] [12], the author proposed a security algorithm based on attributes for data sharing. The attributes satisfying the access tree with hidden policies recursively gets the original data. The sender encrypts the data with cipher text policy attribute based encryption (CP - ABE) and stored it in the third party storage center. Those, who wants the data initially generates the token for partially decrypting the data in the storage center. This partially decrypting data only received by the authenticated
447
2014 IEEE International Conference on Computational Intelligence and Computing Research
receiver, then they fully decrypt the data at receiver end with secret keys. The author also explains the obstacle in encrypting data in smart grid. In [4], the author described a common framework secure home area network in advanced metering infrastructure (AMI) that integrates all solutions to possible attacks on the home area scenario. In [5], the Euclidean algorithm based key computation protocol for group communication is proposed. The author has enhanced the Euclidean algorithm for secure key transmission. The security analysis shows the strength of the proposed algorithm. Another key management scheme of AMI for unicast, broadcast and multicast secure communication is proposed in [6]. The author has explained the hash based proposed scheme and how it differs from different types of communication. Key refreshment schemes are also explained with the proposed scheme. The proposed scheme uses count, date and key values to generate the session keys. These session keys are used for encrypting data. The digital signature appends with the encrypted data is transmitted to the receiving end. At receiving end, the demonstration provides the authentication of the received data. In [11], a key management scheme for wide area communication is proposed along with the key evolution scheme. An Intrusion Detection and Prevention System, Collaborative smart IDPS is proposed in [16], explains the self healing, fault tolerance and self automotive nature of smart grid security. The existing studies addressed the difficulties in providing the secure data communication and the energy consumption of smart grid. This motivates to propose an efficient and secure algorithm for secure data transmission. In this paper we propose a new symmetric key based security algorithm using dual Euclidean algorithm with two keys. In symmetric key schemes, the same key is used for both encryption and decryption. The proposed algorithm will be suitable for both the command message given by the control center and the power usage data utilized by the customer. Organization The remaining sections of the paper are organized as follows: section 3 describes the overall architecture of the smart grid, section 4 details about the proposed scheme. In section 5, we simulate the proposed algorithm and its efficiency is documented. We analyze the security of the proposed algorithm in section 6 and conclude the paper in section 7.
III. SMART GRID ARCHITECTURE Smart Grid is the amalgamation of power infrastructure and information infrastructure. The power infrastructure consists of equipment like generators, transformers, circuit breakers, etc that distribute electricity with minimal disturbance. The information infrastructure is nothing but the communication network that is commonly classified as home area network (HAN), neighborhood area network (NAN) and wide area network (WAN). Each network contains different equipment for monitoring and measuring power flow and provides control messages to the equipments. We focus on the information centric architecture of smart grid. The communication architecture of smart grid is shown in Fig. 1 [8]. The innovative technology of power line communication (PLC) is specially designed for smart grid communication. The WAN collects the power usage data from aggregator, power flow data from phasor measurement unit (PMU), market related data, etc. The WAN needs the communication of high data rate and high bandwidth. WAN communicates with the master terminal unit (MTU) which acts as a main control center and there is need of large bandwidth to avoid congestion. The NAN aggregates the data from the smart meter as well as provides command message to the end network. NAN infrastructure is specially called as AMI. Timeliness management, security assurance, compatibility design and cognitive spectrum access are the major challenges in the implementation of NAN [12]. The main component of the HAN network is the smart meter that measures the energy usage of the customer. HAN needs the communication network of low bandwidth and low data rate communication network. Thus, the decentralized communication infrastructure of the smart grid is the easy prone to attacks. Many of the service providers manage the information generated by the Remote Terminal units (RTU) of smart grid [13]. Thus the security is essential for the smart grid network. The security of smart grid is in the order of availability, integrity and confidentiality. The algorithm used in wireless networks provides expected security for smart grid data but it consumes large computational time and energy. Implementing such algorithms in massive amount of devices generates high latency. Thus, the security algorithm specifically for smart grid is needed. Recently, policy based secure data transmission such as cipher text policy, key based policy [9][14] gets research importance. IV. PROPOSED SCHEME 4.1 Euclidean Algorithm Euclidean algorithm is generally used to find the common measure of two lengths. In terms of Number Theory, the Euclidean algorithm is used to find the greatest common divisor (GCD) of two positive integers. Let us consider the two numbers x > 0 and y > 0, where x > y. Divide the smaller into the larger is represented as, x = a*y + b
Figure 1. Smart Grid Communication Architecture
448
In the above equation, a is quotient and b is remainder. Divide
2014 IEEE International Conference on Computational Intelligence and Computing Research
the remainder b into the previous divisor x.
attacker knows the single key (k1 or k2), it is not easy to find the original value without knowing another key.
y = a΄*b+b΄ This process continues till the remainder is 0. The last divisor is the GCD of x and y. 4.2 Dual Euclidean Algorithm The enhanced Euclidean algorithm is used in [5] for secure key transmission. In the proposed approach, that enhanced Euclidean algorithm is used with two different keys for enciphering and deciphering purpose which provides high security with limited processing requirement and computational time. The Keys are generated and distributed to the sender and the receiver by the key Distribution Manager (KDM), which is a trusted third party. The KDM generates the key based on the condition k1 < k2, i.e., Key k1 should be less than key k2. Each letter of the message is given as input p to the encryption scheme and the smallest key k1 is used. This can be, a = p / k1
(1)
b = p mod k1
(2)
where a and b are the partial cipher text, which is encrypted with k2. cip = a * k2 + b
(3)
The same input value also gets the different cipher text value. The cipher text cip is transmitted to the receiving end, where decryption occurs. During decryption the received data is initially processed with k2 a΄ = cip / k2
(4)
b΄ = cip mod k2
(5)
4.3 Illustration Let us consider the simple example of communicating the message ‘Hello’. The key pairs are transmitted randomly as (2, 4), (3, 6), (3, 7), (4, 8), (5, 11). The ASCII value of the original message is 72, 101, 108, 108 and 111. By (1) and (2), the following pairs are generated with p = 72 and k1 = 2, as follows a = p/k1 = 72/2 = 31 b = p mod k1 = 72 mod 2=0 The output a and b are incorporated into (3), where k2 = 4 Cip = a*k2 +b = 31 * 4 + 0 = 124 Similarly, the cipher text value for e, l, l, o are 200, 252, 216 and 243 respectively. Note that the cipher value of first ‘l’ is 252 and second is 216. The above is just an illustrative example. In real implementation, the values of the text will be substituted as 128, 256, 512 and 1024 bits, instead of the ASCII values. The substitution also adds the security to the proposed algorithm. The key value will be in the size of 128, 256, 512 and 1024 bits. The substitute value for data is higher than that of the keys. Suppose if we use (3, 6) to disclose the first cipher value 124. It can be a = 124/6 = 20, b = 124 mod 6 =4 and p = 20 * 3 + 4 = 64 ≠ 72, it cannot be disclosed correctly. V. SIMULATION RESULTS
The decrypted data is same as that of the original data. The process is simple but it gives much security. Even though the
The operations used in Dual Euclidean algorithm are simple and consumes less time. The performance of the proposed algorithm is evaluated using Matlab. In the simulation studies, the TCP/IP protocol suite is used to represent the wide area network of smart grid. The proposed algorithm is implemented in the Transport layer of the protocol suite. Each smart grid device is represented as file in Matlab. Each file name is used as the unique device id. The communication is extended by calling the program file. We consider the communication network as zero delay and no packet drop network because of security reasons. But in real
Fig 2. Dual Euclidean Algorithm Various Message size data processing time
Fig 3. DEUA vs AES (Processing time for 128 bit data)
The output of the partially decrypted cipher text a΄ and b΄ is decrypted with another key k1. p = a΄ * k1 + b΄
(6)
449
2014 IEEE International Conference on Computational Intelligence and Computing Research
Fig 5. DEUA vs AES CPU usage time
Fig 4. Comparison of DEUA and AES algorithm encryption throughput
time application these parameters causes serious impact on the network. In the simulation, a substitution function is included to the command or text messages encryption for increasing security. The substitution function contains the array of different values used as alternate for ASCII values in illustration. Figure 2 shows the computational efficiency of the proposed algorithm with various message sizes. Next, the proposed algorithm is compared with AES algorithm for data transmission of different 128 bits input which is given in Figure 3. The processing time of the Dual Euclidean algorithm is compared with the AES algorithm in Figure 3. The efficiency of the proposed algorithm with AES during encryption is shown in Figure 4 by calculating the throughput of different size messages. The proposed algorithm requires limited resources than AES algorithm. This is shown by comparing the CPU usage, the amount of CPU resources required to execute the algorithm in Figure 5. From the above results, it is inferred that the proposed algorithm is suitable for communication in large data networks like Smart Grid. VI. SECURITY ANALYSIS The general algorithm of Euclidean used in proposed model for encryption is,
b = p mod k1 and cip = a * k2 +b We introduce k1 and k2. It is difficult to find p without knowing k1 and k2. It is NP hard for large size of k1, k2 and the substitution values. Even if several values are known, it is very difficult to compute p, unless the corresponding k1i’s and k2i’s are known. Suppose, P1=cip1*(k11 / k21)
(7)
P2=cip2*(k12 / k22)
(8)
P3=cip3*(k13 / k23)
(9)
cip1*(k11/k21) = cip2*(k12 / k22)
450
c1 = (k12 / k22) * (k21 / k11)
(10)
Similarly, From (8) and (9), c2 = (k13 / k23) * (k22 / k12)
(11)
From (7) and (9), c3 = (k11 / k21) * (k23 / k13)
(12)
Thus from [4], we also have only three equations as (10), (11) and (12), but we have more than 4 unknown elements (k11, k21, k12, k22, k13, k23). So, finding each plain text data, we need two key values. The same data can produce the different cipher text because of using different keys. Without knowing both key values the original data cannot be retrieved. The substitution function further adds the security. Even keys are known, without knowing the substitution values it is not possible to decrypt the original data. VII. CONCLUSION
a = p / k1
From (7) and (8),
cip1 / cip2 = (k12 / k22) * (k21 / k11)
The reliability of the smart grid depends on the real time data collected from the smart grid environment. The smart grid supports the security algorithm providing high security and also executes at rapid speed only. Using modern devices, 128 bit keys can be easily compromised through brute force attack. Increase in the key size increases security but also increase the size and computation time needed. In this study, we proposed the Dual Euclidean algorithm for secure data sharing in smart grid. The proposed algorithm executes at rapid speed makes the algorithm suitable for smart grid data transmission. The security of Dual Euclidean algorithm increased as twice by using two keys. The proposed scheme provides high security against attacks like DOS, brute force attack, etc. The computation overhead during decryption is independent of the size of the length of the message. Compared to many standard algorithms, the computation efficiency is enhanced in the proposed algorithm. The performance of the proposed algorithm is analyzed by implementing it in Matlab and the results are displayed. Future Enhancement Even though, Key chaining techniques [11] effectively
2014 IEEE International Conference on Computational Intelligence and Computing Research
supplies the key for smart grid computation, need of two keys for encrypting the single data leads to the high cost consumption process and also slow down the process. Our future enhancement is to propose the efficient key management scheme suitable for our Dual Euclidean Algorithm. REFERENCES [1] Junbeom Hur, “Attribute Based Secure Data Sharing with Hidden Policies in Smart Grid”, IEEE Transaction on Parallel and Distributed Systems, Vol.24, No.11, November 2013. [2] Ye Yan, Yi Quan, Hamid Sharif and David Tipper, “A Survey on Cyber Security for Smart Grid Communications”, IEEE Communications Surveys and tutorials, Vol.14, No.4, Fourth Quarter, 2012. [3] Jing Liu, Yang Xiao, Shuhui Li, Wei Liang and C. L. Philip Chen, “Cyber Security and Privacy Issues in Smart Grids”, IEEE Communications Surveys and Tutorials, Vol.14, No.4, Fourth Quarter, 2012. [4] Vinod Namboodiri, Visvakumar Aravinthan, Surya Narayan Mohapatra and Ward Jewel, “Toward a Secure Wireless-Based Home Area Network for Metering in Smart Grids”, IEEE Systems Journal, Vol. 8, No.2, June 2014. [5] K. Kartheeban and M. Venkatesulu. “EAB – Euclidean Algorithm Based Key Computation Protocol for Secure Group Communication in Dynamic Grid Environment”, International Journal of Grid and Distributed Computing, Vol. 3, N0. 4, December. 2010. [6] Nian Liu, Jinshen Chen, Lin Zhu, Jianhua Zhang and Yanling He, “A key Management Scheme for Secure Communications of Advanced Metering Infrastructure in Smart Grid”, IEEE Transactions on Industrial Electronics, Vol. 60, No. 10, October 2013. [7] Ye Yan, Rose Qingyang Hu, Sajal K.Das, Hamid Sharif and Yi Qian, “An Efficient Security Protocol for Advanced Metering Infrastructure in Smart Grid”, IEEE Network, July/August 2013.
[8] Emilio Ancillotti, Raffaele Bruno and Marco Conti, “The role of Communication Systems in Smart Grids: Architectures, technical solutions and Research Challenges”, Computer Communications, Elsevier, 2013. [9] Zubair Md. Fadlullah, Nei Kato, Rongxing Lu, Xuemin Shen, Yousuke Nozaki, ”Toward Secure Targeted Broadcast in Smart Grid ”, IEEE Communications Magazine, May 2012. [10] Meikang Qiu, Wenzhong Gao, Min Chen, Jian-Wei Niu and Lei Zhang, “Energy Efficient Security Algorithm for Power Grid Wide Area Monitoring System”, IEEE Transactions on Smart Grid, Vol. 2, No. 4, December 2011. [11] Yee Wei Law, Gina Kounga and Anthony Lo, “WAKE: Key Management Scheme for Wide Area Monitoring Systems in Smart Grid”, IEEE Communications Magazine, January 2013. [12] Weixiao Meng, Ruofei Ma and Hsiao-Hwa Chen, “Smart Grid Neighborhood Area Networks: A Survey”, IEEE Network, January/February, 2014. [13] Sushmita Ruj and Amiya Nayak, “A Decentralized Security Framework for Data Aggregation and Access Control in Smart Grid”, IEEE Transactions on Smart Grid, Vol. 4, No. 1, March 2013. [14] Junboem Hur, “Improving Security and Efficiency in Attribute-Based Data Sharing”, IEEE Transaction on Knowledge and Data Engineering, Vol. 25, No. 10, October 2013. [15] Anthony R. Metke and Randy L. Ekl, “Security technology for Smart Grid Networks”, IEEE Transactions on Smart Grid, Vol. 1, No. 1, June 2010. [16] Ahmed Patel, Joaquim Celestino Junior and Jens Myrup Pedersen, “An Intelligent Collaborative Intrusion Detection and Prevention System for Smart Grid Environments”, CSI – 02874, Elsevier, 2013.
451
