A Computationally Efficient Method for Increasing Confidentiality in Smart Electricity Networks

Abstract

Safeguarding the data collected by smart meters is essential because the disclosure of this information may threaten the privacy of the consumer. By obtaining them, hackers can find out the behavior of the person and use that information for malicious purposes. Therefore, the anonymity of such information can prevent the occurrence of risks. Given the paramount significance of user privacy and data integrity, this paper primarily investigates the confidentiality, integrity, and anonymity of messages. This paper aims to develop a platform for determining dynamic pricing to coordinate supply and demand, thereby maximizing the efficiency of facilities. In the previous research, the operation center was not authenticated for the customer in the first step, and they also had a heavy computational cost. But this paper has endeavored to develop an efficient and comprehensive privacy-preserving solution for the smart electricity network. Also, it has tried to cover all the required security objectives by dealing with authenticity, confidentiality, and irrefutability. The method of the research is that two entities mutually authenticate each other and reach a key agreement so that if the operation center wants to send a control command, it can send control commands directly to the meter with less time complexity. The power company sends control commands and requests to the smart meters until the analyzed and collected energy consumption data are transmitted. The data aggregator node gathers the data from the meters. The results showed that the proposed method reduced the computational complexity and communication overhead to a satisfactory level and is also resistant to various attacks.

1. Introduction

A stable and secure energy supply is essential for both economic and social development. The reliability of the electricity network is at risk due to intentional voltage drops and power cuts. Due to the growth of needs and demands, the increase in population, and the obsolescence of the old electricity infrastructure, there are challenges that force us to rebuild the global electricity grids. To address these challenges, smart electricity grids were deployed, offering a wide range of benefits. Cybersecurity and privacy protection in smart electricity grids are the most important challenges (Krause et al., 2021) [1]. The advanced measurement infrastructure used in smart power grids, on the one hand, allows us to implement more powerful mechanisms to defend against attacks and handle failures, and on the other hand, reveals many new vulnerabilities (Mahmoud et al., 2019) [2].

Smart meters are advanced meters that measure energy consumption in more detail than traditional meters (Carmody et al., 2021) [3]. These meters return relevant communication information to the facility for monitoring and billing purposes (Rong et al., 2020) [4]. A smart meter is connected to several devices inside the smart home (Efthymiou & Kalogridis, 2010) [5]. These meters are expected to automatically provide accurate readings at requested time intervals for power companies, power distribution networks, or more widely, smart power networks (Li et al., 2021) [6]. The motivation of the authors to present a plan for the topic of the current paper and to try to propose a plan that will improve the security of smart meters is that smart meters are one of the most attractive targets for hackers because vulnerabilities can easily be a source of income for hackers (Murrill et al., 2012) [7]. A hacker who compromises a smart meter can quickly manipulate the cost of energy or falsify the meter’s generated energy reading to earn money (Ghiasi et al., 2023) [8]. Therefore, this research problem is to develop a secure and efficient anonymous messaging system for smart grids, protecting users’ privacy from malicious hackers, motivated by the security vulnerabilities identified in different smart grid equipment in Figure 1.

A summary of the related work done on the subject of the research will be presented and reviewed in the following text. Safeguarding the data collected by smart meters is essential because the disclosure of this information may threaten the privacy of the consumer (Kumari et al., 2011) [9] and (Liu et al., 2014) [10]. Collected data may be used maliciously to reveal customer information such as habits, behaviors, activities, preferences, and even beliefs (Milaj and Mifsud Bonnici, 2016) [11]. The operation center leverages incremental and non-incremental functions to process data collected from the data collection system and generate a report on the current state of electricity based on supply and demand, which is then disseminated as a message. (McKenna et al., 2012) [12]. It is sent to the subscribers so that they can use it to reduce the cost of their electricity consumption by planning. The problem is that some meter measurement data, which is electrical information related to the user’s private life, may endanger the customer’s privacy if disclosed (Reinhardt et al., 2013) [13]. By obtaining this information, the hacker can find out the behaviors and habits and other information related to the person’s characteristics and use that information for his malicious purposes, or, in a simpler case, by receiving this information, if the amount of energy consumption is approximately zero, realize that there is no one in the house and can steal from that house (Asghar et al., 2017) [14]. Of course, various studies show that the motivation of attackers to threaten and attack the communication network is different, including obtaining financial benefits (Völker et al., 2021) [15], (Marah et al., 2020) [16], taking personal revenge (Brown, 2014) [17] and (Wu et al., 2014) [18], for entertainment purposes (Webborn et al., 2019) [19] and (Wen et al., 2018) [20], or to prove their ability (Chen et al., 2023) [21] and (King & Jessen, 2014) [22]. The electricity company also needs this information to determine the price of electricity dynamically, so it does not need to know which subscriber this consumption pattern belongs to (Beckel et al., 2014) [23]. Therefore, the anonymity of such information, which is one of the challenges of the current paper, can prevent the occurrence of such risks, so that if this information is disclosed, no one will be able to attribute it to any meter.

Sensitive security topics are usually discussed under the CIA triangle, where accessibility is achieved by providing confidentiality and integrity of customer information. With respect to the issue of confidentiality, the smart grid is responsible for safeguarding user data. If it is disclosed, a lot of information about the user will be given to the attacker (Kalogridis, 2013) [24] and (Yen et al., 2019) [25]. Regarding the integrity of messages received from users, they must be authenticated. The network must ensure that the information is not manipulated or that fake messages are not injected into the network. Also, the source of the message must be authenticated (Mirshekali et al., 2021) [26] and (Cavoukian & Kursawe, 2012) [27]. Regarding data accessibility, the electricity company must be able to access data related to billing and energy consumption measurement. Also, data related to control and management orders should be accessible to the customer. Likewise, electricity must be available to the customer at any time (Reinhardt & Pereira, 2021) [28] and (Hoogsteyn, 2022) [29]. Some researchers have tried to increase the security of smart grids using machine learning methods, like the recent studies by Zhang et al. (2022) [30] and (2023) [31]. In the design proposed by Efthymiou and Kalogridis (2010) [5], the time intervals adopted for the purpose of anonymity were very clever and interesting, but the problem with this method is that the identifiers are embedded in the meter. Another challenge is the centralization of system management by a trusted third party. It provides high-frequency data anonymity and is aware of the connection between CDP and ADP. Consequently, this plan presents several problems, including the need to hand over the key and the vulnerability to attacks such as insider attacks, masquerade attacks, and server spoofing. In the design of Liu et al. (2014) [10], the general working principle was very good, and a strong security mechanism has been applied for this work, but the problem with this method is that the operation center is not authenticated for the customer in the first step. Second, creating a secure channel is expensive, and in this method, the secure channel is only needed to transfer the key to the client. Therefore, symmetric key agreement methods can be used to generate keys independently. Third, session key generation and blind signature validation are based on two-way pairing, and we have four “two-way” pairing operations. This operation requires approximately 20 times the computational resources of point multiplication on an elliptic curve. Therefore, due to the limited resources in smart power grids, it is not reasonable to use such methods with heavy computational costs.

The limitation of the aforementioned related research is that most of these studies were in the fields of integrity, confidentiality, and accessibility. Despite the great importance of anonymity, there are fewer studies in this field. This paper aims to achieve the following security goals: confidentiality, accessibility, anonymity, and non-repudiation.

The proposed method in this paper is to provide an efficient method with a lower computational cost regarding all the security objectives required in this field. Considering the importance of user privacy and data integrity, the focus of this paper is on the confidentiality, integrity, and anonymity of the message. To provide security according to the limitations of the smart power grid, the proposed method is underpinned by elliptic curve cryptography. The objective of this paper is to create a platform for determining dynamic pricing to coordinate supply and demand so that the efficiency of the facilities can be maximized. The power company sends control commands and requests to the smart meters until the energy consumption data that has been analyzed and collected is sent. The data aggregator node collects the data from the meters. The mass volume of this data increases the security vulnerability, as well as if some user information is leaked. In the meantime, it endangers people’s privacy. This paper has endeavored to develop an efficient and comprehensive privacy-preserving solution for the smart electricity network. Also, it has tried to cover all the required security objectives by dealing with authenticity, confidentiality, and irrefutability.

Validation of the proposed method was done by comparing its results with recent research carried out in 2014 and 2020 to show that the proposed design can provide less time complexity and computational cost without the need for two-way coupling calculations.

The summary of the obtained results can be expressed as follows: in this paper, an attempt was made to propose a design that has less time complexity compared to previous research over the past 10 years, does not require two-way coupling calculations, and meets security goals against hacker attacks.

Anonymity in messaging is a critical privacy protection for individuals. The significance of the results of this paper in summary is that by considering anonymity in messaging, we can prevent hackers from stealing the house with zero consumption of smart meters, as shown in Figure 2.

The organization of this paper is as follows: First, the proposed plan will be thoroughly examined, and its implementation steps will be explained in detail. Next, the results of this paper will be compared to those of previous research, and the effectiveness of the proposed method relative to previous designs will be demonstrated. Finally, the conclusions drawn from the obtained results will be presented.

2. Presented Design

Due to the limited resources, as well as reducing the network traffic and solving the problem of handing over the key, the elliptic-curve cryptography (ECC)-based certificate-free plan has been used. Also, to reduce the communication overhead and computational complexity, two-way coupling calculations have been completely omitted. In this paper, a partial blind signature was used to protect the privacy and anonymity of the message. Taking the above into consideration, in this article, an attempt has been made to present a seven-step design based on ECC without two-way coupling calculations to maintain privacy and data integrity in meter communications and data aggregating nodes in the smart electricity grid. The security of the proposed scheme is based on the difficulty of solving the elliptic curve discrete logarithm problem (ECDLP). ECC-based schemes offer the same level of security compared to other encryption methods, including RSA, but with a shorter key length. In this section, a scheme for maintaining the privacy of the smart grid based on message anonymity is presented. To overcome the shortcomings of previous methods, the elliptic curve-based method without bilateral coupling calculations is used. Also, the ECC-based certificate-less scheme and partial blind signature are used to solve the key handover problem. In this plan, the smart meter and the operation center are authenticated, and the AES-based symmetric key break is agreed upon. The operation center is responsible for managing the entire proposed system. Timestamps are used to avoid replay attacks. In this way, it is assumed that the exact current time is determined by the operation center, and there is time synchronization between the operation center and the smart meters. In this design, it is assumed that each entity has a unique identifier. The proposed plan has two entities, the operation center and the smart meter, which are connected to each other. Principally, an initial password pw is shared between each meter and the operation center. The meters start their communication with the operation center using these PWs. The notation of the proposed scheme is shown in

Table 1. The notation of the proposed scheme.

Symbol	Details
$n$	Order of field
$p$	Large prime number
$GF\left(n\right)$	Galois filed
E	Elliptic curve on the Galois field of Fq
G	A basic point in an elliptic curve
$\widehat{H}\left(0\right)$	Hash function to convert a string to a number in the multiplicative field
H(0)	Hash function for messages of length m
${ID}_i$	Entity ID i
$OC$	Operations center
$(S_{OC}·Q_{OC}$)	The private and public keys of the operation center
$d_i$	Partial private key of entity i
${SK}_i$	Private key of entity i
$Q_i$	Public key of entity i
$E_k\left(0\right)$	Cryptography based on the AES algorithm
$D_k\left(0\right)$	Decoding based on the AES algorithm
$T_i$	Timestamp
${PBS}_i$	Partial blind signature
$\delta$	Digital signature
$\mathrm{Ᵽ}$	Collection ID
$\parallel$	Concatenation
$pw$	The initial password shared between the smart meter and the operation center

.

The steps of the proposed plan, including 7 steps and the details of each step, are shown in

Table 2. The steps of the proposed plan.

Steps	Details of Step
Step 1: Setup	Definitions of hashing functions and symmetric encryption types are defined. Also, the operation center (OC) will specify its private and public keys.
Step 2: Registration	Subscribers’ public and private keys are generated and registered based on ECC-based certificates.
Step 3: Mutual authentication and key agreement	While mutually authenticating the meter and the power company, both entities reach a key agreement.
Step 4: Cryptographic token issuance	A cryptographic token is issued based on an ECC-based partial blind signature for message anonymity.
Step 5: Collection notification	The power company announces the collection and sending of its energy consumption data by publishing the collection ID to all smart meters.
Step 6: User data generation	The data are encrypted and sent anonymously to the electricity company.
Step 7: Collection, receipt, and response	Collected data are received, and incremental and non-incremental functions are applied to them in order to determine dynamic pricing to match electricity supply and demand. The response to this dynamic pricing is published in the form of a message to all smart meters.

. The description of each of the stages of the proposed plan is mentioned below.

Before discussing various parts of the proposed method, it is very important to provide a holistic overview of the entire method. This block diagram is shown in Figure 3. The encryption signature and signature decryption scheme are shown in Figure 3a,b, respectively.

2.1. Description of Step 1: Setup

1-Choosing the size and type of Galois field;

Q can be used in two ways: If q = p is chosen, then p must be a large prime number. This field is used for software implementation. If q = 2^m is chosen, m represents the size of the field. Since the addition in this Galois field is done without carrying digits, it is suitable for hardware implementation.

2-The choice of two parameters a, b ∈ F_q to define the equation of the elliptic curve E on the field F_q is in Equation (1):

$$y^2+xy=x^3+a{x}^2+b$$

(1)

3-Determine the base point for the desired elliptic curve;

4-Determining the order of the base point of the elliptic curve (n): As an input, this algorithm selects k bits from the prime number p of 2^m and determines the value of n (n = 2^k);

5-Definition of two hashing functions: Ĥ: ${\left\{\mathrm{0,1}\right\}}^{\ast }$→ $Z_n^{\ast }$ and H: ${\left\{\mathrm{0,1}\right\}}^{\mathrm{m}}$→ $Z_n^{\ast }$;

6-The operation center selects the random number s_OC in the interval [2, n − 1] as its private key: $S_{oc}\in Z_n^{\ast }$;

7-The operation center calculates its public key as follows, which is the result of a point on an elliptic curve with coordinates (x_oc, y_oc) in Equation (2):

$$Q_{oc}=S_{oc}\ast G$$

(2)

8-The operation center defines two encryption and decryption functions, EK(0) and DK(0), based on the AES algorithm. The output of this algorithm is Params, which is published publicly. Params contains general system parameters: Params = {F_q, E/F_q, p, G, Q_oc, Ĥ, H, E_K(0), D_K(0)}.

2.2. Description of Step 2: Registration

It is assumed that an initial password (pw) is shared between each smart meter and the operation center in order to establish the initial communication. Similarly, the subscribers know the ID of the operation center.

1-Determining the series value: ith smart meter with ID_i selects a random number $b_i\in Z_n^{\ast }$ in the interval [2, n − 1] and then calculates Equation (3):

$$X_i=b_i·G$$

(3)

The ith smart meter then sends (I, ID_i) to the operation center to generate its partial private key by performing the following calculations (Equations (4) and (5)):

P = Ĥ(pw‖ID_oc‖ID_i

(4)

I = E_P(X_i)

(5)

By encrypting X_i, the ith smart meter will be sure that the receiver (I, ID_i) is only the operation center that has pw. Also, the operator of the operation center will be sure that the virtual person sent this message by receiving (I, ID_i).

2-Determining the partial private key: This section is implemented by the operation center in order to generate the partial private key of smart meters. After receiving (I, ID_i), the operation center performs the following calculations (Equations (6) and (7)):

P = Ĥ(pw‖ID_oc‖ID_i)

(6)

X_i = D_P(I)

(7)

Then it chooses a random number $r_i\in Z_n^{\ast }$ and calculates the following relations:

$$R_i=r_i·G$$

(8)

d_i = (r_i + x_oc·Ĥ(ID_i‖R_i‖X_i)) mod n

(9)

where d_i is the partial private key of ith smart meter.

OC selects a random number $w\in Z_n^{\ast }$ in the interval [2, n − 1] as its series value and calculates its inverse ($w^{-1}$). Then, by calculating the following relations (Equations (10)–(12), it sends (d_i, R_i, W) to the ith smart meter in encrypted form. It should be kept in mind that the value of W is fixed for each data collection period, and like the general click, it is calculated only once and sent to all authorized smart meters during the registration phase.

W = w⁻¹·G = (xw, yw)

(10)

x_oc·X_i = x_oc·bi·G = (x₁, y₁)

(11)

$$d_i^{\prime }=E_{Ĥ\left(x^1{}^{\Vert }p{w}^{\Vert }{y}^1\right)·(d_i, R_i, W)}$$

(12)

3-Partial private key validation: After receiving $d_i^{\prime }$, ith smart meter decrypts it by performing the following calculations (Equations (13) and (14)). Then it stores W. W is used to generate the key in the seventh algorithm of the proposed design of the current paper.

b_i·Q_oc = b_i·x_oc·G = (x₁, y₁)

(13)

$${\mathrm{d}}_{\mathrm{i}},{\mathrm{R}}_{\mathrm{i}},\mathrm{W}=D_{Ĥ\left(x^1{}^{\Vert }p{w}^{\Vert }{y}^1\right)} (d_i^{\prime })$$

(14)

It then validates its partial private key using the following relationship:

d_i·G = R_i + Q_oc·Ĥ(ID_i‖R_i‖X_i)

(15)

4-Determining the private key of entity i: The private key of the ith smart meter is calculated using the following relationship (Equation (16)):

SK_i = (d_i + b_i) mod n

(16)

5-Determining the public key of entity i: The private key of the ith smart meter is calculated using the following relationship (Equation (17)):

Q_i = SK_i·G = (x_i, y_i)

(17)

After computing its public key, ith smart meter makes it publicly available to everyone.

2.3. Description of Step 3: Mutual Authentication and Key Agreement

It is necessary to have a secure connection between the smart meter and the operation center. For this purpose, there must be a common key between these two entities to encrypt and decrypt the necessary messages. In this step, the two entities of the smart meter and the operation center are verified with each other to finally reach a symmetric key agreement.

1-ith smart meter calculates the following relations (Equations (18) and (19)) and sends the value of S to OC.

Q_ioc = SK_i·Q_oc = SK_i·x_oc·G = (x_ioc, y_ioc)

(18)

S = Ĥ(x_oc‖x_i‖x_ioc)

(19)

2-OC authenticates the ith smart meter by validating the S value using the following relations (Equations (20)–(22)). If the validation tie is not established, it disconnects with ith smart meter. If the tie is equal, it calculates the value of T and sends it to ith smart meter.

x_oc·Q_i = SK_i·x_oc·G = (x_ioc, y_ioc)

(20)

S′ = Ĥ(x_oc‖x_i‖x_ioc)

(21)

S =? S′
T = Ĥ(y_oc‖y_i‖y_ioc)

(22)

3-After receiving the value of T, ith smart meter validates it by calculating Equation (23), and if there is a tie, the operation center is authenticated as an authorized entity for ith smart meter; otherwise, it disconnects.

T′ = Ĥ(y_oc‖y_i‖y_ioc)

(23)

T = ? T′

4-Finally, two entities, ith smart meter and the OC, reach a key agreement, as shown in Equation (24):

Ki = Ĥ(x_oc‖x_i‖x_ioc‖pw‖y_oc‖y_i‖y_ioc)

(24)

2.4. Description of Step 4: Cryptographic Token Issuance

In this step, a blind elliptic curve-based signature is generated as a cryptographic token. To prevent the injection attack and the sending of false data into the network, a partial blind signature has been used. In this type of signature, the two parties, namely the signer (OC) and the signature requester (ith smart meter), agree on a series of information, provided that the signed message cannot be attributed to any smart meter using that information, not even the operation center itself. In the proposed design, instead of this agreed information, the collection identifier is considered, which is chosen by the operation center in each period of data collection and is fixed until the end of the proposed scheme. This identifier must be re-selected by the operations center at each data collection and response period (meaning the entire implementation of the proposed design protocol). This value is constant among all entities.

1-Signature (first part): The operation center selects a random number $e_i\in Z_n^{\ast }$ in the interval [2, n − 1] and calculates Equation (25). Then OC sends the value (E_i, Ᵽ) to ith smart meter. (All communication between the sender and receiver is secure.)

E_i = ei· Ĥ(Ᵽ)·G

(25)

2-Blinding: The requester selects two blind factors ${\alpha }_i, {\beta }_i\in Z_n^{\ast }$ randomly in the interval β [2, n − 1] and calculates the value of F_i using Equation (26). If the value of F equals O, the requester must reselect the values of the blind factor and recalculate the value of F_i.

$$F_i={\beta }_i·E_i+{\alpha }_i{\beta }_i{Q}_{oc}=(x_0,y_0)$$

(26)

Then subscriber i chooses a random number $f_i\in Z_n^{\ast }$ in the interval [2, n − 1] and blinds the message text containing f_i·G by calculating Equations (27) and (28). Then, it sends $M_i^{\prime }$ to the signer (OC) for signature.

$${\rho }_i=x_0\mathrm{mod} \mathrm{n}$$

(27)

$$M_i^{\prime }={\beta }_i^{-1}·{\rho }_i·H\left(f_i·G\right)+{\alpha }_i$$

(28)

1-Signing (Part II): After receiving $M_i^{\prime }$, the signer signs it with his private key using Equation (29). It then returns the Š_i to the requester.

$$Ši={\mathrm{s}}_{\mathrm{oc}}·{\mathrm{M}}_{\mathrm{i}}^{\prime }+e_i·Ĥ(Ᵽ)$$

(29)

2-Unblinding: After receiving his signed text, the requester unblinds it using Equation (30).

$${\mathrm{S}}_{\mathrm{i}}={\beta }_i·{Š}_i$$

(30)

Finally, the requester declares that PBS_i = ($S_i,F_i$) is the signature of his message.

3-Signature validation: The PBS_i signature is validated on the H(f_i, G) message with a collection ID of Ᵽ using Equation (31) equality validity.

Si·G = ρi·H(fi·G)·Qoc + Fi = (βi·Ši)·G = (βi·(soc·Mi’ + ei·Ĥ(Ᵽ)))·G = (βi·(soc·(βi−1·ρi·H(fi·G) + αi) + ei·Ĥ(Ᵽ)))·G = (βi·(soc· βi−1·ρi·H(fi·G) + soc·αi + ei·Ĥ(Ᵽ)))·G = (soc·ρi·H(fi·G) + soc·αiβi + βi·ei·Ĥ(Ᵽ))·G = ρi·H(fi·G)·Qoc + βi·Ei + αiβi·Qoc = ρi·H(fi·G)·Qoc + Fi

(31)

2.5. Description of Step 5: Collection Notification

In order to collect data by meters, the operation center must first perform the following steps for subscribers to collect data:

1-Create message Ᵽ‖T1 where T1 is the timestamp to prevent replay attack.

2-Computation of a digital delta signature on the Ᵽ‖T1 message using the private key of the operation center based on the elliptic curve digital signature algorithm (ECDSA). This algorithm is used because of its high security, good application performance, high speed of verification, support for government standards, and compliance with modern requirements.

3-The message (Ᵽ‖T1‖δ) is broadcast to subscribers as a collection request.

2.6. Description of Step 6: User Data Generation

Suppose that the shared ith smart meter has collected n types of data (d_i1, d_i2, …, d_in). After receiving the collection request message (Ᵽ‖T1‖δ) from the operation center, consumer i performs the following steps:

1-Checking the time tag T1: The user obtains his clock, which is synchronized with the clock of the operation center, and calculates the difference between his clock and the time tag. If the difference is greater than the defined threshold, the message is ignored.

2-Validity check Ᵽ: The collection ID Ᵽ in the received collection request message must be the same as the collection ID at the cryptographic token issuance stage.

3-Signature validity must be validated by the OC public key.

4-Subscriber i should calculate Equation (32) and use it to encrypt the collected data (d_i1, d_i2, …, d_in) through Equation (33).

f_i.Q_oc = f_i·x_oc·G

(32)

C_i = Ef_i·x_oc·(d_i1, d_i2, …, d_in, T₂)

(33)

5-Creating a message (C_i‖f_i·G‖PBS_i) and sending it to the operation center.

2.7. Description of Step 7: Collection Receipt and Response

After receiving n records from subscribers, the operation center performs the following steps:

1-Signature validation: The partial blind signature of PBS_i on the message H (f_i·G) with Ᵽ as collection ID is validated using the equality correctness of Equation (31).

2-Using the key (34), the operation center decodes C_i through relation (35) to obtain (d_i1, d_i2, …, d_in).

D_fi·xoc·G = x_oc·f_i·G

(34)

(d_i1, d_i2, …, d_in, T₂) = D_fi·xoc·G (C_i)

(35)

It should be noted that partial blind signature validation using batch verification techniques is acceptable. After validating and decoding consumer reports, the operations center performs calculations by applying both incremental and non-incremental functions to the reports collected from subscribers. According to the collection results, the operation center can encourage subscribers to manage their electricity consumption and even out the ratio of electricity supply and demand with dynamic pricing on the electricity tariff. Therefore, with this work, the efficiency of electricity can be maximized. For this purpose, the OC publishes the message m related to the current power status report in the form of a response to the subscribers. The operation center performs the following steps:

1. OC chooses two random numbers h, k ∈ Z_n^∗ in the interval [2, n − 1] and calculates the following relations:

J = h·k·w mod n

(36)

K_t = h·k·G = (x_Kt),

(37)

K_s = Ĥ(x_oc‖ x_Kt‖x_w‖ID_oc‖y_oc‖y_Kt‖y_w)

(38)

where w is the same series circuit that OC had chosen during the registration step and K_s is the session key that can be encrypted with the report response set.

2. OC encrypts the message m with the key Ks using the following relation:

L = (m)

(39)

3. OC signs the package (J, L, T3) with its private key based on the ECDSA algorithm and publishes (J‖L‖T3‖δ).

4. After receiving (J‖L‖ T3‖δ), consumers perform the following steps:

(a) Checking the validity of the T3 time tag.

(b) Signature validation using the OC public key.

(c) Finally, if the validity of the signature is correct, consumers decrypt L by computing the following relations:

K_t = J·W = h·k·w·w⁻¹·G = h·k·G = (x_Kt),

(40)

K_s = Ĥ(x_oc‖x_Kt‖x_w‖ID_oc‖y_oc‖y_Kt‖y_w)

(41)

m = D_K (L)

(42)

By reporting the current electricity situation, subscribers can measure their electricity consumption and adjust their electricity consumption to low energy consumption hours to reduce their bills.

3. Results

The proposed scheme provides seven security features, which are: message confidentiality, authentication, authenticity, non-falsification, non-repudiation, forward confidentiality, and anonymity. The proof of these results for the proposed scheme is based on solving the complicated problem of ECDLP and the elliptic curve Diffie–Hellman (ECDH). In the following text, we evaluate the proposed plan and compare it with a similar plan.

Table 3. Details of the symbols.

Symbol	Description
$T_{MUL}$	Time complexity for implementing modular multiplication
$T_{EXP}$	Time complexity for implementing modular exponentiation
$T_{ADD}$	Time complexity for implementing modular addition
$T_{EC-MUL}$	Time complexity for implementing scalar multiplication
$T_{EC-ADD}$	Time complexity for implementing scalar addition
$T_{INV}$	Time complexity for implementing the inverse in the field
$T_{Pa}$	Time complexity for implementing two-way pairing calculations

shows all the symbols used for comparison and measurement.

In

Table 4. Time complexity of different operational units in terms of modular multiplication.

Time Complexity in Terms of Modular Multiplication	Time Complexity of Every Operational Units
$T_{EXP}$	$240*T_{MUL}$
$T_{ADD}$	Negligible
$T_{EC-MUL}$	$29.3*T_{MUL}$
$T_{EC-ADD}$	$0.12*T_{MUL}$
$T_{INV}$	$3*T_{MUL}$
$T_{Pa}$	$586*T_{MUL}$

, the time complexity of the implementation of different operational units is specified in terms of the execution time of the modular multiplication.

The computational cost of each unit of binary coupling calculations is 20 times the scalar multiplication. Therefore, each unit of binary coupling calculations costs 581 times a modular multiplication. In

Table 5. Comparing the time complexity of the proposed plan with the previously presented plan.

Need to Perform Two-Way Pairing Calculation	$\mathbf{In} \mathbf{Terms} \mathbf{of} {\mathit{T}}_{\mathit{M}\mathit{u}\mathit{l}}$		Time Complexity		References
	OC	User	OC	User
Yes	(58.6n + 1493.9)TMUL	1380.1TMUL	(2n + 3)TEC-MUL + 2TPa + TEXP	7TEC-MUL + TINV + 2TPa	Liu et al., 2014 [32]
Yes	(n. TMUL)	254.13 TMUL	(n. TMUL)	4Te + 8TMUL + 4TH + 3Tb	Wang et al., 2020 [10]
No	(1.12n + 301.12)TMUL	330.54TMUL	10TEC-MUL + (n + 1)TEC-ADD + (n + 5)TMUL + TINV	11TEC-MUL + 2TEC-ADD + 5TMUL + TINV	Proposed design

, the time complexity of the proposed method is compared with the previously presented designs. First, the total required time costs, according to the execution time of each of the operators, are determined for the previous and proposed plans. Then, according to Table 4, all the times are expressed in terms of the time required to perform the modular multiplication. In the research of Wang et al., 2020, the value of T_b (time of blinding factor updating) was not directly mentioned, but by assuming 500 users to update blinding factor, it can be stated from their results that T_b is 119 ms, and so this parameter can be stated in terms of $T_{Mul}$.

According to Table 5, the proposed plan has significantly reduced the time complexity of calculations compared to Liu’s [32] plan, and the results are close to the research results by Wang et al., 2020 [10].

The proposed scheme does not have two-way coupling calculations, but Liu et al.’s and Wang et al.’s schemes, which have two-way coupling calculations, incur a large computational cost on both sides of the entity.

Table 6. Comparison of the proposed plan with the previous research based on security objectives and attacks.

Security Objectives and Attacks	Liu et al., 2014 [32]	Wang et al., 2020 [10]	Proposed Plan
Confidentiality	Yes	Yes	Yes
Integrity	Yes	Yes	Yes
Non-repudiation	Yes	Yes	Yes
Anonymity	Yes	Yes	Yes
Forward Confidentiality	No	No	Yes
Data authentication	Yes	Yes	Yes
Mutual authentication	Yes	Yes	Yes
Replay attack	Yes	Yes	Yes
Insider attack	Yes	Yes	Yes
Chosen plaintext attack	Yes	Yes	Yes
Spoofing attack	Yes	Yes	Yes
MITM attack	Yes	Yes	Yes

shows the comparison of the proposed plan with the previous research based on security objectives and attacks. In general, the cost of projects based on augmentation is much higher than the cost of projects based on ECDLP.

In the proposed method, the two entity schemes are mutually authenticated and reach a key agreement so that if the operation center intends to send a control order and real-time messages, it has the ability to send them directly to the ith meter with less time complexity.

Also, the production of private and public keys in the proposed plan is based on no certificates, so due to the limited resources in the smart electricity network, the communication overhead that the verification of certificates imposes on the sender and receiver in each session is eliminated. The partial private key can also be validated so that the consumer can ensure the authenticity of his key.

4. Conclusions

The smart meter plays a key role in providing monitoring and control capabilities in the smart electricity network. In fact, the smart meter provides communication between the customer and the electricity company through software implementation. Currently, there are many security issues in the field of smart meters in terms of vulnerabilities and attacks. The financial benefits obtained by manipulating the smart meter have multiplied the importance of its security. On the other hand, in the architecture of the smart electricity network, privacy issues are serious. The meters collect the most detailed information and send it to a database on the server of the electricity company. This data are information about the energy consumption profiles of customers and can include when users are at home, when they are not at home, or when they are preparing food. Therefore, creating a security mechanism to protect privacy and data accuracy is of particular importance, which is the main goal of this paper.

In the proposed method, two entities mutually authenticate each other and reach a key agreement so that if the operation center wants to send a control command and real-time messages, it can send them directly to the meter with less time complexity. As mentioned in the results, the proposed method in this paper does not have two-way coupling calculations, but Liu et al.’s method (2014) [32] and Wang et al.’s method (2020) [10] have two-way coupling calculations and experience a large computational cost on both sides of the entity.

Moreover, to equalize supply and demand, the electricity company needs a procedure to encourage the subscribers to manage their electricity consumption and reduce their bills, and in the same way, the electricity company can maximize the efficiency of its facilities. This paper endeavors to provide a mechanism for the desired platform by addressing issues and encompassing all essential security objectives. Comparisons and security analyses of the proposed scheme prove that it has reduced the computational complexity and communication overhead to a satisfactory level and is also resistant to various attacks.

5. Future Works

In the future, it has been decided to improve the proposed scheme so that the heavy computing cost on the OC side is shared among the electricity subscribers. Also, the computational cost is reduced, and the proposed plan is strengthened against the attack of server spoofing.