**6. Security Analysis**

Here, we will determine that how the proposed approach can achieve the prevention of false data injection attacks and privacy preserving data aggregation.

### *6.1. Prevent False Data Injection*

In the proposed scheme, the trusted authority uses one-way hash function, generates hash chains, and assigns a hash chain to each device for every time slot *Ts*. For every home appliance and for each time slot *Ts*−1, we have a hash value *hi*(*p*−<sup>1</sup>). From *hi*(*p*−<sup>1</sup>) = *<sup>h</sup>*(*hip*||*Ts*), we can authenticate *hip* from *Ts*. However, because of the one-way nature of the hash function, we cannot obtain the *hip* from *hi*(*p*−<sup>1</sup>). Moreover, since every device reports its reading directly to the sink node—and only if a device reports the correct data—we will receive the fresh *hip* as we have assumed that the device will not act abnormally. If the *hip* is not fresh in the time slot *Ts*, it means that it has been attacked and the false data is injected externally or the device is compromised and a replay attack has been launched externally. Therefore, the sink node will reject the false data. Thus, it is ensured that the proposed scheme is resistant to false data injection attacks.
