Privacy Protection Based Secure Data Transaction Protocol for Smart Sensor Meter in Smart Grid

A smart grid is a data communications network integrated with an electrical grid that collects and analyzes near-real-time data on power transmission, distribution, and consumption. Currently, smart grid systems are considered to be necessary for improving the monitoring and control of a power distribution infrastructure. Using distributed measurement architecture, it is possible to gather information about the smart grid status for monitoring and controlling the overall infrastructure, including remote units. This architecture can control the use of electricity. In particular, users can monitor and regulate the electricity consumption of each home appliance in real time. Likewise, power companies can monitor and control electricity consumption for stabilizing electricity supply. However, serious problems can arise in case of data leakage. For example, if malicious attackers can sniff and analyze data, they can obtain the usage pattern of a house and ascertain when it is empty. They could then burgle the house. We propose a privacy-enhanced secure data transaction protocol that can protect private data by encrypting them. The encrypted data include the user's ID, home appliance serial number, and electricity consumption. Thus, attackers cannot obtain important data from the encrypted data. In addition, unauthorized power companies cannot access this information too.


Introduction
Recently, environmental issues such as global warming have become more serious because of industrial emissions.Many studies on low-carbon green growth are being carried out around the world to address them.The objective of aiming for low-carbon green growth is the abatement of carbon dioxide emissions and the efficient use of environmentally friendly resources.Thus, many researchers are studying application methods for these problems in various industries.In particular, interest in the use of smart grids for the effective use of electricity is increasing [1,2].
A smart grid is a digitally enabled electrical grid that gathers, distributes, and acts on information about the behavior of all participants (suppliers and consumers) in order to improve the efficiency, reliability, economics, and sustainability of electricity services [3].
A key feature of smart grids is their ability to transmit information between the user and the electricity company in real time.In other words, users can check the electricity consumption of home appliances in real time, and electricity companies can generate only the electricity they need by analyzing usage patterns.The control of electricity production can help reduce carbon dioxide emissions.Interaction between users and power companies requires many types of sensitive information, such as user and home appliance information and smart sensor meter information.This information should be transmitted securely [4,5].Otherwise, a malicious attacker could gather data on the electricity consumption of home appliances in order to determine a user's routine and could plan a burglary when no one is at home.
We propose a privacy protection-based data transaction protocol for smart sensor meter in a smart grid.This protocol has two phases: a transmission phase and a check phase.
The remainder of this paper is organized as follows.In Section 2, we briefly provide basic information about smart grids.In Section 3, we discuss problems regarding International Journal of Distributed Sensor Networks the security of private information in smart grids, while in Section 4, we describe our proposed protocol.We present an analysis of the proposed protocol in Section 5, and finally, we summarize our research in Section 6.

Smart Grid.
A smart grid is a digitally enabled electrical grid that gathers, distributes, and acts on information about the behavior of all participants (suppliers and consumers) in order to improve the efficiency, reliability, economics, and sustainability of electricity services (see Figure 1) [1].
A smart grid communication network will comprise several different subsystems-it is truly a network of networks.These networks include a supervisory control and data acquisition (SCADA) system; a land mobile radio (LMR) system; cellular, microwave, fiber optic, dedicated, or switched wirelines; RS-232/RS-485 serial links; wired and wireless local area networks (LAN), and so on [6,7].

2.1.1.
SCADA.An important component required for the monitoring and control of a substation is the SCADA system.It is utilized for distribution automation (DA) and computerized remote control of medium voltage (MV) substations and power grids, and it helps electricity utilities increase the reliability of power supply and reduce operating and maintenance costs.In the past, sectionalizer switchgear, ring main units, reclosers, and capacitor banks were designed for local operation with limited remote control capability.Today, using a SCADA system over reliable wireless communication links, remote terminal units (RTUs) provide powerful integrated solutions for upgrading remotely installed electrical equipment.In a Distribution Management System (DMS), RTUs seamlessly interface via a SCADA system with a wide range of high-performance control centers supplied by leading vendors worldwide.Connection to these Enterprise Management Systems (EMS) and DA/DMS control centers is typically provided via a high-performance IP Gateway or similar nodes [2,8].

Wireless Networks.
Different areas of the smart grid network require different wireless networking solutions.The deployment and operation of large, secure network communication systems over many years has taught us that the effort required to provision symmetric keys into thousands of devices can be too expensive or insecure.The development of key and trust management systems for large network deployments is required; these systems can be adopted from other industries, for example, LMR systems and Association of Public-Safety Communications Officials (APCO) radio systems.Several APCO-deployed systems provide statewide wireless coverage, with tens of thousands of secure devices.Trust management systems based on public key infrastructure (PKI) technology could be specifically customized for smart grid operators, easing the burden of providing security that adheres to accepted and guidelines that are known to be secure [10,11].

Review of Ren et al. 's Scheme.
In this section, we present an analysis of Ren et al. 's scheme [12] (see Table 1).These H  (AID, V, TM, LocID) researchers proposed lightweight privacy-aware yet accountable secure communication scheme (PASS) between SM sensors and a Smart Grid Control Center (SGCC).PASS has five components: AID generation, attaching AID, uploading data, AID verification, and AID traceability.
(1) AID generation: the customer presents a UN to a TTP.The TTP generates the corresponding AID by using the generation function: where TM is the time-stamp used for the AID generation.After the AID generation, the TTP returns the AID to the customer and stores an item in a table called Tbl ttp , which stores tuples ⟨AID, UN, and TM⟩.
(2) Attaching AID: the customer inputs the obtained AID into a SM at his/her residence.
(3) Data uploading: the customer uploads data messages  1 and  2 (defined below).The SGCC creates a table called Tbl sgcc , in which tuples ⟨AID, , VTM, and LocID⟩ are stored.VTM is the time-stamp for uploading the data. Consider (4) AID verification: the SGCC decrypts the uploaded data and examines whether the AID is valid and whether it has been forged by a malicious user.The verification function is   : AID × TTP PubK → Rslt.If Rslt has a "given" a priori pattern; that is, its left half and right half are identical, the verification function outputs "Yes, " which means the AID is valid.Otherwise, the output is "No, " which means the AID is invalid.(5) AID traceability: the SGCC can trace back to AID's LocID.However, it cannot recover the UN of the AID by itself.Only the TTP can recover the AID.Given the AID, TTP fetches ⟨UN, TM⟩ from Tbl ttp = ⟨AID, UN, TM⟩ and checks whether the following equation is satisfied: If it is satisfied, the TTP can confirm that the "opened" TTP is the UN, and such a UN is not repudiated.

Security Problems in Smart Grid Systems
3.1.Privacy Problem.The security issues in smart grid have been widely discussed in recent years.The primary security issue is privacy because information transmitted over a smart grid contains electricity usage patterns of home appliances.This information could indicate not only the amount of energy consumed by each user, but also when they are at home, at work, or traveling [13].Furthermore, it might be possible to infer what types of home appliances are present by compromising users' home area networks.The present smart grid system gathers user information in order to check and calculate the amount of electricity consumption.Thus, if a criminal or malicious attacker can determine when a user is not at home, they may break into his/her house at such a time.Thus, energy-related information could support burglars or provide business intelligence to competitors [14].

Electricity Consumption Loss. According to the report Smart Metering & Privacy: Existing Law and Competing
Policies, researchers at MIT have developed a nonintrusive appliance load monitor (NALM) [15,16].
If NALMs could be incorporated in the existing metering infrastructure to allow for real-time logging of electricity consumption, information concerning appliance use may be reconstructed from the overall load data; thereby removing the need to intrude residential space and install new equipment in the house.NALMs were designed as research tools, and they were set up to monitor only a small number of customers in order to facilitate load forecasting and management (see Figure 3).However, smart grids allow the collection and communication of highly detailed electricity usage information, in much the same way as the NALM [16].Thus, the problem of privacy within a smart grid is the main concern.

Modification of Electricity Consumption.
Existing power companies require only power lines to connect a house to a power source.Thus, individual customers cannot access the electrical grid through the Internet.This feature provides security from the risks associated with the Internet.However, smart grid architecture connects a house (smart sensor network) to not only an electrical grid but also the Internet.This means that a smart grid is exposed to additional risks, one of which is illegal modification of electricity consumption [17].In a smart grid, users and electricity companies communicate with each other through a wired or wireless network.Information about electricity consumption and the user is transmitted via this network.Thus, if a malicious attacker modifies a user's electricity consumption, the user might have to pay a lot of money for electricity that has not actually been used.In addition, unscrupulous users could modify their electricity consumption in order to profit by paying less.There is a high likelihood of such instances [18].

Proposed Protocol
4.1.Basic Structure.In this section, we propose a data transaction protocol for privacy protection (see Figure 2).To solve the problems faced in existing smart grid systems, our scheme creates hash data from the information on home appliances.Thus, electricity companies or attackers cannot obtain any valuable information.
This scheme has two steps: a transmission phase and a check phase.In the former, the user sends encrypted information, such as electricity consumption and serial numbers of home appliances, to the power company and the power company stores this information.In the check phase, the user requests his/her electricity consumption from the power company and can check the power consumption of each home appliance.Figure 4 shows an overview of the proposed scheme.sensor meter (SM) display.The SM display is the interface between the user and the SM (see Figure 5).The SM sends these information to the power company (PC), and the PC stores the information.The information is used as the user's identity and encryption/decryption key between the user and SM.Moreover, the PC does not have knowledge of these information because the ID  and  are hashed before communication.

Overview of Entire Scheme.
When the user moves into a new house, he/she should register his/her ID  and  with the SM User → Smart Meter Input ID  , .
The SM stores the ID  and  and creates hash data ( 1 ) from these information.This hash data are used as the user identification and for extracting electricity consumption (EC) from other data ( 1 ⊕ EC).Then, the hash data ( 1 ) and SM serial number (SN SM ) are encrypted ( 1 ) with an encryption/decryption key ().The SM sends the encrypted data the PC Smart Meter Store ID  , , The PC decrypts the hash data ( 1 ) and SM serial number (SN SM ) obtained from  1 .Then, the SM verifies the SM serial number (SN SM ) by checking if it exists in the list of SMs (SN list ).If the SM serial number is valid, the PC stores these information ( 1 ‖ SN SM ) Power Company

Transmission Phase.
In the transmission phase, information on home appliances (HA) and electricity consumption (EC) is transmitted securely (see Figure 6).Thus, third parties and the PC do not have any knowledge of this information.In addition, the PC only knows the electricity consumption.Thus, the user's private information, such as daily routine or the home appliances possessed by him/her, is protected.

HA SM PC
Each home appliance sends the home appliance serial number (SN HA ) and electricity consumption (EC), encrypted with , to the SM Home Appliance → Smart Meter   (SN HA ‖ EC) .
The SM decrypts the home appliance serial number (SN HA ) and electricity consumption (EC) before encrypting the hash data ( 1 ), electricity consumption (EC), and SM serial number (SN SM ) with  and creating hash data ( 2 ) from  1 and the HA serial number (SN HA ).Then, the two sets of hash data ( 1 ,  2 ) and electricity consumption (EC) are hashed ( 3 ). 3 is used for performing an integrity check.The SM then sends encrypted data ( 2 ) with the two sets of hash data ( 2 ,  3 ) to the PC Smart Meter The PC obtains   1 ⊕ EC  and the SM serial number (SN  SM ) via the encrypted information ( 2 ).Next, the PC searches the stored  1 by using SN  SM and extracts the electricity consumption (EC  ) from   1 ⊕ EC  by using the stored  1 .After the extraction is complete, the PC creates hash data  (  3 ) from   1 ,  2 , and EC  and makes a comparison between the received  3 and   3 .If the comparison shows that the hash data are identical, the EC is stored with the hashed information  2

Power Company
2 is used as an index of the home appliance.In addition, when a user requests the electricity consumption of any home appliance, the PC can search for it using  2 obtained from the user.

Check Phase.
In this phase, the user requests the electricity consumption of one or more home appliances from the PC (see Figure 7).
First, the user inputs the ID  and  along with the serial number (SN HA ) of the home appliance whose electricity consumption is required To verify that the request has come from an authorized user, the SM creates hash data ( 4 ) by using the data input by the user ( ID ‖ ).It then verifies the user from the information stored in the registration phase.After user verification, the SM generates random nonce () by using the PRNG(⋅) function and encrypts it with .The purpose of generating  is for facilitating the verification of the electricity consumption by the user when he/she receives information from the PC.Hash data ( 5 ) are generated in order to search stored electricity consumption values.Lastly, the SM sends encryption data and hash data ( 3 ‖  5 ) to the PC Smart Meter 5 allows the PC to retrieve the EC of the home appliance from its database.Further, random nonce (  ) is decrypted from the received information ( 3 ).Subsequently, the PC encrypts the EC and   with .All computed data ( 5 ‖  4 ) are sent to the SM Power Company Search EC by  5 ⇒  2 ‖ EC, When  5 ‖  4 are received, the SM decrypts the EC and   and makes a comparison between the initial random nonce  and the decrypted random nonce (  ).If the random nonce comparison result is not correct, it means that  4 has been modified.Thus, the SM discards the data.Similarly,   5 should be compared with the initial hash data  5 .If these two comparisons indicate that the sent data are correct, the SM sends the requested electricity consumption (EC) with the home appliance serial number (SN HA ) to the user Smart Meter Finally, the user can check the electricity consumption of his/her home appliances.

Analysis
5.1.Protection against Privacy Invasion.The proposed protocol protects against privacy invasion by using a user password () and an encryption/decryption key ().The user password is entered as a key between the home appliance and SM when the SM is first installed, and the encryption/decryption key is entered when the SM is manufactured.The target information necessary for privacy invasion is the user ID, home appliance serial number, and electricity consumption.To determine when the user is at home, at work, or traveling, a malicious attacker would need this information.
However, the protocol proposed in this paper uses encrypted data.This contains the home appliance serial number and electricity consumption (  (SN HA ‖ EC)).If a malicious attacker eavesdrops on the encrypted information, they would need the user password () to decrypt it.Therefore, malicious attackers cannot decrypt this information as long as the user password is known only to the user.

Protection against Electricity Consumption Loss.
The proposed protocol protects against data leakage by using a user password (), an encryption/decryption key (), and random nonce ().The target information is the home appliance serial number (SN HA ) and electricity consumption (EC).To determine when the user is at home, at work, or traveling, a malicious attacker would need this information.
In the transmission phase, we encrypt the home appliance serial number (SN HA ) and electricity consumption (EC) by using the user password (Kus).In addition, this electricity consumption and hash data ( 1 ) are computed using the exclusive-OR operation.Additionally, the PC encrypts the electricity consumption with a random nonce () using an encryption/decryption key () in the check phase.The use of the exclusive-OR operation and random nonce makes it difficult to extract the electricity consumption.Therefore, any intercepted home appliance electricity consumption information is different from the real data.

Protection against Modification of Electricity Consumption.
If a malicious attacker modifies the electricity consumption data of a home appliance, the user may have to pay more money because of the modification.On the other hand, if unscrupulous users modify their electricity consumption in order to profit, the PC may suffer significant losses.Thus, the proposed protocol uses two keys ( and ) and a hash function ((⋅)) to protect against illegal modification.For example, if an attacker knows the encryption/decryption key () and attempts to modify the electricity consumption in the transmission phase, the PC can detect this modified information.
(iii) Attacker cannot create  2 and  3 because he/she does not know  1 .
(iv) The PC extracts electricity consumption using exclusive-OR operation.
(v) The PC computes new hashed data (  3 ) and compares them with received hashed data ( 3 ) (vi) The comparison result shows that the received data is incorrect.
(vii) Therefore, the PC discards the information transmitted by the attacker.

Performance Analysis.
In this section, we compare the performance of our proposed scheme with that of Ren et al. 's scheme.The proposed scheme has three phases: registration, transmission, and request.In contrast, Ren et al. 's scheme has only one phase, called PASS.PASS is similar to the transmission phase of the proposed scheme.Therefore, we compare PASS and the transmission phase.Table 3 shows an analysis of the computational cost.The proposed scheme is computationally more efficient compared to Ren et al. 's scheme.Besides, in the former, asymmetric encryption is not used and the hash function is used less.
Table 4 shows an analysis of the communication cost.As can be seen, our proposed scheme needs two handshakes in the transmission phase.On the other hand, Ren et al. 's scheme needs three handshakes in PASS.Thus, our proposed scheme is more efficient with regard to the communication cost.
In order to compare the proposed scheme and Ren et al. 's scheme, we simplify the computational cost for carrying out a quantitative analysis.We assume that the computational cost of asymmetric encryption, symmetric encryption, and the hash function are 3, 2, and 1, respectively.Actually, asymmetric encryption involves higher computational cost compared to symmetric encryption and the hash function.Further, symmetric encryption involves higher computational cost compared to the hash function.Thus, the computational cost of the proposed scheme is 11 (4Sym + 3 (h) = 4 × 2 + 3 × 1 = 11), while that of Ren et al. 's scheme is 18 (2Asym + 4Sym + 4 (h) = 2 × 3 + 4 × 2 + 4 × 1 = 18).
Figure 8 shows the changes in the computational cost and communication cost with time.We calculate the costs for the case where data are transmitted at regular intervals.For example, if data are transmitted at 10 min intervals (144 = 1 day/10 min), the cost of the proposed scheme is 1584 (= 144 × 11), while that of Ren et al. 's scheme is 2592 (= 144 × 18).

Conclusion
In this paper, we have proposed a secure data transaction protocol for smart grids to protect private information.The proposed protocol has two phases: a transmission phase and a check phase.In the former, we encrypt the user ID, home appliance serial number, and electricity consumption to protect against attacks such as eavesdropping and modification.For the encryption, the user password, encryption/decryption key, and hash function are used.In the check phase, the user can request information about the electricity consumption of a home appliance.For this, he/she sends an encrypted user ID and home appliance serial number to the PC.And the SM generates a random nonce.The purpose of generating the random nonce is to protect electricity consumption data from illegal modification.Thus, the PC sends the desired electricity consumption and random nonce in an encrypted state.The above features provide security to the data transaction.

Figure 3 :
Figure 3: Household electricity demand profile recorded on a one minute time base.

Figure 8 :
Figure 8: Changes in computational and communication cost for data transmission at regular intervals.

Table 1 :
Notation of Ren et al. 's scheme.
Advanced metering infrastructure (AMI) solutions can be meshed or point-to-point, with local coverage or long-range communication.Options for backhaul solutions are fiber, wireless broadband, or broadband over powerline, to name a few.Workforce mobility solutions include WiMax, WLAN, Cellular, and LMR, depending on the reliability, throughput, and coverage desired by the utility.Wireless communication solutions can be either licensed or unlicensed, again depending on the needs of the utility.For achieving the

Table 2 :
Notation used for the proposed.
Table 2describes the notation used for discussing the proposed scheme.The notation is used throughout this paper.4.3.Registration Phase.In the registration phase, the user inputs his/her ID (ID  ) and password () by using a smart

Table 3 :
Analysis of computational cost.

Table 4 :
Analysis of communication cost.