A method of lightweight flexible terminal device authentication in the power internet of things

Abstract

There are a large number of smart terminal devices in the power Internet of things, which are facing a variety of security threats. In this paper, structure of the power IoT is introduced, security risks of the terminal devices in the perception layer of the power IoT are analyzed, and security requirements and authentication technologies of identity authentication of the terminals are studied. Then a lightweight flexible authentication method suitable for terminal devices in the power IoT is proposed to implement direct peer to peer authentication between terminal devices, which is based on the public key encryption technology and the assistance of lightweight certificate server. Relying on this method, the central security risk and performance bottleneck of the certificate server are reduced effectively, the fake attacks against the terminal devices can be prevented, and the illegal use of terminal devices can be found timely.

Keywords

Power internet of things smart terminal device security risk device authentication

1. Introduction

The Internet of things (IoT) collects all kinds of information needed in real time through information sensing equipment such as radio frequency identification devices (RFID), global positioning system (GPS), sensors and other devices, exchanges information with the Internet, to support positioning, monitoring, identification and other functions [1, 2]. The power Internet of things is the concrete form and application of the Internet of things in the power industry. All people and things such as the power users and their devices, power grid enterprises and their devices, power generation enterprises and their devices, power supply businesses and their devices, are connected together, sharing data, information and wisdom to provide better services [3].

The power Internet of things usually consists of four layers: perception layer, network layer, platform layer and application layer. There are many physical devices in the perception layer, including various transformers, concentrators, energy smart meters and various smart appliances on the user side. The network layer connects the perception layer and the platform layer, and is responsible for transmitting and collecting data from the perception layer. In the network layer, wired or wireless communication can be used for short-range communication, while optical fiber private network is used for long-distance communication. In addition, in order to adapt to the large number of intelligent terminal devices and different deployment environments, wireless network and satellite communication such as 5 g and Beidou high resolution satellite can be used as supplementary communication modes. The main functions of the platform layer are to update the massive data in the whole power grid in real time, sharing these data and supporting the rapid construction of various applications. Based on panoramic big data, the application layer provides user interfaces to process and analyze data, realizes customized services for users so as to have good perception and interaction among all participants in the power system. The application layer can also processes data, makes better decisions, and then sends feedback data through the network layer to control the terminal devices in the perception layer. Application layer can exist in various forms such as website, APP of mobile phone, WeChat official account, WeChat Mini program and so on, which provides personalized electric value-added services to users [4, 5, 6].

This paper studies security problems in the power Internet of things, especially attacks of cheating, counterfeiting and illegal use against smart terminal devices, so as to ensure the security and trustworthiness of data collection, data transmission and device control among smart devices in the power IoT.

2. Security risk analysis of perception layer in power IoT

The perception layer is the bottom layer of the power Internet of things. There are a variety of different types of intelligent devices in this layer, such as field acquisition devices, smart terminals, local communication access devices and edge IoT agent devices, and etc. All of these large-scale devices are widely distributed, covering all aspects of power generation, transmission, distribution, storage and consumption. At present, about 540 million various types of terminals are connected to the perception layer of power IoT, with a daily incremental acquisition data more than 60 TB.

There are three kinds of security risk the terminal devices faced in for the perception layer: the first is risks of embedded system. Due to the system tailoring, application customization, and communication protocol proprietary complexity, most of the sensing devices have a lot of vulnerabilities. Embedded system often consider seldom about needs of security because of limited computing resources of software and hardware, this system considers more to ensure real-time support and availability. The second is the weak security awareness of manufacturers. There are many kinds of intelligent terminals and sensing devices with different functions in the power Internet of things. Many manufacturers pay more attention to functions of these devices, but ignore security protection capability of them. Most of these smart devices have no message authentication and integrity authentication mechanism. So that attackers can illegally use or damage these devices without authorization, use forged or maliciously tampered instructions to cause the device incorrect operations. The third is risks caused by physical environment. Environment which these smart devices are deployed in power transmission, distribution and consumption, are usually unattended or uncontrollable. Attacker can easily contact these devices physically to carry out physical destruction, clone and forgery, data stealing, software tampering and remote control attacks.

3. Requirements and technologies of device authentication

Three types of sensing terminal in the power IoT are operation terminal, acquisition terminal and special control terminal. Operation terminals mainly include charging POS (point of sale) machines and ATM (Automatic Teller Machine). Acquisition terminals mainly include transmission status monitoring terminals, substation status monitoring terminals, power consumption information acquisition terminals, video terminals, smart meters and security access control terminals. For Supervisory Control and Data Acquisition system (SCADA system), the typical sensing terminals are RTU (Remote Terminal Unit) and FTU (Feeder Terminal Unit).

Some security measures have been applied to these terminals. For example, TF (TransFlash) interface encryption cards combined with PKI (Public Key Infrastructure) certificate system of State Grid Corporation of China have been used to implement strong identity authentication for end users to protect data security of terminals on operation and collection mobile terminals such as production mobile operation terminals, charging POS machines and power transmission status monitoring terminals [7, 8, 9].

In practice, it has been found that main security threats to the current sensing terminals in power IoT are illegal and counterfeit use aimed at these terminals. It is urgent to research and develop a device authentication method for power IoT terminals to reduce the security risk of these threats.

Authentication is the basis for most types of access control and for accountability. Authentication is defined as the process of verifying an identity claimed by or for a system entity. There are following general means of authenticating a user’s identity, which can be used alone or in combination: password-based authentication, token-based authentication, and biometric authentication [10, 11, 12]. Some of the authentication functions or applications have been developed to support network-based authentication. The most widely used services are Kerberos [13, 14] and the X.509 public-key certificates.

Compared with user authentication, device authentication is another security authentication service requirement. The principle of device authentication is basically similar as user authentication, but technologies used are different. There are three kinds of technologies used in device authentication: device tag, device fingerprint and blockchain based authentication. The method of device tag usually uses unique identifier, verification certificate or key stored in the device in advance to help the server verifying the device identity [15, 16, 17, 18]. Device fingerprint is the unique device identity data extracted from various characteristic information of the device, which is used for device identity authentication [19, 20, 21]. Blockchain authentication technology authenticates device identity through distributed ledger and consensus mechanism [22, 23]. Due to the complexity of physical or logical attribute extraction, device fingerprint authentication technology cannot be widely used for terminal device authentication in IoT at present. The blockchain based authentication technology relies on the extensive deployment of blockchain in the power Internet of things, and there is still no practical application in this field.

As an information security technology and security architecture based on cryptography, Public key infrastructure and certificate authority (PKI/CA) are used to solve problems of identity authentication, access control, information confidentiality and non-repudiation concurrently. It is the key technology to ensure authority and trust of power ERP (Enterprise Resource Planning), power marketing system and power information collection. PKI platform mainly consists of certificate issuing system (CA), registration and auditing system (RA), key management system and certificate database. The establishment of PKI platform requires the overall planning and construction of enterprises, organizations, industries and government. State Grid Corporation of China is building a PKI/CA system covering the headquarters of State Grid (including directly affiliated units) and 31 provincial grid companies [24].

4. Method of lightweight flexible device authentication

The purpose of this paper is to utilize mature authentication technology based on cryptography to realize network authentication of various types of terminal devices in the power Internet of things. In the power Internet of things, there are many data transmissions such as collection data, aggregation data and control data among different types of terminal devices. To ensure data security and control security of power IoT, all terminal devices need to be authenticated before transmitting data, so as to prevent security threats such as terminal counterfeiting or expired illegal use of terminal. A common way is to establish a centralized certificate server to verify terminal devices identity before data transmission. Disadvantages of this way are following: first, the certificate server is easy to become the centre of security risk and performance bottleneck, once the certificate server is attacked, it is easy to paralyze the whole network; second, the device authentication has a periodic time effect, which needs to refresh the authentication result to the central certificate server periodically, increasing burden of the device and the certificate server; third, it is unable to realize peer to peer real-time authentication between devices before every data transmission session, so the session is vulnerable to spoofing attack.

Therefore, only by reducing the participation of the centralized certificate server in each authentication session, weakening the central risk of the server or realizing peer-to-peer authentication between terminal device, can the terminal device authentication be more secure and more effective in the power Internet of things. In this paper, a lightweight flexible authentication method is proposed. With the assist of centralized certificate server, the core security goal of peer-to-peer device authentication is well realized.

4.1 Certification structure

The lightweight flexible device authentication system of the power Internet of things includes a lightweight centralized certificate server and a large amount of terminal devices. The system adopts method of device tag to identify terminal device based on asymmetric cryptography. The relevant data structures used for device authentication in terminal devices and certificate server are shown in Figs 1 and 2.

Figure 1.

Authentication data structures of terminal device.

Figure 2.

Authentication data structures of the server.

As shown in Fig. 1, each terminal device contains an identity label Label-t, which contains a unique identifier TID, and a private key PRt used by the terminal device itself for digital signature. The public and private key pair of the terminal device is assigned by the certificate server when the device is registered. The terminal device also contains a key label label-PUs in which the public key PUs for the certificate server and its period of validity Lifetime-s are stored. In order to achieve peer-to-peer authentication, the terminal device maintains a dynamic public key list List-PUt. The List-PUt is a cache table in which authentication information of other terminal devices including a unique identifier TID, a public key PUt and its period of validity Lifetime-t assigned to the device, are kept to realize peer-to-peer authentication with this terminal device.

As shown in Fig. 2, a key pair label Label-s is stored in the certificate server, which contains the public key PUs, the private key PRs, and the period of key validity Lifetime-s for the server. The certificate server also maintains a dynamic public key list List-PUt for all terminal devices registered. This public key list List-PUt keeps authentication information of all registered terminal devices, including unique identifier TID, public key PUt and its period of validity Lifetime-t assigned to each device.

The public-private key pair used for asymmetric cryptography in the certificate server and terminal devices will be used in the subsequent peer-to-peer mutual authentication between terminal devices. The private key is used for authentication message digital signature, and the public key is used to verify the message digital signature, so as to verify the authenticity of the device identity. The asymmetric cryptography algorithm can adopt national standard asymmetric cryptography algorithm such as elliptic curve algorithm SM2 or SM9 algorithm, or international standard asymmetric cryptography algorithm such as RSA algorithm.

4.2 Process of device authentication initialization

Considering the complexity of the management and maintenance about digital certificate issuing and exchanging in PKI system, although the lightweight flexible authentication method uses asymmetric cryptography as the device authentication technology, it does not use digital certificate technology. As the role of lightweight authentication directory, certificate server only participates in the authentication process during the first authentication process between two devices. All subsequent authentication process will be a direct peer-to-peer authentication between devices, without participation of the certificate server. Therefore, terminal device authentication in power Internet of things is a relatively flexible peer-to-peer authentication process.

The initialization process for the certificate server is as follow:

Step 1: The certificate server generates a public-private key pair of asymmetric cryptography for itself: private key PRs and public key PUs, and specifies period of key validity Lifetime-s for this key pair. The key pair and period of key validity are persisted in the Label-s in the certificate server; Step 2: The list of public key List-PUt for terminal devices in the certificate server is initialized as empty, indicating that there is no terminal device registered and connected.

All terminal devices must be registered before access to the power IoT. The initialization process of a terminal device registration is as follow:

Step 1: The certificate server allocates a unique ID TID to the registered terminal device; Step 2: The certificate server generates a key pair of asymmetric cryptography for the registered device: private key PRt and public key PUt, and specifies period of key validity Lifetime-t for this key pair; Step 3: The unique ID TID and the private key PRt of the registered device are persisted into its identity label Label-t, and the public key PUs and period of key validity Lifetime-s of the certificate server are saved to the label Label-PUs in the terminal device; Step 4: The certificate server generates a new record in itself dynamic public key list List-PUt for the registered device, saves the TID, PUt and Lifetime-t of the registered device in this new record.

Each terminal device can access to the power Internet of things for data collection, aggregation and special control operation legally only after completing the registration initialization process.

When the service time of a device exceeds the period of key validity Lifetime-t specified by its key pair, continuing to use the device will be authenticated as expired and illegal use, and the above registration initialization process needs to be repeated to the certificate server.

4.3 Process of device authentication

In the power Internet of things, the peer-to-peer authentication process for two terminal devices TA and TB is shown in Fig. 3.

Suppose that two terminal devices TA and TB need to transfer acquisition data. The terminal device TA first authenticates the identity of the terminal device TB. Here, the terminal device TA is the verifier, and the terminal device TB is the declarant.

Step 1: TA generates a random number NR and sends it to TB; Step 2: TB acquires its TID value TIDb and private key value PRtb from its identify label Label-tb, encrypt the concatenated value (NR $+$ timestamp) with its private key PRtb to get the signature value Sb; then TB sends the TIDb and Sb values back to TA; Step 3: TA receives TIDb and Sb, searches the device record with TIDb in its public key list List-PUta. If the record corresponding to TIDb is found and the period of validity Lifetime-tb of the public key PUtb in the record is within the valid period, Step 4 is executed sequentially, otherwise go to Step 5; Step 4: TA uses the public key PUtb in the record to decrypt the signature value Sb, obtains the random number NR’ and the timestamp value. If NR’ is equal to NR and the timestamp is valid, the signature verification of the device TB is successful, that is, the identity authentication of the device TB is successful; otherwise, TA judges that the authentication request of the device TB is counterfeit or replay authentication attack, and the identity authentication of the device TB is failed; Step 5: If TA cannot find the corresponding record of TB in its own public key list List-PUta, or the public key lifetime of TB in the record is not within the validity period, TA requests the certificate server to send the corresponding record of TB in the public key list List-PUts to it; if the record of TB is successfully obtained from the certificate server, TA uses this record to update the expired record of TB in List-PUta (if there is no expired record of TB in List-PUta, this record will be added into the list for device TB), and then go to Step 3 to verify device TB continuously; if the record of TB cannot be obtained from the certificate server, device TB will be judged as a counterfeit or illegal device, and the authentication process of TB will be aborted; Step 6: After TA verifies TB successfully, TB also needs to verify TA’s identity realized by repeating step 1 to step 5.

Figure 3.

Process of device authentication in power internet of things.

Figure 4.

Authentication message transmitted during mutual authentication process.

It is illustrated from the above authentication process that the certificate server only participates in the authentication process in the case of the first authentication between both devices, or the period of key validity has expired and needs to be updated from the server. The subsequent authentication process is direct peer-to-peer verification between devices without the participation of the certificate server. So the certificate server just plays a role of lightweight authentication directory service provider in the whole device authentication process in the power Internet of things.

Before the terminal device can query and get the public key record of another device from the certificate server, it also needs to verify mutually with the certificate server. The authentication process between the terminal device and the certificate server is similar to that between two devices, which also adopt asymmetric cryptography technology, that is, private key used for signature and public key used for verification. The main difference between these two processes is that the data structures for accessing public key, private key and their lifetime are different as shown in Figs 1 and 2.

Authentication messages transmitted in the mutual authentication process between terminal devices TA and TB, or terminal device TA and the certificate server AS, are illustrated as Fig. 4. In Fig. 4, NR1 and NR2 represent randomly generated number, and the function E() represents a digital signature function encrypted with a private key.

5. Analysis of security and efficiency

In the above described lightweight flexible device authentication process in the power Internet of things, the certificate server only participates in the authentication process during the first authentication process between two devices, all subsequent authentication process will be a direct peer-to-peer authentication between devices without participation of the certificate server, which greatly reduces participation of the centralized certificate server in each authentication session, reduces the central security risk and performance bottleneck of the certificate server effectively. We define that it is a stable state of the power Internet of things system when all authentication process between two terminal devices can be carried out just between the two devices directly without participation of the certificate server. Assuming that there are n-1 terminal devices in the system, when the nth device is added into the system, the certificate server needs to participate in the authentication process totally for n-1 times at most before the system reaches a stable state again. If there are n terminal devices in the initial state of the system, the certificate server needs to participate in n(n-1)/2 authentication processes at most to make the system get a stable state. In practice, due to the hierarchical structure of terminal devices in the power Internet of things, there are few authentication requirements among devices at the same level, more authentication processes occur among devices at different levels. Therefore, the number of certificate server participating in the authentication process before the system reaches a stable state is far less than the maximum number of n(n-1)/2, in fact, the number of devices requiring mutual authentication is less than 25% of the total number of devices.

The security analysis of authentication process for several typical attacks is as follows.

(1) Terminal device fraud

Suppose that a terminal device TA needs to identify a terminal device TB which is a fake device. TA sends a random number NR to TB, TB returns the digital signature of (NR $+$ timestamp) encrypted with its private key, and device label of TB to TA. If the device label value provided by TB does not exist in TA’s public key list List-PUta, TA considers TB to be an illegal device; if TB impersonates other legitimate device TC, provides the label value of device TC, that is, the label value of device TC provided by TB exists in TA’s public key list List-PUta, then TA attempts to use the public key of device TC to decrypt the signature returned by TB, and this decryption will fail (unless illegal device TB can obtain the private key of legitimate device TC), so TA identifies TB as a counterfeit terminal device.

(2) Certificate server fraud

Assume that the terminal device TA needs to identify the certificate server AS’ which is a fake server. TA sends a random number NR to AS’, and AS’ returns the digital signature of (NR $+$ timestamp) encrypted with its private key to TA. TA attempts to use the public key PUs of the certificate server in its label label-Pus to decrypt the signature returned by AS’, and this decryption will fail (unless the fake certificate server AS’ can obtain the private key of the legal certificate server AS), then TA identifies AS’ as a fake certificate server.

(3) Overdue terminal device

Suppose that device TA needs to identify device TB which is overdue. TA sends a random number NR to TB, TB returns the digital signature of (NR $+$ timestamp) encrypted with its private key, and device label value of TB to TA. TA finds TB’s public key PUtb and Lifetime-tb of this key in its public key list List-PUta according to TB’s device label value, compares Lifetime-tb with the current time, and finds that the Lifetime-tb is beyond the period of validity, so TA identifies TB as a terminal device that is overdue used illegally, and refuses to carry out subsequent data exchange or control operation with TB.

(4) Replay attacks on authentication process

By monitoring the network data of the power Internet of things, an attacker may cheat a terminal device or the certificate server through the replay of captured data, achieve a successful authentication as a counterfeit device, and obtain data from the power Internet of things system. In the lightweight flexible authentication process, time stamp is added and encapsulated in the digital signature to avoid the attacker tampering with the time stamp value, so as to defend against such replay attacks effectively.

6. Conclusions

There are a large number of smart terminal devices in the power Internet of things such as smart meter, acquisition terminal, mobile terminal, etc. Ensuring security of these terminal devices is very important for the security of power Internet of things. State Grid Corporation of China is building a PKI/CA system covering the headquarters of State Grid (including directly affiliated units) and 31 provincial grid companies, to provide protection of identity security and data transmission security for the power information acquisition system. Based on these phased construction achievements of PKI/CA system, this paper constructs a lightweight flexible authentication system for the terminal devices in the regional power Internet of things system, focuses on solving problem of counterfeiting and illegal use of terminal devices. Next research works include: providing support for interconnection authentication between different regions, expanding application scope of this device authentication system to provincial grid companies and national grid company, and solving problems in the integration of this system and state grid PKI/CA system.

Footnotes

Acknowledgments

The authors acknowledge the State Grid Corporation Science and technology project (Contract number: 2020YF-69).

References

Miorandi

Sicari

Pellegrini

, et al. Internet of things. Ad Hoc Networks. 2012; 10(7): 1497-1516.

Yang

Wang

Zhou

, et al. Key technologies and application prospects of ubiquitous power Internet of things. Power Generation Technology. 2019; 40(2): 107-114.

State Grid Corporation of China. Opinions on accelerating the construction of world class energy Internet enterprises: (2019) No. 1. [Z]. Beijing: State Grid Office, 2019.

Zou

Lai

. Network security risk analysis and Countermeasures under the background of ubiquitous power Internet of things. Power Equipment Management. 2020; 50(11): 118-120.

Yuan

. Research on key technologies of ubiquitous power Internet of things. Electric Power Construction. 2019; 40(5): 1-12.

. Ubiquitous power Internet of things application in intelligent distribution system. Telecom Power Technology. 2020; 37(05): 146-147.

Jin

Zhang

. Full-scenario situation awareness for power Internet of things solution. Information Security and Communications Privacy. 2020; (S1): 49-55.

Liu

Kong

. Application of controlled signature algorithm in ubiquitous power Internet of things. Software Guide. 2020; 19(09): 246-250.

Liao

Ban

Chen

. Research on identity authentication technology in power Internet of things based on SM9 algorithm. ShanDong Electric Power. 2020; 47(10): 1-5.

10.

O’Gorman

. Comparing passwords, tokens, and biometrics for user authentication. Proceedings of the IEEE. 2003; 91(12): 2021-2040.

11.

Burr

Dodson

Newton

, et al. Electronic Authentication Guideline. Gaithersburg, MD: National Institute of Standards and Technology, Special Publication 800–63–2, August 2013.

12.

Poller

Waldmann

Vowe

, et al. Electronic identity cards for user authentication – promise and practice. IEEE Security and Privacy Magazine. 2012; 10(1): 46-54.

13.

Bryant

. Designing an Authentication System: A Dialogue in Four Scenes. Project Athena document, Februar 1988. Available at http://web.mit.edu/kerberos/www/papers.html.

14.

Bozduman

Afacan

. Simulation of a homomorphic encryption system. Applied Mathematics and Nonlinear Sciences. 2020; 5(1): 479-484.

15.

Yamada

Ikeda

. Enhanced PKI authentication with trusted product at claimant. Computers & Security. 2017; 67: 324-334.

16.

Boubakri

Abdallah

Boudriga

. Access control in 5G communication networks using simple PKI certificates. Wireless Communications & Mobile Computing Conference IEEE. 2017.

17.

Lee

Han

Kim

. Home network device authentication: Device authentication framework and device certificate profile. Computer Journal. 2018; 52(8): 871-877.

18.

Hussain

Jain

. Simple and secure device authentication mechanism for smart environments using Internet of things devices. International Journal of Communication Systems. 2020; 33(16).

19.

Kim

Yoon

Kang

, et al. PUF based IoT Device Authentication Scheme. 2019 International Conference on Information and Communication Technology Convergence (ICTC). 2019.

20.

Kurra

Nelakuditi

. A secure arbiter physical Unclonable functions (PUFs) for device authentication and identification. Indonesian Journal of Electrical Engineering and Informatics (IJEEI). 2019; 7(1): 104-114.

21.

Ghosh

Roy

Kumar

. Smart device authentication based on online handwritten script identification and word recognition in indic scripts using zone-wise features. International Journal of Information System Modeling & Design. 2018; 9(1): 21-55.

22.

Albalawi

Azim

. Cloud-based IoT Device Authentication Scheme using Blockchain. 2019 IEEE Global Conference on Internet of Things (GC IoT) IEEE. 2019.

23.

Shen

Liu

Zhu

, et al. Blockchain-assisted secure device authentication for cross-domain industrial IoT. IEEE Journal on Selected Areas in Communications. 2020; PP(99): 1-1.

24.

Lai

. Construction approach of state grid PKI/CA system. The Power of Information. 2011; 9(3): 8-11.