Authentication techniques in smart grid: a systematic review

Smart Grid (SG) provides enhancement to existing grids with two-way communication between the utility, sensors, and consumers, by deploying smart sensors to monitor and manage power consumption. However due to the vulnerability of SG, secure component authenticity necessitates robust authentication approaches relative to limited resource availability (i.e. in terms of memory and computational power). SG communication entails optimum efficiency of authentication approaches to avoid any extraneous burden. This systematic review analyses 27 papers on SG authentication techniques and their effectiveness in mitigating certain attacks. This provides a basis for the design and use of optimized SG authentication approaches.

ISSN: 1693-6930  Authentication techniques in smart grid: a systematic review (Malik Qasaimeh) 1585 SG multicast authentication one-time signature schemes were analyzed by Lei et al. [12], in terms of the parameters of suitability, key management effectiveness, and storage cost. The study found that the optimum theoretical solution was Time-Valid One-Time Signature (TV-OTS), a technique whereby signature-generating and private keys are intermittently refreshed, but more empirical research is necessary to substantiate this solution.
Various SG cryptography algorithms and associated key generation techniques were evaluated by A. Kumar and A. Agarwal [13]. The security of such solutions fundamentally depends on key randomness. It was found that in SG applications, lightweight algorithms are optimal due to system limitations, as they have lower memory requirements, and asymmetric algorithms are more germane, while symmetric algorithms are better solutions for the encryption of messages during the authentication process.
This paper systematically reviews literature concerning SG authentication approaches in order to identity optimized solutions for SG components relative to attacks, and analyses their effectiveness in mitigating certain attacks to provide a basis for the design and use of optimized SG authentication solution. Section 2 explains the research method. Section 3 sets out and analyses the results, while section 4 concludes the paper.

Research Method
This systematic review includes papers on SG authentication techniques published during the period 2010 and June 2018 in Springer Link (Springer), IEEE Xplore (IEEE), and ScienceDirect (Elsevier) libraries. Searching utilized the combination of keywords to yield hits pertinent to the research questions, subjected to inclusion and exclusion criteria phases, as shown and explained in Figure 1.

Research Questions
The following key research questions guided this systematic review.

RQ1: What SG Authentication Approaches Exist?
This question targets particular techniques developed and tested in primary studies to give robust SG authentication solutions, with the objective of investigating common techniques and security models applied to enhance SG authentication.

RQ2: What Attack Types are Mitigated by these Authentication Approaches?
As explained previously, SG components are susceptible to numerous forms of attack (e.g. DoS and malicious software attacks). This research question aims to explore the application of identified authentication approach to prevent or manage common attacks on SG systems.

Search Process 2.2.1. Digital Libraries Search
The selected digital libraries (Springer Link, IEEE Xplore, and ScienceDirect) were searched for recent papers (published during 2010-June, 2018) on SG authentication, utilizing Scopus indexing, which purports to comprise the greatest database of peer-reviewed articles. Direct searching with key search terms was undertaken as shown in Table 1.

Selection Execution
All of the searched libraries yielded differing volumes of articles using the key strings. Articles identified (i.e. hits) were compiled in CSV spreadsheets, then a script code was executed to identify duplications and intersections between the articles. The consequent mass of articles was refined by further selection, including examining the relevance of articles to the research questions based on their titles, which reduced the set to 664 by excluding studies not directly related to SG authentication techniques.
The first and second authors (i.e. reviewers) were engaged to independently examine the 664 articles with regard to the inclusion and exclusion criteria, again to exclude articles not directly evaluating SG authentication techniques or threat mitigation, this time based on reading their abstracts as well as titles. Outcomes were classed as relevant articles (Nra); conceivably relevant articles (Nca); and irrelevant articles (Nira). Articles excluded at this stage included those whose abstracts did not specify authentication techniques [14] or the mitigation of threats [15]. It was noted by the reviewers that some authentication techniques had been replicated in numerous studies by the same authors, with varying objectives or experimental methods; in such cases the most recent study relevant to the study inclusion and exclusion criteria was used.
A total of 35 and 31 articles were considered relevant (Nra) by the first and second reviewers (respectively), then they reviewed their pooled Nra, Nira, and Nca selections to judge 37 as relevant (Nra). To avoid any possibility of bias, the outcomes of the reviewers' assessments were conveyed to a third reviewer for checking, and all reviewers subsequently met to verify the exclusion of articles considered irrelevant by one or more reviewers, subsequently yielding a final collection of articles with consensus among the reviewers on their relevance to this study. As displayed in Figure 1. Finally, full-text analysis led to a total of 33 articles. Quality assessment criteria were subsequently used to guarantee the rigor and validity of the primary studies and 6 papers was eliminated.

Quality Assessment
The quality assessment decreased bias in article selection and made sure rigorous criteria were used in assessing the selected articles' quality as described in Table 2. Quality scoring used the following criteria: Yes indicates that an article unambiguously meets the assessment criteria (and thus is scored 1); No indicates that an article unequivocally fails to meet the criteria (scored 0); and Indistinctive refers to doubt in whether the article meets the criteria, necessitating more detailed analysis or correspondence with the author(s) to seek clarification or partially meet the criteria (scored 0.5). Studies that scored over 50% in the qualitative assessment are listed in Table 3.

Extracting Information
The extraction of information relevant to the research questions concerned:  The SG component authentication technique.
 The attack the technique is intended to mitigate.  The system vulnerabilities addressed.

Results and Analysis 3.1. SG authentication Approaches (RQ1)
Answering RQ1 was directly related to analyzing authentication techniques of SG; a concise summary is presented in Table 4. Subsequently, the identified techniques were categorized into approaches as described in Table 5. Almost every included study deployed some degree of cryptography in authentication, but we considered the approaches to be based on cryptography if they used known techniques of cryptography, including hash function, symmetric key encryption, and Diffie-Hellman. If they did not use such techniques, they were classified under the general category of the approach used, as declared by the authors. For instance, if password techniques were used for authentication of SG components with an encryption technique in a constituent phase, the approach was classed as a password-based one. Exceptional cases that could not be easily classified on this basis were included in the hybrid encryption category, which included primary studies using no clear classification of approach or multiple encryption techniques (e.g. public and symmetric key encryption) as illustrated in Table 5 and Figure 2. The categories of cryptographic approaches deployed in SG authentication are explained below.

Cryptographic-Based Approaches
The greatest number of studies fitting into a single category was for those using hybrid encryption for SG authentication, with 18.5% of primary studies, comprising 27.7% of cryptographybased approaches, as in PS5, PS6, PS14, PS23, and PS24. These approaches sought to conserve limited computational resources in SG components (i.e. energy and power). For instance, Timed Efficient Stream Loss-tolerant Authentication (TESLA) was used by PS5 and PS23, with the distinguishing characteristics of less overhead packet communication, greater toleration of packet loss, and lower computation overhead. TESLA is based on one-way chains generating symmetric keys that 1589 are subsequently revealed in reversed order, with messages being buffered prior to authentication. It is thus of utility for SG components that need to be generally synchronized for speed-efficient assimilation of energy data rather than real-time data processing speed, as in PS5. For high data transfer volumes and longer durations of communication, PS23 suggested the use of inf-TESLA (i.e. for multicast streaming data), which deploys dual key chain method to facilitate improved streaming authentication continuity, preventing resynchronization and signing lag times and other associated problems.  The approach developed by PS6 for SG authentication used symmetric key encryption, with the sharing of pairwise keys between SG components, whereby all transmissions are encrypted prior to transmission; this approach was intended to optimize power efficiency (i.e. to function with the low computational power of SG components). PS14 used an authentication technique deploying a cryptosystem with certificate-less, using instead a blend of identity-based cryptography and public key technique to avoid the prohibitive cost of public key infrastructure (PKI) for private key generation, due to using a key generation center (KGC). PS24 used hashbased message authentication code (HMAC) and symmetric key encryption for SG components' mutual authentication, according to which components' authentication requires multiple proofs.
Hash-based approaches for authentication were deployed in PS3, PS8, PS11, and PS27, accounting for 22.22% of systematically reviewed primary studies, and 14.81% of those classified as cryptography-based. PS3 and PS8 used one-way hash function to address vulnerability to impersonation attack and repudiation attack (respectively). PS11 and PS27 used Merkle tree (a binary tree consisting of lead tokens, with each internal tree nodes being a hash of the right and left child nodes) for robust SG component authentication.
Elliptic curve approaches were declared by four of the systematically reviewed studies: PS15, PS35, PS37, and PS38. These accounted for 14.81% of selected primary studies, and 22.22% of cryptography-based techniques. PS15 used SM2 elliptical curve for SG components' mutual authentication, initiated with the connection between terminals and the SG center. The system monitored connections to detect time-out status, which prompted session closure. This provide efficient and fast computation and limited power drag. PS18 used elliptic curve to address limitations identified in [36]  previous study, in this case another primary paper: PS15. A lightweight elliptic curve technique was proposed by PS21 that used third-party registration of participants in order to begin authentication, with the authentication process ending after the exchange of the key session.
Diffie-Hellman authentication comprised 11.11% of systematically reviewed studies, and 16.66% of those using cryptography-based techniques (PS9, PS16, and PS17). Hashing code and Diffie-Hellman exchange protocol was used in PS9 for mutual authentication and session key sharing. Using Diffie-Hellman, PS16 apply the concept of discrete logarithm problems to authenticate the transmitted messages. Similarly, advanced encryption standard (AES) and Rivest, Shamir, and Adelman (RSA) encryption were used in conjunction with Diffie-Hellman technique in PS17. Broadcast encryption and chaotic maps were used for key distribution only in PS2 and PS25, respectively.

Password-Based Approaches
Password-based approaches were used for authentication in 11.11% of included studies (PS4, PS13, and PS22). PS4 presented SCAPACH, a password-based authentication technique that generates novel, short-lived passwords automatically when initiating every session of authentication, using parameters including device ID, geographical location, and local time etc. SG-MCPEAK protocol was tested in PS13, with symmetric keys for multilayer password authentication. SSCA and PSCAb protocols of password authentication were tested in PS22, the former of which deployed symmetric key encryption, while the latter used public key encryption.

Hardware-Based Approaches
Hardware-based approaches accounted for 11.11% of systematically reviewed studies (PS10, PS12 and PS19). PS10 provided SG component authentication with improved data processing performance, mobility, and security using a smart chip integrated with multiple reliable crypto algorithms, including hash function and public and symmetric keys. Physically Unclonable Function (PUF) was implemented with Xilinx Spartan 3E FPGA boards to provide authentication using end-to-end hardware by PS12. Microprocessor integration with PUF offers unique identity for SG component devices. In PS19, PUF was also used for a hardware solution meeting the needs for Advanced Metering Infrastructures (AMIs) authentication.

Signature-Based Approaches
Signature-based authentication approaches accounted for 7.4% of included studies (PS7and PS26). Individual signatures were created using Time-Valid One-Time-Signature (TV-OTS) in PS7, with new secret keys periodically initiated by Hash of Random Subsets (HORS). This authentication technique provided multicasting, secure, real-time, dynamic authentication. While PS26 might be considered to be a hybrid technique of encryption, on balance the reviewers classified it as a signature-based method due to the relative scarcity of studies using signatures during authentication. PS26 deployed message authentication codes (MAC) in addition to homomorphic signature for authentication, the latter of which signed data packets when initiated at source, while MAC generated unique tags for every data packet.

Biometric-Based Approaches
Biometric-based approaches accounted for 3.7% of included studies. PS1 investigated the use of multiple authentication approaches in modern networks, with AES for the privacy of fingerprinting used in authentication of SG system users. Database storage of fingerprints included categorization into rich minutiae and sparse fingerprint types.

Mitigated Threats (RQ2)
Answering RQ2 involved analyzing types of attacks and threats mitigated by the studied authentication approaches. Table 6 lists the foremost varieties of attacks identified, which were studied in terms of frequency and distribution. Figure 3 displays the mitigated attacks' frequency distribution. The most common types of attacks mitigated are, in descending order: MiTM, replay, impersonation, eavesdropping, brute force, dictionary, spoofing, repudiation, and other. The 'other; category collectively accounts for 15%, denoting the fourth rank, but each constituent threat in this group was considered in only one systematically reviewed study, comprising data forgery, DoS, information leakage, insider, modification, pollution, and quantum computer.
With 21.66% of all attacks, MiTM was the most common mitigated attack. Some analysts note that MiTM and impersonation attacks are fundamentally similar, but they were classified as distinct categories in this paper following the example of the taxonomies used by most of the primary studies analyzed; for instance, PS6, PS14, PS15, PS16, and PS21 have particular techniques of MiTM mitigation and others for impersonation attack. The latter was also commonly studied in its own right by 16.66% of primary studies. For both impersonation and MiTM attacks, the main aim of authentication is to prevent unauthorized (i.e. malicious) components such as fake smart meters from imitating genuine components, in order to prevent unauthorized access by third parties attempting to access SG components' data during exchange, to avoid damage including stopping or reducing the quality of SG network performance, corrupting or dropping data packets, or initiating secondary attacks within the system, such as DoS attacks and data flooding. Replay attack comprised 18.36% of the total of identified attacks in included studies (PS13, PS14, PS15, PS16, PS17, PS18, PS20, PS21, PS25, P26 and PS27). Authentication approaches seeking to protect data transmission between SG components from replay attack seek to prevent attackers intercepting, modifying and replaying data. Eavesdropping accounted for 10% of attacks mitigated in included studies (PS4, PS5, PS12, PS15, PS17, and PS25), seeking to protect data from attackers recording transmission or listening to data exchanged between SG components, especially consumer applications and smart meters. Eavesdropping is essentially an issue of system privacy and is particularly important where it relates to attackers stealing sensitive data and customer identity, with potential for fraudulent use. Spoofing, dictionary, and brute force attacks each accounted for 5% of attacks considered by the primary studies. SG entities used mutual authentication to avoid spoofing attacks, inhibiting attackers from accessing encryption (and/ or decryption) keys, and from disrupting authentication mechanisms. Dictionary and brute force attacks were mitigated using passwords for authentication between SG components and users, including utility companies, data aggregation points, and gateways. Tables are typically used to store passwords, with related authentication approaches preventing unauthorized access. Other attacks collectively accounted for 15% of attacks mitigated, comprising data forgery, DoS, information leakage, insider, modification, pollution, and quantum computer attacks.

Conclusion
A total of 27 primary studies were systematically reviewed in this study, revealing that most researches deployed cryptographic techniques for SG component authentication, including hash function, symmetric key encryption, and Diffie-Hellman. The most common attack mitigated by the approaches was MiTM (21.66%), with impersonation attack being the third most common (16.66%). In both of these attack types, SG authentication approaches seek to inhibit access by impostor smart meters and thus prevent unauthorized third party access to data exchanged within the SG, avoiding damage including corrupting or dropping data packets.
The second most common attack was replay attack (18.33%), followed by eavesdropping (10%), which pertain to protecting customer identity and avoiding fraudulent use or manipulation of consumer data. Brute force, dictionary, and spoofing attacks each comprised 5% of attacks considered in systematically reviewed studies, while small numbers of studies considered other forms of attack (e.g. modification, insider, pollution, data forgery, DoS, information leakage, and quantum computer), collectively accounting 15%. While this research accomplished its objectives, it was limited by the relatively small number of directly relevant papers, and replication of this research with more extensive studies addressing new research questions concerning privacy and security attributes are recommended, to increase in-depth knowledge of SG security.