Nothing Special   »   [go: up one dir, main page]

CN105245326A - Intelligent power grid safety communication method based on combination cipher - Google Patents

Intelligent power grid safety communication method based on combination cipher Download PDF

Info

Publication number
CN105245326A
CN105245326A CN201510575551.5A CN201510575551A CN105245326A CN 105245326 A CN105245326 A CN 105245326A CN 201510575551 A CN201510575551 A CN 201510575551A CN 105245326 A CN105245326 A CN 105245326A
Authority
CN
China
Prior art keywords
transfer station
mdms
signature
ciphertext
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510575551.5A
Other languages
Chinese (zh)
Other versions
CN105245326B (en
Inventor
李发根
韩亚楠
洪姣姣
郑朝慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201510575551.5A priority Critical patent/CN105245326B/en
Publication of CN105245326A publication Critical patent/CN105245326A/en
Application granted granted Critical
Publication of CN105245326B publication Critical patent/CN105245326B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses an intelligent power grid safety communication method based on a combination cipher. The combination cipher is adopted, one key is used for completing operation such as session key agreement, encryption and signature, and the method adopts an offline/online mode, and as for an intelligent power meter with limited storage space and limited computing power, the needed storage space can be reduced and the computing speed is enhanced. A transfer station is arranged between the intelligent power meter and a power meter data management center (MDMS), and private keys corresponding to the power meter, the transfer station and the MDMS are generated by a key generation center (PKG). A session key is firstly generated between the power meter and the transfer station, and the session key is used for realizing two-way authentication and carrying out communication. Then, a chain transmission mode is adopted, the transfer station acquires data of power meters in a governing range of the transfer station, certain safety operation is carried out, the data are then transmitted to the adjacent next transfer station, and by such analogy, the data finally reach the MDMS.

Description

Smart power grid safety communication method based on combined password
Technical Field
The invention belongs to the technical field of confidential communication, and particularly relates to a safe communication method between an intelligent ammeter and an MDMS in an intelligent power grid.
Background
As a product of a new era, the smart power grid can completely replace the current power grid architecture in the future, and provide more reliable, safer and more convenient service for human life. The intelligent power grid has the advantages that bidirectional communication between the user and the power company is achieved, so that the energy demand of the user can be more objectively predicted, and waste caused by excessive power production is avoided. Meanwhile, with the increase and integration of communication, network bugs in the smart grid also come into effect, for example, if the power utilization information of a user is intercepted by an illegal user, an attacker can guess the living habits of the user according to the information, and therefore intelligent stealing and intelligent tracking are achieved. One of the goals of smart grids is to provide their energy consumption information to consumers in near real time, such as the consumers being able to get their energy consumption every hour, so that they can change their consumption habits in order to cut down their power bill, which is only visible to the present consumers a month. However, an attacker can monitor and access the private information, and the life habits of the user can be inferred through the electricity utilization information of the user, so that intelligent stealing and tracking are realized. In addition, the smart grid also needs to have integrity and authentication to avoid the threat to the smart grid caused by malicious users tampering communication messages and disorderly sending messages. Therefore, in order to protect the confidentiality, integrity and authentication of information, the application of cryptography in the smart grid becomes a hot point of research.
Conventional cryptosystems require different cryptographic algorithms to use different key pairs, for example, one key pair is used for encryption and another key pair is used for signature. In practical applications, however, it is desirable to implement the encryption scheme and the signature scheme using the same key pair in different cryptosystems to adapt to the system environment with limited storage resources and computing power, i.e., the emergence of the combined public key cryptosystem. The cryptosystem breaks through the traditional key division principle, one key pair is used for different cryptosystems, such as an encryption system and a signature system, and the independent safety of the two cryptosystems is ensured. The combined public key cryptosystem is not a simple combination of the cryptosystem and the signature system. The combined public key cryptosystem can effectively reduce the time required for storing the key, storing the public key certificate and verifying the public key certificate, so the cryptosystem has wide application in the environment with limited storage resources and computing resources. However, the security problem of the cryptosystem caused by the method is not negligible. For example, the widely used RSA scheme, if only one key pair is used to implement encryption and signature, the otherwise secure encryption and signature schemes are no longer secure. In other words, independently secure cryptosystem architectures compromise their intrinsic security once the same or related key pair is used.
The integrity and confidentiality of information and the mutual authentication of users are key problems of the smart grid. Integrity and authentication can be guaranteed by digital signatures, and confidentiality is mainly achieved by encryption mechanisms. The smart grid can be roughly divided into three layers: control center, power distribution station, intelligent electrical apparatus. The power distribution station and the intelligent electric appliance communicate through a network by taking the intelligent electric meter as a medium, then the power distribution station forwards the power consumption demand information of the intelligent electric appliance to the control center, and finally the control center carries out intelligent power distribution according to the power consumption demand of a user. The supervisory control and data acquisition system can protect secure communications between the control center and the distribution substation, but communications between the distribution substation and the smart appliances are susceptible to security attacks, such as message forgery, tampering, and eavesdropping. Therefore, the main goal of the current law is to address the safety issues between the distribution substation and the intelligent appliances. This security problem is circumvented, for example, by using tamper-resistant devices, but only the substation can authenticate the smart appliance and no key agreement can be achieved. And a lightweight message authentication protocol based on the computational Diffie-Hellman problem, thereby realizing bidirectional authentication and realizing key agreement through Diffie-Hellman. In order to further enhance the security, based on a mutual authentication and key establishment mechanism, the data collection center and the smart device can perform mutual authentication through a public key certificate of the data collection center and a long-term key shared in advance, but the technical problem of how to distribute the shared long-term key makes the scheme not widely popularized. In addition, a protocol which uses a public key certificate, zero knowledge authentication and access control technology to realize a multi-factor authentication system, an authentication protocol based on an elliptic curve and the like, and a symmetric cryptosystem to realize bidirectional authentication and confidentiality simultaneously appears, but the protocol needs a large number of key negotiation processes, and multiple times of authentication are needed before communication.
Disclosure of Invention
The invention aims to: aiming at the safety problem of communication in the smart grid, a method for protecting power consumption information of the smart grid based on a combined password is provided, so that safe and reliable communication between the smart meter and the MDMS can be realized.
A smart grid secure communication method based on a combined password comprises the following steps:
step 1: setting n (n is more than 1) transfer stations, wherein each transfer station corresponds to more than one intelligent electric meter; only one transfer station in the n transfer stations is directly communicated with an electric meter data management center MDMS, and the n transfer stations are in chain communication;
step 2: each entity (including an intelligent electric meter, a transfer station and an MDMS) generates a corresponding public key according to the identity ID of the entity and sends the public key to a key generation center PKG, and the PKG generates a private key based on the public key sent by each entity and sends the private key to the corresponding entity through a secure channel;
and step 3: and (3) carrying out safe communication between the intelligent electric meter and the MDMS through hop-by-hop link transmission:
step 3-1: generating a session key of the intelligent ammeter and the corresponding transfer station: the method comprises the steps that an intelligent electric meter encrypts a first preset key negotiation message (generally, information such as an identity identifier, a key negotiation parameter w and a timestamp TM1 of the intelligent electric meter and a corresponding transfer station can be set) based on a public key of the corresponding transfer station and sends a ciphertext to the corresponding transfer station, the transfer station encrypts a second preset key negotiation message based on the public key of the intelligent electric meter after decryption and sends the second preset key negotiation message to the intelligent electric meter, wherein the second preset key negotiation message comprises the first preset key negotiation message and generally can be set as the identity identifier, the key negotiation parameter w and v, the timestamp TM1, TM2 and the like of the intelligent electric meter and the corresponding transfer station; obtaining a session key of the smart meter and the corresponding transfer station based on the second preset key negotiation message, for example, performing secure key negotiation based on a combined public key password of an identity identifier of an entity (the smart meter and the transfer station) and a Diffie-Hellman protocol to generate a corresponding session key;
step 3-2: the intelligent electric meter encrypts electric meter data based on the session key and sends the electric meter data to a corresponding transfer station, the transfer station verifies based on the session key, and if the verification is successful, the step 3-3 is executed;
step 3-3: encrypting the received electric meter data based on a public key of the MDMS to obtain a local ciphertext;
judging whether the current transfer station is the transfer station with the largest communication hop count with the MDMS (judging through identifiers of the transfer stations, for example, sequentially numbering all the transfer stations, directly communicating the transfer station with the largest number with the MDMS, and judging the transfer station with the smallest number with the largest communication hop count with the MDMS, or judging based on whether signatures and/or transfer station ciphertexts sent by other transfer stations exist on the current transfer station), if not, the transfer station cipher text of the current transfer station is a local cipher text; if the verification is passed, the transfer station cryptograph of the current transfer station is a local cryptograph and a received transfer station cryptograph; signing the transfer station ciphertext based on a private key of the current transfer station, and sending the signature and the transfer station ciphertext to a next-hop transfer station;
step 3-4: repeating the step 3-3 until the corresponding signature and the transfer station ciphertext are sent to the MDMS; the MDMS verifies the received signature and the transit station ciphertext based on the public key of the transit station in direct communication with the MDMS, and if the signature and the transit station ciphertext pass the verification, the MDMS decrypts the local ciphertext of each transit station based on the private key of the MDMS to recover the electric meter data of each intelligent electric meter.
Based on the steps, the invention adopts a combined public key cryptosystem, and can effectively reduce the number of the secret keys saved by the user. Compared with the combined password based on PKI, the user does not need to verify the validity of the public key certificate, and meanwhile, the expenses caused by storing and maintaining the certificate are reduced. Compared with symmetric cryptography, identity-based cryptography is adopted, which can avoid a large number of key negotiations.
Further, the invention can also set up the safe communication between the MDMS and the smart meter to realize the two-way safe communication between the smart meter and the MDMS, that is, the invention also includes step 4: and (3) carrying out safe communication between the MDMS and the intelligent electric meter by hop-by-hop link transmission: the MDMS encrypts the control messages respectively based on the public keys of the transfer stations to obtain corresponding control ciphertexts, signs the control ciphertexts respectively based on the private keys of the MDMS and sends the control ciphertexts together with the control ciphertexts to the transfer stations in direct communication with the MDMS; the current relay station stores the signature and the control ciphertext corresponding to the home terminal, and sends the signature and the control ciphertext which do not correspond to the home terminal to a previous-hop (the transmission direction from the MDMS to the intelligent ammeter) relay station until the maximum communication hop count with the MDMS is reached in the n relay stations; and verifying the signature corresponding to the terminal based on the public key of the MDMS by each transfer station, decrypting the control ciphertext based on the private key of the terminal to recover the control message if the signature passes the verification, and finally sending the control to each corresponding intelligent electric meter based on the session key of the intelligent electric meter.
In order to further adapt to the working environment with limited computing capacity of each entity in the smart grid and improve the system processing speed so as to ensure the real-time performance of the smart grid, in the step 3 of the invention, when encryption and signature are processed, a set server can perform the corresponding encryption and signature computing process offline, and the computing result is sent to the corresponding entity (such as a smart meter and a transfer station) so as to compute the corresponding encryption and signature results online.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
(1) the combined public key cryptosystem is used in the smart grid, so that the authentication and confidentiality of the smart grid communication are ensured, and the number of the storage keys in the smart grid is effectively reduced.
(2) The offline/online cryptosystem is used for combination, so that the processing speed of the communication process is increased, and the real-time performance of the intelligent power grid is ensured.
Drawings
FIG. 1 is a network topology diagram of an embodiment;
fig. 2 is a schematic diagram of a secure communication process of an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings.
Example 1
Referring to fig. 1, n transfer stations are provided, each transfer station is identified by j, and each transfer station is respectively used for a plurality of intelligent electric meters (Meter 1, Meter and the like in fig. 1); only one of the n transfer stations is in direct communication with the MDMS (transfer station n shown in the figure), and the n transfer stations are in chain communication.
Setting system parameters by the PKG so as to generate a key pair and a key negotiation process based on the identity environment of each entity in the smart grid:
(1) and setting system parameters to generate a required key pair.
Given a cyclic addition group G1The order being prime q, G2Are circular multiplications of the same order. P is a group G1One generator of, e: g1×G1→G2Is a bilinear map. Defining four secure hash functions H3:{0,1}*→{0,1}MWhere M represents the length of the plaintext,a multiplicative cyclic group (elements in the group do not include 0) representing modulo q. PKG random selectionAs master key, calculate PpubPKG discloses system parameters (G), sP, e (P, P)1,G2,P,Ppub,g,e,H1,H2,H3,H4) And saves the master key s.
Each entity (smart meter, transfer station and MDMS) in the smart grid sends own identity information ID ∈ {0,1}*Sending the system parameters to a PKG (public Key pair) (Q) which generates a public and private key pair (Q) for each entity in the smart grid according to the generated system parameters and a master key sID,SID) Wherein the private key SID=(QID+s)-1P, public key QID=H1(ID), and finally, the PKG sends the private key to the corresponding entity through the secure channel.
(2) Key agreement procedure
Referring to fig. 2, before the smart meter and the MDMS communicate with each other, key agreement is performed between the smart meter and the relay station to generate a shared session key. Intelligent ammeter i random selection key negotiation parameterAnd calculates wP, and then uses the public key Q of the transfer station jjFor the key agreement message (i | | j | | wP | | | TM)1) Encrypt and send the ciphertext to the staging wars j. Wherein i and j represent the identity information of the intelligent electric meter i and the transfer station j respectively, TM1A time stamp is represented. The transfer war j uses its own private key Si(i.e., S)i=SID=(QID+s)-1P) carries out decryption to recover wP, and then randomly selects key negotiation parametersAnd calculates vP, and then uses the public key Q of the smart meter ii(i.e., Q)i=QID=H1(ID)) to a key agreement message (i j w vP TM)1||TM2) Encrypt and send the ciphertext to the smart meteri,TM2A time stamp is represented. Smart meter i uses its own private key SiDecrypting the recovered message ensures that the transfer station j performs key agreement with the wP. Finally, the intelligent electric meter i can generate a session key K according to the values of w and vPi,jW (vp), and a simultaneous transfer j may generate a session key K based on the values of v and wPi,jV (wp). In order for the transfer station j to ensure that it is the smart meter i that communicates with, the smart meter i may use the shared session key Ki,jEncrypted and sent to the transfer station j. This ensures mutual authentication.
(3) Intelligent electric meter reading transmission process
The intelligent electric meter i uses the electric meter data m (user electricity consumption information) and the session key K generated in the processi,jGenerating a message authentication codeE represents a symmetric encryption algorithm, subscripts are used for identifying the intelligent electric meter i, the transfer station j and the corresponding session key Ki,jThen (m | | c) is sent to the relay warfare j, which is calculated using the shared session keyIf c', the verification is successful, otherwise, the meter data sent by the intelligent meter is discarded. The method comprises the following steps that in the transfer war j, all electric meter data which are successfully verified are encrypted firstly and then signed, and the method specifically comprises the following steps: firstly, the security server calculates the off-line cryptograph and randomly selectsCalculate Uj=uP,Rj=gx,βj=H3(R),T1j=a-1xP,T2jX (b + s) P, and then the offline ciphertext phi is (U, x, a, b, U)j,Rj,T1j,T2jj) Sending the information to a transfer station j, wherein the transfer station j utilizes a public key Q of MDMSMDComputing an online ciphertext t1j=a(QMD-b)modq,t2j=H2(m,Rj,Uj,T1j,T2j,t1j)x+umodq,cj=βj⊕ m. local ciphertext of transfer station j is σj=(Uj,T1j,T2j,t1j,t2j,cj). If the transfer station identifier j is equal to 1, directly taking the local ciphertext as the cipher text of the transfer station; otherwise, the transfer station j uses the public key of the transfer station j-1 to send the message (h)j-1j-1,S'j-1) And (σ)1||σ2||…||σj-1) And verifying, executing signature processing if the verification is successful, and discarding the signature processing if the verification is not successful. The method comprises the following specific steps: the transfer station j calculates Sj-1=θS'j-1If h isj-1=H41||σ2||…||σj-1,rj-1,S'j-1) Then accept the signature (h)j-1j-1,S'j-1) And uniformly signing the local ciphertext of the previous j transfer battles, namely taking the local ciphertext of the 1 st to the j th transfer stations as the ciphertext of the transfer station j, and then signing the ciphertext of the current transfer station: firstly, the security server calculates an off-line signature, randomly selects a parameter l,calculating rj=gl,S'j=αSKjThen off-line signature (l, α)-1,rj,S'j) Sending the signature to a transfer station j, and calculating an online signature h by the transfer station jj=H41||σ2||…||σj,rj,S'j),θj=(x+h)α-1mod q, then sign (h)jj,S'j) And ciphertext (sigma)1||σ2||…||σj) To the transfer station j + 1. Subsequent transfer stations then perform similar operations until the last transfer station n in the link transfers the data to the MDMS.
MDMS, verifying and decrypting the received data, and specifically comprising the following steps: MDMS firstly utilizes the public key Q of the nth transfer stationnPair signature (h)nn,S'n) Performing verification and calculating Sn=θnS'nIf h isn=H41||σ2||…||σn,rn,S'n) Then, the ciphertext (σ) is accepted1||σ2||…||σn) And use its own private key SKMDAnd respectively decrypting each ciphertext. At σj=(Uj,T1j,T2j,t1j,t2j,cj) For example, MDMS calculates R ═ e (T)2j+t1jT1j,SKMD),mj=cj⊕H3(R),H=H2(mj,R,Uj,T1j,T2j,t1j) If R is satisfiedH=e(t2P-U, P), then the message m is acceptedjWherein m isjAnd the electric meter data which are sent by each intelligent electric meter corresponding to the transfer station j are shown.
(4) Control information transmission process
The MDMS transmits a control message to the smart meter is a reverse process of the above process. The MDMS firstly encrypts control messages by using public keys of the transfer stations respectively, signs ciphertexts by using own private keys respectively and then transmits the ciphertexts to the transfer station n, the transfer station n firstly transmits the ciphertexts and the signatures of the previous n-1 transfer stations to the previous transfer station n-1 in a hop-by-hop link transmission mode, the transfer station n-1 similarly transmits the ciphertexts and the signatures of the previous n-2 transfer stations to the previous transfer station, and the like until the first transfer station in the link. After receiving the ciphertext and the signature, each transfer station firstly verifies the signature by using the public key of the MDMS and decrypts the signature by using the private key of the transfer station, and finally forwards the control message to each electric meter by using the session key shared with the intelligent electric meter.
While the invention has been described with reference to specific embodiments, any feature disclosed in this specification may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise; all of the disclosed features, or all of the method or process steps, may be combined in any combination, except mutually exclusive features and/or steps.

Claims (7)

1. A smart grid secure communication method based on a combined password is characterized by comprising the following steps:
step 1: setting n transfer stations, wherein each transfer station corresponds to more than one intelligent electric meter; only one transfer station in the n transfer stations is directly communicated with an electric meter data management center MDMS, chain communication is adopted among the n transfer stations, and n is larger than 1;
step 2: each entity generates a corresponding public key according to the identity ID of the entity and sends the public key to a key generation center PKG, the PKG generates a private key based on the public key sent by each entity and sends the private key to the corresponding entity through a secure channel, and the entities comprise an intelligent electric meter, a transfer station and an MDMS;
and step 3: and (3) carrying out safe communication between the intelligent electric meter and the MDMS through hop-by-hop link transmission:
step 3-1: generating a session key of the intelligent ammeter and the corresponding transfer station: the intelligent electric meter encrypts a first preset key negotiation message based on a public key of a corresponding transfer station and sends a ciphertext to the corresponding transfer station, the transfer station encrypts a second preset key negotiation message based on the public key of the intelligent electric meter after decryption and sends the second preset key negotiation message to the intelligent electric meter, and the second preset key negotiation message comprises the first preset key negotiation message; obtaining the intelligent ammeter and a session key corresponding to the transfer station based on the second preset key negotiation message;
step 3-2: the intelligent electric meter encrypts electric meter data based on the session key and sends the electric meter data to a corresponding transfer station, the transfer station verifies based on the session key, and if the verification is successful, the step 3-3 is executed;
step 3-3: encrypting the received electric meter data based on a public key of the MDMS to obtain a local ciphertext;
judging whether the current transfer station is the transfer station with the largest communication hop number with the MDMS, if not, the cipher text of the current transfer station is the local cipher text; if yes, verifying the signature and the transfer station ciphertext sent by the previous transfer station based on the public key of the previous transfer station, and if the verification is passed, determining the transfer station ciphertext of the current transfer station to be a local ciphertext and a received transfer station ciphertext;
signing the transfer station ciphertext based on a private key of the current transfer station, and sending the signature and the transfer station ciphertext to a next-hop transfer station;
step 3-4: repeating the step 3-3 until the corresponding signature and the transfer station ciphertext are sent to the MDMS; the MDMS verifies the received signature and the transit station ciphertext based on the public key of the transit station in direct communication with the MDMS, and if the signature and the transit station ciphertext pass the verification, the MDMS decrypts the local ciphertext of each transit station based on the private key of the MDMS to recover the electric meter data of each intelligent electric meter.
2. The method of claim 1, further comprising step 4: and (3) carrying out safe communication between the MDMS and the intelligent electric meter by hop-by-hop link transmission:
the MDMS encrypts the control messages respectively based on the public keys of the transfer stations to obtain corresponding control ciphertexts, signs the control ciphertexts respectively based on the private keys of the MDMS and sends the control ciphertexts together with the control ciphertexts to the transfer stations in direct communication with the MDMS;
the current transfer station stores the signature and the control ciphertext corresponding to the local terminal, and sends the signature and the control ciphertext which do not correspond to the local terminal to the transfer station with the last hop until the transfer station with the largest communication hop count with the MDMS in the n transfer stations;
and verifying the signature corresponding to the terminal based on the public key of the MDMS by each transfer station, decrypting the control ciphertext based on the private key of the terminal to recover the control message if the signature passes the verification, and finally sending the control to each corresponding intelligent electric meter based on the session key of the intelligent electric meter.
3. The method according to claim 1 or 2, wherein in step 3-1, the first pre-defined key agreement message comprises the identity identifiers of the smart meters and the corresponding transit stations, the key agreement parameter w and the timestamp TM1The second preset key negotiation message includes the identity identifier of the smart meter and the corresponding transfer station, the key negotiation parameters w and v, and the timestamp TM1、TM2
4. The method according to claim 1 or 2, wherein in step 3, when processing encryption and signature, the server is configured to perform the calculation process of corresponding encryption and signature offline, and send the calculation result to the corresponding entity to calculate the corresponding encryption and signature result online.
5. The method of claim 4, wherein the specific processes of offline encryption, online encryption, decryption, offline signature, online signature and authentication involved in each entity are:
off-line encryption, server randomly selects parametersNumber ofAnd calculating U ═ uP, R ═ gx,β=H3(R),T1=a-1xP,T2X (b + s) P, and the offline ciphertext Φ (U, x, a, b, U, R, T)1,T2β) to the sender of the corresponding ciphertext;
on-line encryption, given (m, ID, phi), the sender calculates t1=a(H1(ID)-b)modq,t2=H2(m,R,U,T1,T2,t1)x+umodq,And then the generated ciphertext sigma is equal to (U, T)1,T2,t1,t2C) sending to a decryption end;
and (3) decryption: given (σ, ID, SID) Receiving end receiving corresponding cipher text calculates R ═ e (T)2+t1T1,SID),H=H2(m,R,U,T1,T2,t1) If R isH=e(t2P-U, P), outputting m, otherwise rejecting;
off-line signature: the server randomly selects the parameter/and,and calculating r ═ gl,S’=αSIDThen off-line ciphertext (l, α)-1R, S') to the sender of the corresponding signature;
and (3) online signing: given (ID, H is calculated by the sending end4(m,r,S’),θ=(l+h)α-1modq, generating a signature σ ═ h, θ, S', and sending to a corresponding receiving end;
and (3) authentication: given (m, ID, σ), the receiving end calculates S ═ θ S ', r ═ e (S, H), and the receiving end calculates S ═ θ S', r ═ e (S, H)1(ID)P+Ppub)g-hIf H is H4(m, r, S') receiver acceptanceSigning, otherwise, rejecting;
wherein,denotes a multiplication cyclic group modulo q, P denotes an addition cyclic group G of order q1G ═ e (P, P), where the bilinear map e is: g1×G1→G2,G2Representing q-factorial cyclic groups, hash functionsHash functionHash function H3:{0,1}*→{0,1}MHash functionWherein M is a preset plaintext length, S represents a system master key, M represents electric meter data of the intelligent electric meter, ID represents an identity identifier of a corresponding entity, and SIDRepresenting the private key of the corresponding entity.
6. The method according to claim 5, wherein in step 3-3, the specific process of obtaining the local ciphertext is as follows:
computing an offline ciphertext phi by a secure serverj=(u,x,a,b,Uj,Rj,T1j,T2jj) And sent to a transfer station j, where j represents the current transfer station identifier, Uj=uP,Rj=gx,βj=H3(R),T1j=a-1xP,T2j=x(b+s)P;
Public key Q of transfer station j based on MDMSMDComputing an online ciphertext t1j=a(QMD-b)modq,t2j=H2(m,Rj,Uj,T1j,T2j,t1j)x+umodq,Thereby obtaining a local ciphertext: sigmaj=(Uj,T1j,T2j,t1j,t2j,cj);
The transfer station j uses the public key of the transfer station j-1 to sign (h) sent by the transfer station jj-1j-1,S'j-1) And the cryptogram (sigma) of the transfer station1||σ2||…||σj-1) And (4) carrying out verification: calculating Sj-1=θS'j-1If hj-1=H41||σ2||…||σj-1,rj-1,S'j-1) If yes, the verification is passed;
the cipher text of the transfer station j is (sigma)1||σ2||…||σj) And signature processing is carried out on the data: the off-line signature is computed by the security server, the parameter/is randomly selected,calculating rj=gl,S'j=αSKjThen off-line signature (l, α)-1,rj,S'j) Sending the signature to a transfer station j, and calculating an online signature h by the transfer station jj=H41||σ2||…||σj,rj,S'j),θj=(l+h)α-1mod q, then sign (h)jj,S'j) And the cryptogram (sigma) of the transfer station1||σ2||…||σj) Sending the information to a transfer station j + 1;
in step 3-4, the MDMS verifies and decrypts the received signature and the transfer station ciphertext, and the specific steps are as follows: MDMS is based on public key Q of transfer station n in direct communication with MDMSnPair signature (h)nn,S'n) Performing verification and calculating Sn=θnS'nIf hn=H41||σ2||…||σn,rn,S'n) Based on private key SK of MDMSMDAnd respectively decrypting each local ciphertext.
7. The method of claim 6, wherein the specific step of the MDMS transmitting the control message to the smart meter in step 4 is the reverse of the process of claim 6 with respect to steps 3-3 and 3-4.
CN201510575551.5A 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin Expired - Fee Related CN105245326B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510575551.5A CN105245326B (en) 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510575551.5A CN105245326B (en) 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin

Publications (2)

Publication Number Publication Date
CN105245326A true CN105245326A (en) 2016-01-13
CN105245326B CN105245326B (en) 2018-11-13

Family

ID=55042839

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510575551.5A Expired - Fee Related CN105245326B (en) 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin

Country Status (1)

Country Link
CN (1) CN105245326B (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105871837A (en) * 2016-03-30 2016-08-17 安徽工程大学 Data transmission system applied to smart power grid
CN105897416A (en) * 2016-06-29 2016-08-24 邓月霞 Forward end-to-end safe instant communication method based on identity-based password system
CN108494555A (en) * 2018-02-27 2018-09-04 深圳市海司恩科技有限公司 Information encryption and decryption method and information encryption, decryption device
CN109272384A (en) * 2018-09-11 2019-01-25 重庆邮电大学 A kind of distributed intelligence ammeter sale of electricity method and system
CN110034928A (en) * 2019-03-29 2019-07-19 国网山东省电力公司梁山县供电公司 Energy measurement information transmitting device and method
CN110110537A (en) * 2019-05-08 2019-08-09 西安电子科技大学 The polymerization of multidimensional data encryption and decryption in smart grid
CN110460570A (en) * 2019-07-03 2019-11-15 湖南匡安网络技术有限公司 A kind of smart grid data ciphering method and decryption method with forward security
CN112231770A (en) * 2020-11-03 2021-01-15 上海第二工业大学 Smart power grid data transmission method
CN112511490A (en) * 2020-10-29 2021-03-16 苏州达塔库自动化科技有限公司 Smart power grid safety communication method based on combined password
CN112671927A (en) * 2020-12-31 2021-04-16 广州技象科技有限公司 Service data transmission method and device based on electric power Internet of things system change
CN112804118A (en) * 2020-12-31 2021-05-14 广州技象科技有限公司 Data transmission method and device based on data jump transmission link of intelligent electric meter
CN113094731A (en) * 2021-04-15 2021-07-09 西南大学 Block chain privacy protection method based on different distribution recombination scheme
CN113556355A (en) * 2021-07-30 2021-10-26 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network
CN117118744A (en) * 2023-10-19 2023-11-24 三未信安科技股份有限公司 Message encryption packaging and joint authentication method and system based on identification password

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120233461A1 (en) * 2011-03-07 2012-09-13 Kabushiki Kaisha Toshiba Data transmitting apparatus and data authenticating method
CN102859945A (en) * 2010-04-30 2013-01-02 株式会社东芝 Key management device, system and method having a rekey mechanism
CN104363219A (en) * 2014-11-06 2015-02-18 江苏林洋电子股份有限公司 Three-party secret key management method based on IEC62056 data transmission safety standard

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102859945A (en) * 2010-04-30 2013-01-02 株式会社东芝 Key management device, system and method having a rekey mechanism
US20120233461A1 (en) * 2011-03-07 2012-09-13 Kabushiki Kaisha Toshiba Data transmitting apparatus and data authenticating method
CN104363219A (en) * 2014-11-06 2015-02-18 江苏林洋电子股份有限公司 Three-party secret key management method based on IEC62056 data transmission safety standard

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
YE YAN,ET AL.: "An Efficient Security Protocol for Advanced Metering Infrastructure in Smart Grid", 《IEEE NETWORK》 *
王先博: "基于身份的组合公钥认证体制的研究与设计", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105871837A (en) * 2016-03-30 2016-08-17 安徽工程大学 Data transmission system applied to smart power grid
CN105897416A (en) * 2016-06-29 2016-08-24 邓月霞 Forward end-to-end safe instant communication method based on identity-based password system
CN105897416B (en) * 2016-06-29 2019-03-05 邓月霞 A kind of end-to-end security instant communication method of forward direction based on id password system
CN108494555B (en) * 2018-02-27 2024-05-24 洪贵顺 Information encryption and decryption method and information encryption and decryption equipment
CN108494555A (en) * 2018-02-27 2018-09-04 深圳市海司恩科技有限公司 Information encryption and decryption method and information encryption, decryption device
CN109272384A (en) * 2018-09-11 2019-01-25 重庆邮电大学 A kind of distributed intelligence ammeter sale of electricity method and system
CN109272384B (en) * 2018-09-11 2022-01-28 重庆邮电大学 Distributed intelligent electric meter electricity selling method and system
CN110034928A (en) * 2019-03-29 2019-07-19 国网山东省电力公司梁山县供电公司 Energy measurement information transmitting device and method
CN110034928B (en) * 2019-03-29 2021-11-02 国网山东省电力公司梁山县供电公司 Electric energy metering information transmission device and method
CN110110537A (en) * 2019-05-08 2019-08-09 西安电子科技大学 The polymerization of multidimensional data encryption and decryption in smart grid
CN110110537B (en) * 2019-05-08 2022-12-27 西安电子科技大学 Aggregation method for encrypting and decrypting multidimensional data in smart power grid
CN110460570B (en) * 2019-07-03 2021-07-23 湖南匡安网络技术有限公司 Smart power grid data encryption method and decryption method with forward security
CN110460570A (en) * 2019-07-03 2019-11-15 湖南匡安网络技术有限公司 A kind of smart grid data ciphering method and decryption method with forward security
CN112511490A (en) * 2020-10-29 2021-03-16 苏州达塔库自动化科技有限公司 Smart power grid safety communication method based on combined password
CN112231770A (en) * 2020-11-03 2021-01-15 上海第二工业大学 Smart power grid data transmission method
CN112804118B (en) * 2020-12-31 2023-01-31 广州技象科技有限公司 Data transmission method and device based on intelligent ammeter data jump transmission link
CN112804118A (en) * 2020-12-31 2021-05-14 广州技象科技有限公司 Data transmission method and device based on data jump transmission link of intelligent electric meter
CN112671927A (en) * 2020-12-31 2021-04-16 广州技象科技有限公司 Service data transmission method and device based on electric power Internet of things system change
CN113094731A (en) * 2021-04-15 2021-07-09 西南大学 Block chain privacy protection method based on different distribution recombination scheme
CN113094731B (en) * 2021-04-15 2023-04-07 西南大学 Block chain privacy protection method based on different distribution recombination scheme
CN113556355A (en) * 2021-07-30 2021-10-26 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network
CN113556355B (en) * 2021-07-30 2023-04-28 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network
CN117118744A (en) * 2023-10-19 2023-11-24 三未信安科技股份有限公司 Message encryption packaging and joint authentication method and system based on identification password
CN117118744B (en) * 2023-10-19 2024-01-26 三未信安科技股份有限公司 Message encryption packaging and joint authentication method and system based on identification password

Also Published As

Publication number Publication date
CN105245326B (en) 2018-11-13

Similar Documents

Publication Publication Date Title
CN105245326B (en) A kind of smart grid security communication means based on combination pin
CN109584978B (en) Information processing method and system based on signature aggregation medical health monitoring network model
CN107947913B (en) Anonymous authentication method and system based on identity
CN102685114B (en) Metering data transmission system based on identity encryption and data transmission method
US11870891B2 (en) Certificateless public key encryption using pairings
CN110120939B (en) Encryption method and system capable of repudiation authentication based on heterogeneous system
CN104767612B (en) It is a kind of from the label decryption method without certificate environment to PKIX environment
CN107483209B (en) Secure signcryption method based on heterogeneous system
CN103618610A (en) Information safety algorithm based on energy information gateway in smart power grid
CN105163309B (en) A method of the wireless sensor network security communication based on combination pin
CN104393996B (en) A kind of label decryption method and system based on no certificate
CN110113150B (en) Encryption method and system based on non-certificate environment and capable of repudiation authentication
CN102387152A (en) Preset-key-based symmetric encryption communication method
CN104767611B (en) It is a kind of from PKIX environment to the label decryption method without certificate environment
KR101516114B1 (en) Certificate-based proxy re-encryption method and its system
CN110519226B (en) Quantum communication server secret communication method and system based on asymmetric key pool and implicit certificate
US20220038267A1 (en) Methods and devices for secured identity-based encryption systems with two trusted centers
CN113676448B (en) Offline equipment bidirectional authentication method and system based on symmetric key
CN115473623A (en) Method for safely aggregating multidimensional user data in smart power grid
CN108055134B (en) Collaborative computing method and system for elliptic curve point multiplication and pairing operation
CN114070549B (en) Key generation method, device, equipment and storage medium
CN114285580B (en) Online and offline signcryption method from certificate-free to public key infrastructure
CN111092720A (en) Certificate-based encryption method capable of resisting leakage of master key and decryption key
CN114070570B (en) Safe communication method of electric power Internet of things
CN114422114B (en) Time-controlled encryption method and system based on multi-time server

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20181113

CF01 Termination of patent right due to non-payment of annual fee