MAKA: Multi-Factor Authentication and Key Agreement Scheme for LoRa-Based Smart Grid Communication Services

Abstract

The Smart Grid (SG) is an emerging technology to maintain an actual balance between energy production and usage by offering quite well tracking and regulation over the SG communication technology. However, SG technology becomes more vulnerable to network attacks since its monitoring and controlling are carried out over standard internet-based protocols or on public communication networks. Thus, without the involvement of an authentication mechanism and lack of privacy preservation attackers easily succeed to tamper with the communication channel and send fabricated messages. Hence, authentication has now become a critical security aspect in smart grid technology. There are some authentication mechanisms implemented in the literature to offer a set of security services, namely confidentiality of the credentials, the secrecy of shared session key, and secure mutual authentication. Most of the existing schemes are inefficient and generate high overhead in the networks. Hence, there is a requirement to implement an efficient and secure session key management scheme. The proposed Multi-factor Authentication and Key Agreement (MAKA) scheme for LoRa-based SG communication services provides anonymity and maintains secrecy of the session keys by introducing multi-factor authentication of the end devices. The proposed scheme uses unique device features and generates a fingerprint of the device that will help to maintain user anonymity. The formal security analysis of the proposed MAKA scheme is carried out by Automated Validation of Internet Security Protocols and Application (AVISPA) and ProVerif tools. The results of both show that the proposed MAKA scheme is safe enough to overcome various security attacks. Moreover, the performance is evaluated concerning the existing scheme in the literature and it is recognized that the proposed MAKA scheme generates competitive communication, computation, and storage overheads. In addition, it maintains the device anonymity and meets the security aspect of the SG communication services.