Multicast Authentication in the Smart Grid With One-Time Signature

Abstract

Multicast has been envisioned to be useful in many smart grid applications such as demand-response, wide area protection , in-substation protection and various operation and control. Since the multicast messages are related to critical control, authentication is necessary to prevent message forgery attacks. In this paper, we first identify the requirements of multicast communication and multicast authentication in the smart grid. Based on these requirements, we find that one-time signature based multicast authentication is a promising solution, due to its short authentication delay and low computation cost. However, existing one-time signatures are not designed for the smart grid and they may have high storage and bandwidth overhead. To address this problem, we propose a new one-time signature scheme which can reduce the storage cost by a factor of 8 and reduce the signature size by 40% compared with existing schemes. Thus, our scheme is more appropriate for smart grid applications where the receivers have limited storage (e.g., home appliances and field devices) or where data communication is frequent and short (e.g., phasor data). These gains are at the cost of increased computations in signature generation and/or verification and fortunately our scheme can flexibly allocate the computations between the sender and receiver based on their computing resources. We formulate the computation allocation as a nonlinear integer programming problem to minimize the signing cost under a certain verification cost and propose a heuristic solution to solve it.