Multicast authentication in the smart grid with one-time signatures from sigma-protocols

Abstract

Security for multicast communication by mutual (sender and receiver) authentication is a challenging problem in the smart grid given the unique constraints in communication bandwidth, computation time, and computational resources of field devices. Traditional public-key infrastructure based digital signature schemes (such as RSA) cannot be naively adapted for secure communication in the smart-grid because of: (i) increased communication burden (large key sizes which increase communication bandwidth), (ii) increased time for decryption/verification (which increase latency) and (iii) the limited computational capabilities of smart-meters and other field devices. These unique constraints limit the direct application of generic solutions with one-time signature schemes, (OTS), or the Bins and Balls (BiBa) scheme for broadcast authentication, or improvements via HORS (Hash to Obtain Random Subset). While the signature size and verification time are small, the public-key size is large with moderate overhead for signature generation with BiBa. A significant reduction in signing overhead is achieved with HORS which makes it useful for several multicast authentication applications. However, even HORS is not well suited for smart grid applications mainly because it requires large public key sizes. For power-grid communications, the most recent multicast authentication protocol called Tunable Signing and Verification (TSV) [1] reduces the signature size (over HORS) at the expense of increased computations at sender or receiver. Hence the need for better one-time signature schemes that will require fewer resources at the receiver, with modest signature sizes and low sender computations is both urgent and important in the smart-grid environment.