IC card prepayment meter has gradually replaced the traditional electricity meter which is operated and controlled by human resources, due to its convenience, efficiency and security. The electricity of user is automatically controlled by the interactions between the meter and user card. In 2009, State Grid Corporation of China worked out the series of standards for smart electricity meters. Q/GDW 365 is one of these standards which explain the security techniques of information interchanges authentication specification for smart electricity meters. The standard describes the processes of user establishing an account, recharging and using the electricity, user closing an account. We analyse the security of this standard and find that the standard suffers from theft of electricity as the user card may be analysed by side-channel attacks. We give out an improved protocol to this problem, and extensive analysis shows that our protocol can resist the side-channel attacks.
Read full abstract