CN105245326A - Intelligent power grid safety communication method based on combination cipher - Google Patents

Intelligent power grid safety communication method based on combination cipher Download PDF

Info

Publication number
CN105245326A
CN105245326A CN201510575551.5A CN201510575551A CN105245326A CN 105245326 A CN105245326 A CN 105245326A CN 201510575551 A CN201510575551 A CN 201510575551A CN 105245326 A CN105245326 A CN 105245326A
Authority
CN
China
Prior art keywords
terminal
ciphertext
signature
mdms
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510575551.5A
Other languages
Chinese (zh)
Other versions
CN105245326B (en
Inventor
李发根
韩亚楠
洪姣姣
郑朝慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201510575551.5A priority Critical patent/CN105245326B/en
Publication of CN105245326A publication Critical patent/CN105245326A/en
Application granted granted Critical
Publication of CN105245326B publication Critical patent/CN105245326B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses an intelligent power grid safety communication method based on a combination cipher. The combination cipher is adopted, one key is used for completing operation such as session key agreement, encryption and signature, and the method adopts an offline/online mode, and as for an intelligent power meter with limited storage space and limited computing power, the needed storage space can be reduced and the computing speed is enhanced. A transfer station is arranged between the intelligent power meter and a power meter data management center (MDMS), and private keys corresponding to the power meter, the transfer station and the MDMS are generated by a key generation center (PKG). A session key is firstly generated between the power meter and the transfer station, and the session key is used for realizing two-way authentication and carrying out communication. Then, a chain transmission mode is adopted, the transfer station acquires data of power meters in a governing range of the transfer station, certain safety operation is carried out, the data are then transmitted to the adjacent next transfer station, and by such analogy, the data finally reach the MDMS.

Description

A kind of smart grid security communication means based on combination pin
Technical field
The invention belongs to private communication technology field, be specifically related to the safety communicating method in intelligent grid between intelligent electric meter and MDMS.
Background technology
Intelligent grid is as the product of New Times, and future will replace current power grid architecture, completely for human lives provides more reliable, safer, more convenient service.One large characteristic of intelligent grid is exactly the two-way communication achieving user and Utilities Electric Co., therefore, it is possible to more objectively predict the energy demand of user, avoids the waste of producing excessive electric power and causing.Meanwhile, along with increase and the integration of communication, the network hole in intelligent grid also arises at the historic moment, such as, if the power information of user is eavesdropped by disabled user, assailant just according to the habits and customs of these information conjecture user, thus can realize intelligence and steals and intelligent-tracking.One of target of intelligent grid is exactly close to the real-time energy-consuming information providing them to consumer, such as consumer can obtain their energy-consuming situation for each hour, thus enable them to change consumption habit, just and present consumer can see these consumption information in one month to cut down electric power bill.But this just makes assailant can monitor these private informations of access, is inferred the habits and customs of user by the power information of user, thus realize intelligence and steal and follow the tracks of.In addition, intelligent grid also needs to possess integrality and authentication property, avoids malicious user to distort communication information and distributes message arbituarily thus threaten to intelligent grid.Therefore in order to the confidentiality of protection information, integrality and authentication property, the application of cryptography in intelligent grid becomes the focus of research.
Traditional cryptographic system requires that different cryptographic algorithms uses different double secret key, and such as use a double secret key during encryption, signature will use another double secret key.But in the application of reality, people wish can to use in different cryptographic systems identical double secret key to realizing encryption system and signature system to be suitable for storage resources and the limited system environments of computing capability, i.e. the appearance of Conbined public or double key cryptographic system.This cryptographic system has broken traditional Secret splitting principle, a double secret key is used for different cryptographic systems, such as encryption system and signature system, and the Independent Safety ensureing these two kinds of cryptographic systems.Therefore Conbined public or double key cryptographic system is not simply encryption system and signature system are combined.Use Conbined public or double key cryptographic system effectively can reduce the storage of key, the storage of public key certificate, and the time required for public key certificate checking, so this cryptographic system has a wide range of applications in storage resources and the limited environment of computational resource.But make the safety problem brought to cryptographic system in this way be very important.Such as widely used RSA system, realizes encryption and signature iff use double secret key, then the encryption of original safety and signature system all no longer safe.In other words, the cryptographic system structure of individual secure, once use identical or relevant double secret key, can damage the fail safe that it is original.
The two-way authentication of the integrality of information, confidentiality and user is the key issue of intelligent grid.Integrality and authentication property can be ensured by digital signature, and confidentiality then realizes mainly through encryption mechanism.Intelligent grid roughly can be divided into three layers: control centre, power distribution station, intelligent electric appliance.Power distribution station and intelligent electric appliance are that medium is communicated by network with intelligent electric meter, and then the need for electricity information of intelligent electric appliance is transmitted to control centre by power distribution station, and last control centre carries out intelligent power distribution according to the need for electricity of user.Monitoring and Controlling and data acquisition system can secure communications between protecting control center and power distribution station, but the communication between power distribution station and intelligent electric appliance is then easily subject to security attack, and such as message is forged, distorted and eavesdrop.Therefore, the main target of current method is all for the safety problem between power distribution station and intelligent electric appliance.Such as use the mode of tamper resistant device to evade this safety problem, but this case only has power distribution station can authentication intelligent electrical equipment, and can not key agreement be realized.And based on the lightweight messages authentication protocol of computational Diffie-Hellman problem, achieve two-way authentication and achieve key agreement by Diffie-Hellman.In order to further reinforcing security, based on a mutual authentication and key establishment mechanism, make DCC and smart machine can carry out mutual certification by the public key certificate of DCC and the long term keys shared in advance, but the technical problem of how to distribute shared long term keys make the program extensively not promote.In addition, occur using public-key certificate, Zero Knowledge certification and access control technology to realize dual factor anthentication system, based on the authentication protocol etc. of elliptic curve, and use DSE arithmetic to realize possessing the agreement of two-way authentication and confidentiality simultaneously, but this agreement needs a large amount of cipher key agreement process, need before communication to carry out repeatedly certification.
Summary of the invention
Goal of the invention of the present invention is: for the safety problem communicated in intelligent grid, proposes a kind of smart grid electricity usage information protecting method based on combination pin, to ensure realize safe and reliable communication between intelligent electric meter and MDMS.
Based on a smart grid security communication means for combination pin, comprise the following steps:
Step 1: n (n is greater than 1) individual terminal is set, each terminal is corresponding more than one intelligent electric meter respectively; An only terminal and ammeter data administrative center MDMS direct communication in n terminal, and be chain type communication between n terminal;
Step 2: each entity (comprising intelligent electric meter, terminal and MDMS) generates corresponding PKI according to the identity ID of oneself and is sent to key generation centre PKG, PKG generates private key based on the PKI that each entity sends and sends to corresponding entity by safe lane;
Step 3: hop-by-hop link transmission carries out the secure communication of intelligent electric meter and MDMS:
Step 3-1: the session key generating intelligent electric meter and corresponding terminal: intelligent electric meter (can be set to the identification identifier of intelligent electric meter and corresponding terminal based on the PKI of corresponding terminal usually to the first preset-key negotiation message, the information such as key agreement parameter w and time stamp T M1) be encrypted and ciphertext is sent to corresponding terminal, based on the PKI of described intelligent electric meter the second preset-key negotiation message be encrypted after terminal deciphering and send to this intelligent electric meter, described second preset-key negotiation message comprises the first preset-key negotiation message, usually the identification identifier of intelligent electric meter and corresponding terminal can be set to, key agreement parameter w, v and time stamp T M1, TM2 etc., the session key of intelligent electric meter and corresponding terminal is obtained based on the second preset-key negotiation message, such as carry out safe key agreement based on the Conbined public or double key password of the identification identifier of entity (intelligent electric meter, terminal) and Diffie-Hellman agreement, to generate corresponding session key,
Step 3-2: intelligent electric meter dialogue-based double secret key ammeter data is encrypted and is sent to corresponding terminal, and the dialogue-based key of terminal is verified, if be proved to be successful, performs step 3-3;
Step 3-3: the PKI based on MDMS is encrypted received ammeter data, obtains local ciphertext;
Judge whether current terminal is that (identifier by terminal judges the terminal maximum with the communication jumping figure of MDMS, such as to all terminal serial numbers, number maximum terminal and MDMS direct communication, number minimum maximum with communication jumping figure that is MDMS, or also can based on whether current terminal existing signature that other terminals send and/or terminal ciphertext judges), if not, then the terminal ciphertext of current terminal is local ciphertext; If, PKI then based on upper hop terminal (from the maximum terminal of the communication jumping figure with MDMS to the transmission direction of MDMS) is verified its signature sent and terminal ciphertext, if be verified, then the terminal ciphertext of current terminal is local ciphertext and the terminal ciphertext received; Private key based on current terminal is signed to its terminal ciphertext, and together sends to down hop terminal together with terminal ciphertext;
Step 3-4: repeat step 3-3, until be sent to MDMS by correspondence signature and terminal ciphertext; MDMS verifies received signature and terminal ciphertext based on the PKI of the terminal with its direct communication, if be verified, then the local ciphertext of private key to each terminal based on MDMS is decrypted the ammeter data recovering each intelligent electric meter.
Based on above-mentioned steps, the present invention adopts Conbined public or double key cryptographic system, effectively can reduce the quantity that user preserves key.Relative to the combination pin based on PKI, user does not need the legitimacy at verification public key certificate, reduces simultaneously and preserves and safeguard the expense that certificate brings.Relative to symmetric cryptography, adopt Identity Based Cryptography, a large amount of key agreements can be avoided.
Further, the present invention also can arrange the secure communication of MDMS and intelligent electric meter, to realize two-way secure communication between intelligent electric meter and MDMS, namely the present invention also comprises step 4: hop-by-hop link transmission carries out the secure communication of MDMS and intelligent electric meter: MDMS is encrypted control message based on the PKI of each terminal respectively, obtain corresponding control ciphertext, and be sent to the terminal with its direct communication together with each control ciphertext after each control ciphertext being signed respectively based on the private key of MDMS; Current terminal stores the signature corresponding with local terminal and controls ciphertext, and the signature of non-corresponding local terminal and control ciphertext are sent to upper hop (transmission direction from MDMS to intelligent electric meter) terminal, until terminal maximum with the communication jumping figure of MDMS in n terminal; Each terminal is based on the public key verifications of the MDMS signature corresponding with local terminal, if be verified, then the private key based on local terminal is decrypted recovery control message to control ciphertext, finally based on the session key of intelligent electric meter, control is sent to each corresponding intelligent electric meter.
In order to the operational environment that the computing capability adapting to each entity in intelligent grid is further limited, raising system processing speed, to ensure the real-time of intelligent grid, in step 3 of the present invention, when processing encryption and signature, the computational process of corresponding encryption, signature can be carried out by the servers off-line arranged, and result of calculation is sent to correspondent entity (as intelligent electric meter, terminal) with in encryption corresponding to line computation, signature result.
In sum, owing to have employed technique scheme, the invention has the beneficial effects as follows:
(1) Conbined public or double key cryptographic system is used in intelligent grid, ensure that the authentication property that intelligent grid communicates and confidentiality, and effectively decrease the quantity of storage key in intelligent grid.
(2) use off-line/online cryptographic system to carry out combining the processing speed that improve communication process, ensure that the real-time of intelligent grid.
Accompanying drawing explanation
Fig. 1 is the network topology schematic diagram of embodiment;
Fig. 2 is the secure communication process schematic diagram of embodiment.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with execution mode and accompanying drawing, the present invention is described in further detail.
Embodiment 1
See Fig. 1, arrange n terminal, each terminal j identifies, and each terminal is respectively to multiple intelligent electric meter (Meter1 in Fig. 1, Metern, Meterm etc.); An only terminal and ammeter data administrative center MDMS direct communication (the terminal n shown in figure) in n terminal, and be chain type communication between n terminal.
By PKG initialization system parameter, thus generate double secret key, the cipher key agreement process of the identity-based environment of each entity in intelligent grid:
(1) initialization system parameter, generates required double secret key.
A given circled addition group G 1, rank are prime number q, G 2for having the circulation multiplicative group of phase same order.P is crowd G 1in a generator, e:G 1× G 1→ G 2it is a bilinear map.Define four secure Hash hash functions h 3: { 0,1} *→ { 0,1} m, wherein M represents length of the plaintext, represent the multiplication loop group (in group, element does not comprise 0) of mould q.PKG Stochastic choice as master key, calculate P pub=sP, g=e (P, P), the open system parameters (G of PKG 1, G 2, P, P pub, g, e, H 1, H 2, H 3, H 4), and preserve master key s.
Each entity (intelligent electric meter, terminal and MDMS) in intelligent grid is by identity information ID ∈ { 0, the 1} of oneself *send to PKG, PKG is each solid generation public private key pair (Q in intelligent grid according to the system parameters of above-mentioned generation and master key s iD, S iD), wherein private key S iD=(Q iD+ s) -1p, PKI Q iD=H 1(ID), private key is sent to corresponding entity by safe lane by last PKG.
(2) cipher key agreement process
With reference to figure 2, before intelligent electric meter communicates with MDMS, first to carry out key agreement between intelligent electric meter and terminal and generate the session key shared.Intelligent electric meter i Stochastic choice key agreement parameter and calculate wP, then use the PKI Q of terminal j jto key negotiation information (i||j||wP||TM 1) be encrypted and the j that fights in different parts during ciphertext is sent to.Wherein i and j represents the identity information of intelligent electric meter i and terminal j respectively, TM 1represent timestamp.In the j that fights in different parts use oneself private key S i(i.e. S i=S iD=(Q iD+ s) -1p) be decrypted and recover wP, then Stochastic choice key agreement parameter and calculate vP, then use the PKI Q of intelligent electric meter i i(i.e. Q i=Q iD=H 1(ID)) to key negotiation information (i||j||w||vP||TM 1|| TM 2) be encrypted and ciphertext sent to intelligent electric meter i, TM 2represent timestamp.Intelligent electric meter i uses oneself private key S idecryption restoration outbound message, that can be guaranteed to carry out key agreement with it by wP is terminal j.Last intelligent electric meter i can according to the value session key generation K of w and vP i,j=w (vP), fighting in different parts j simultaneously can according to the value session key generation K of v and wP i,j=v (wP).Be intelligent electric meter i in order to what make terminal j guarantee to communicate with, intelligent electric meter i can use the secret key K of shared session i,jencrypting and transmitting is to terminal j.So just two-way authentication can be ensured.
(3) intelligent electric meter reading transmitting procedure
The intelligent electric meter i session key K generated in its ammeter data m (user power utilization information) and said process i,jgenerating message authentication code e represents symmetric encipherment algorithm, and subscript is for identifying intelligent electric meter i and terminal j and corresponding session key K i,j, fight in different parts in then (m||c) being sent to j, in fight in different parts j use share session-key computation if c'=c, be then proved to be successful, otherwise abandon the ammeter data that this intelligent electric meter sends.In the j that fights in different parts rear signature is first encrypted to all ammeter datas be proved to be successful, concrete steps are: first calculate off-line ciphertext by security server, Stochastic choice calculate U j=uP, R j=g x, β j=H 3(R), T 1j=a -1xP, T 2j=x (b+s) P, then by off-line ciphertext φ=(u, x, a, b, U j, R j, T 1j, T 2j, β j) sending to terminal j, terminal j utilizes the PKI Q of MDMS mDcalculate online ciphertext t 1j=a (Q mD-b) modq, t 2j=H 2(m, R j, U j, T 1j, T 2j, t 1j) x+umodq, c jj⊕ m.The local ciphertext of terminal j is σ j=(U j, T 1j, T 2j, t 1j, t 2j, c j).If terminal identifier j equals 1, then direct using local ciphertext as its terminal ciphertext; Otherwise, the message (h that terminal j uses the PKI of terminal j-1 to send it j-1, θ j-1, S' j-1) and (σ 1|| σ 2|| ... || σ j-1) verify, if be proved to be successful, perform signature process, otherwise abandon.Concrete steps are: terminal j calculates S j-1=θ S' j-1, if h j-1=H 41|| σ 2|| ... || σ j-1, r j-1, S' j-1), then accept (the h that signs j-1, θ j-1, S' j-1) and signature is unified to the local ciphertext of fighting in different parts in front j, by the local ciphertext of 1st ~ j terminal as the terminal ciphertext of terminal j, again signature process is carried out to the terminal ciphertext of current terminal: first calculate static signature by security server, Stochastic choice parameter l calculate r j=g l, S' j=α SK j, then by static signature δ=(l, α -1, r j, S' j) sending to terminal j, terminal j calculates on-line signature h j=H 41|| σ 2|| ... || σ j, r j, S' j), θ j=(x+h) α -1modq, then will sign (h j, θ j, S' j) and ciphertext (σ 1|| σ 2|| ... || σ j) send to terminal j+1.Terminal follow-up afterwards performs similar operation, until data are handed to MDMS by last terminal n in link.
MDMS verifies the data received and deciphers, and concrete steps are: first MDMS utilizes the PKI Q of the n-th terminal nto signature (h n, θ n, S' n) verify, calculate S nns' n, if h n=H 41|| σ 2|| ... || σ n, r n, S' n), then accept ciphertext (σ 1|| σ 2|| ... || σ n), and with oneself private key SK mDeach ciphertext is decrypted respectively.With σ j=(U j, T 1j, T 2j, t 1j, t 2j, c j) be example, MDMS calculates R=e (T 2j+ t 1jt 1j, SK mD), m j=c j⊕ H 3(R), H=H 2(m j, R, U j, T 1j, T 2j, t 1j), if meet R h=e (t 2p-U, P), then accept message m j, wherein m jrepresent and the ammeter data that each intelligent electric meter corresponding to terminal j sends.
(4) control information transmitting procedure
Control message is transferred to the inverse process that intelligent electric meter is said process by MDMS.MDMS uses the PKI of terminal to be encrypted control message first respectively and to sign respectively to ciphertext with oneself private key and then passes to terminal n, in fight in different parts n first by a front n-1 terminal ciphertext and signature pass to a upper terminal n-1 in the mode of hop-by-hop link transmission, terminal n-1 similarly by a front n-2 terminal ciphertext and signature pass to a upper terminal again, by that analogy, until first terminal in link.After receiving ciphertext and signature, first each terminal utilizes the PKI of MDMS verify signature and utilize the private key of oneself to be decrypted, and control message is transmitted to each ammeter by the session key that finally utilization and intelligent electric meter are shared.
The above, be only the specific embodiment of the present invention, arbitrary feature disclosed in this specification, unless specifically stated otherwise, all can be replaced by other equivalences or the alternative features with similar object; Step in disclosed all features or all methods or process, except mutually exclusive feature and/or step, all can be combined in any way.

Claims (7)

1., based on a smart grid security communication means for combination pin, it is characterized in that, comprise the following steps:
Step 1: n terminal is set, each terminal is corresponding more than one intelligent electric meter respectively; An only terminal and ammeter data administrative center MDMS direct communication in n terminal, and be chain type communication between n terminal, wherein n is greater than 1;
Step 2: each entity generates corresponding PKI according to the identity ID of oneself and is sent to key generation centre PKG, PKG generates private key based on the PKI that each entity sends and sends to corresponding entity by safe lane, and described entity comprises intelligent electric meter, terminal and MDMS;
Step 3: hop-by-hop link transmission carries out the secure communication of intelligent electric meter and MDMS:
Step 3-1: the session key generating intelligent electric meter and corresponding terminal: intelligent electric meter to be encrypted the first preset-key negotiation message based on the PKI of corresponding terminal and ciphertext is sent to corresponding terminal, being encrypted the second preset-key negotiation message based on the PKI of described intelligent electric meter after terminal deciphering and sending to this intelligent electric meter, described second preset-key negotiation message comprises the first preset-key negotiation message; The session key of intelligent electric meter and corresponding terminal is obtained based on the second preset-key negotiation message;
Step 3-2: intelligent electric meter dialogue-based double secret key ammeter data is encrypted and is sent to corresponding terminal, and the dialogue-based key of terminal is verified, if be proved to be successful, performs step 3-3;
Step 3-3: the PKI based on MDMS is encrypted received ammeter data, obtains local ciphertext;
Judge whether current terminal is the terminal maximum with the communication jumping figure of MDMS, if not, then the terminal ciphertext of current terminal is local ciphertext; If so, then verify its signature sent and terminal ciphertext based on the PKI of upper hop terminal, if be verified, then the terminal ciphertext of current terminal is local ciphertext and the terminal ciphertext received;
Private key based on current terminal is signed to its terminal ciphertext, and together sends to down hop terminal together with terminal ciphertext;
Step 3-4: repeat step 3-3, until be sent to MDMS by correspondence signature and terminal ciphertext; MDMS verifies received signature and terminal ciphertext based on the PKI of the terminal with its direct communication, if be verified, then the local ciphertext of private key to each terminal based on MDMS is decrypted the ammeter data recovering each intelligent electric meter.
2. the method for claim 1, is characterized in that, also comprises step 4: hop-by-hop link transmission carries out the secure communication of MDMS and intelligent electric meter:
MDMS is encrypted control message based on the PKI of each terminal respectively, obtains corresponding control ciphertext, and is sent to the terminal with its direct communication together with each control ciphertext after signing respectively to each control ciphertext based on the private key of MDMS;
Current terminal stores the signature corresponding with local terminal and controls ciphertext, and the signature of non-corresponding local terminal and control ciphertext are sent to upper hop terminal, until terminal maximum with the communication jumping figure of MDMS in n terminal;
Each terminal is based on the public key verifications of the MDMS signature corresponding with local terminal, if be verified, then the private key based on local terminal is decrypted recovery control message to control ciphertext, finally based on the session key of intelligent electric meter, control is sent to each corresponding intelligent electric meter.
3. method as claimed in claim 1 or 2, it is characterized in that, in step 3-1, described first preset-key negotiation message comprises identification identifier, the key agreement parameter w and time stamp T M of intelligent electric meter and corresponding terminal 1, described second preset-key negotiation message comprises the identification identifier of intelligent electric meter and corresponding terminal, key agreement parameter w, v and time stamp T M 1, TM 2.
4. method as claimed in claim 1 or 2, it is characterized in that, in step 3, when processing encryption and signature, carried out the computational process of corresponding encryption, signature by the servers off-line arranged, and result of calculation is sent to correspondent entity with in encryption corresponding to line computation, signature result.
5. method as claimed in claim 4, is characterized in that, the detailed process of the off-line encryption that each entity relates to, online encryption, deciphering, static signature, on-line signature and certification is:
Off-line is encrypted: server Stochastic choice parameter and calculate U=uP, R=g x, β=H 3(R), T 1=a -1xP, T 2=x (b+s) P, and by off-line ciphertext φ=(u, x, a, b, U, R, T 1, T 2, β) and send to the transmitting terminal of corresponding ciphertext;
Online encryption: given (m, ID, φ), transmitting terminal calculates t 1=a (H 1(ID)-b) modq, t 2=H 2(m, R, U, T 1, T 2, t 1) x+umodq, then by the ciphertext σ of generation=(U, T 1, T 2, t 1, t 2, c) send to decrypting end;
Deciphering: given (σ, ID, S iD), the receiving terminal receiving corresponding ciphertext calculates R=e (T 2+ t 1t 1, S iD), h=H 2(m, R, U, T 1, T 2, t 1), if R h=e (t 2p-U, P), then export m, otherwise refusal;
Static signature: server Stochastic choice parameter l, and calculate r=g l, S '=α S iD, then by off-line ciphertext δ=(l, α -1, r, S ') send to corresponding transmitting terminal of signing;
On-line signature: given (ID, δ), transmitting terminal calculates h=H 4(m, r, S '), θ=(l+h) α -1modq, generation signature sigma=(h, θ, S ') and send to corresponding receiving terminal;
Certification: given (m, ID, σ), receiving terminal calculates S=θ S ', r=e (S, H 1(ID) P+P pub) g -hif, h=H 4(m, r, S ') receiving terminal accepts signature, otherwise refusal;
Wherein, represent the multiplication loop group of mould q, P represents q rank addition cyclic group G 1generator, g=e (P, P), wherein bilinear map e is: G 1× G 1→ G 2, G 2represent q factorial method cyclic group, hash function hash function hash function H 3: { 0,1} *→ { 0,1} m, hash function wherein M is for presetting length of the plaintext, and s represents system master key, and m represents the ammeter data of intelligent electric meter, and ID represents the identification identifier of correspondent entity, S iDrepresent the private key of correspondent entity.
6. method as claimed in claim 5, it is characterized in that, in step 3-3, the detailed process obtaining local ciphertext is:
Off-line ciphertext φ is calculated by security server j=(u, x, a, b, U j, R j, T 1j, T 2j, β j) and send to terminal j, wherein j represents current terminal identifier, U j=uP, R j=g x, β j=H 3(R), T 1j=a -1xP, T 2j=x (b+s) P;
Terminal j is based on the PKI Q of MDMS mDcalculate online ciphertext t 1j=a (Q mD-b) modq, t 2j=H 2(m, R j, U j, T 1j, T 2j, t 1j) x+umodq, thus obtain local ciphertext: σ j=(U j, T 1j, T 2j, t 1j, t 2j, c j);
Signature (the h that terminal j uses the PKI of terminal j-1 to send it j-1, θ j-1, S' j-1) and terminal ciphertext (σ 1|| σ 2|| ... || σ j-1) verify: calculate S j-1=θ S' j-1, if h j-1=H 41|| σ 2|| ... || σ j-1, r j-1, S' j-1), be then verified;
The terminal ciphertext of terminal j is (σ 1|| σ 2|| ... || σ j), and signature process is carried out to it: calculate static signature by security server, Stochastic choice parameter l, calculate r j=g l, S' j=α SK j, then by static signature δ=(l, α -1, r j, S' j) sending to terminal j, terminal j calculates on-line signature h j=H 41|| σ 2|| ... || σ j, r j, S' j), θ j=(l+h) α -1modq, then will sign (h j, θ j, S' j) and terminal ciphertext (σ 1|| σ 2|| ... || σ j) send to terminal j+1;
In step 3-4, MDMS verifies the signature received and terminal ciphertext and deciphers, and concrete steps are: MDMS is based on the PKI Q of the terminal n with its direct communication nto signature (h n, θ n, S' n) verify, calculate S nns' n, if h n=H 41|| σ 2|| ... || σ n, r n, S' n), then based on the private key SK of MDMS mDeach local ciphertext is decrypted respectively.
7. method as claimed in claim 6, is characterized in that, in described step 4, the concrete steps that control message is transferred to intelligent electric meter by MDMS are the inverse process about step 3-3 and 3-4 in claim 6.
CN201510575551.5A 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin Active CN105245326B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510575551.5A CN105245326B (en) 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510575551.5A CN105245326B (en) 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin

Publications (2)

Publication Number Publication Date
CN105245326A true CN105245326A (en) 2016-01-13
CN105245326B CN105245326B (en) 2018-11-13

Family

ID=55042839

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510575551.5A Active CN105245326B (en) 2015-09-10 2015-09-10 A kind of smart grid security communication means based on combination pin

Country Status (1)

Country Link
CN (1) CN105245326B (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105871837A (en) * 2016-03-30 2016-08-17 安徽工程大学 Data transmission system applied to smart power grid
CN105897416A (en) * 2016-06-29 2016-08-24 邓月霞 Forward end-to-end safe instant communication method based on identity-based password system
CN108494555A (en) * 2018-02-27 2018-09-04 深圳市海司恩科技有限公司 Information encryption and decryption method and information encryption, decryption device
CN109272384A (en) * 2018-09-11 2019-01-25 重庆邮电大学 A kind of distributed intelligence ammeter sale of electricity method and system
CN110034928A (en) * 2019-03-29 2019-07-19 国网山东省电力公司梁山县供电公司 Energy measurement information transmitting device and method
CN110110537A (en) * 2019-05-08 2019-08-09 西安电子科技大学 The polymerization of multidimensional data encryption and decryption in smart grid
CN110460570A (en) * 2019-07-03 2019-11-15 湖南匡安网络技术有限公司 A kind of smart grid data ciphering method and decryption method with forward security
CN112231770A (en) * 2020-11-03 2021-01-15 上海第二工业大学 Smart power grid data transmission method
CN112511490A (en) * 2020-10-29 2021-03-16 苏州达塔库自动化科技有限公司 Smart power grid safety communication method based on combined password
CN112671927A (en) * 2020-12-31 2021-04-16 广州技象科技有限公司 Service data transmission method and device based on electric power Internet of things system change
CN112804118A (en) * 2020-12-31 2021-05-14 广州技象科技有限公司 Data transmission method and device based on data jump transmission link of intelligent electric meter
CN113094731A (en) * 2021-04-15 2021-07-09 西南大学 Block chain privacy protection method based on different distribution recombination scheme
CN113556355A (en) * 2021-07-30 2021-10-26 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network
CN117118744A (en) * 2023-10-19 2023-11-24 三未信安科技股份有限公司 Message encryption packaging and joint authentication method and system based on identification password

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120233461A1 (en) * 2011-03-07 2012-09-13 Kabushiki Kaisha Toshiba Data transmitting apparatus and data authenticating method
CN102859945A (en) * 2010-04-30 2013-01-02 株式会社东芝 Key management device, system and method having a rekey mechanism
CN104363219A (en) * 2014-11-06 2015-02-18 江苏林洋电子股份有限公司 Three-party secret key management method based on IEC62056 data transmission safety standard

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102859945A (en) * 2010-04-30 2013-01-02 株式会社东芝 Key management device, system and method having a rekey mechanism
US20120233461A1 (en) * 2011-03-07 2012-09-13 Kabushiki Kaisha Toshiba Data transmitting apparatus and data authenticating method
CN104363219A (en) * 2014-11-06 2015-02-18 江苏林洋电子股份有限公司 Three-party secret key management method based on IEC62056 data transmission safety standard

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
YE YAN,ET AL.: "An Efficient Security Protocol for Advanced Metering Infrastructure in Smart Grid", 《IEEE NETWORK》 *
王先博: "基于身份的组合公钥认证体制的研究与设计", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105871837A (en) * 2016-03-30 2016-08-17 安徽工程大学 Data transmission system applied to smart power grid
CN105897416A (en) * 2016-06-29 2016-08-24 邓月霞 Forward end-to-end safe instant communication method based on identity-based password system
CN105897416B (en) * 2016-06-29 2019-03-05 邓月霞 A kind of end-to-end security instant communication method of forward direction based on id password system
CN108494555A (en) * 2018-02-27 2018-09-04 深圳市海司恩科技有限公司 Information encryption and decryption method and information encryption, decryption device
CN109272384A (en) * 2018-09-11 2019-01-25 重庆邮电大学 A kind of distributed intelligence ammeter sale of electricity method and system
CN109272384B (en) * 2018-09-11 2022-01-28 重庆邮电大学 Distributed intelligent electric meter electricity selling method and system
CN110034928B (en) * 2019-03-29 2021-11-02 国网山东省电力公司梁山县供电公司 Electric energy metering information transmission device and method
CN110034928A (en) * 2019-03-29 2019-07-19 国网山东省电力公司梁山县供电公司 Energy measurement information transmitting device and method
CN110110537A (en) * 2019-05-08 2019-08-09 西安电子科技大学 The polymerization of multidimensional data encryption and decryption in smart grid
CN110110537B (en) * 2019-05-08 2022-12-27 西安电子科技大学 Aggregation method for encrypting and decrypting multidimensional data in smart power grid
CN110460570A (en) * 2019-07-03 2019-11-15 湖南匡安网络技术有限公司 A kind of smart grid data ciphering method and decryption method with forward security
CN110460570B (en) * 2019-07-03 2021-07-23 湖南匡安网络技术有限公司 Smart power grid data encryption method and decryption method with forward security
CN112511490A (en) * 2020-10-29 2021-03-16 苏州达塔库自动化科技有限公司 Smart power grid safety communication method based on combined password
CN112231770A (en) * 2020-11-03 2021-01-15 上海第二工业大学 Smart power grid data transmission method
CN112804118A (en) * 2020-12-31 2021-05-14 广州技象科技有限公司 Data transmission method and device based on data jump transmission link of intelligent electric meter
CN112671927A (en) * 2020-12-31 2021-04-16 广州技象科技有限公司 Service data transmission method and device based on electric power Internet of things system change
CN112804118B (en) * 2020-12-31 2023-01-31 广州技象科技有限公司 Data transmission method and device based on intelligent ammeter data jump transmission link
CN113094731A (en) * 2021-04-15 2021-07-09 西南大学 Block chain privacy protection method based on different distribution recombination scheme
CN113094731B (en) * 2021-04-15 2023-04-07 西南大学 Block chain privacy protection method based on different distribution recombination scheme
CN113556355A (en) * 2021-07-30 2021-10-26 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network
CN113556355B (en) * 2021-07-30 2023-04-28 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network
CN117118744A (en) * 2023-10-19 2023-11-24 三未信安科技股份有限公司 Message encryption packaging and joint authentication method and system based on identification password
CN117118744B (en) * 2023-10-19 2024-01-26 三未信安科技股份有限公司 Message encryption packaging and joint authentication method and system based on identification password

Also Published As

Publication number Publication date
CN105245326B (en) 2018-11-13

Similar Documents

Publication Publication Date Title
CN105245326A (en) Intelligent power grid safety communication method based on combination cipher
CN108234501B (en) Quantum key fusion-based virtual power plant secure communication method
CN103618610B (en) A kind of information security algorithm based on energy information gateway in intelligent grid
CN109584978B (en) Information processing method and system based on signature aggregation medical health monitoring network model
CN102685114B (en) Metering data transmission system based on identity encryption and data transmission method
CN103475464B (en) A kind of power special quantum encryption gateway system
CN102811125B (en) Certificateless multi-receiver signcryption method with multivariate-based cryptosystem
Saxena et al. Integrated distributed authentication protocol for smart grid communications
CN104270249A (en) Signcryption method from certificateless environment to identity environment
US11870891B2 (en) Certificateless public key encryption using pairings
CN107733654B (en) Intelligent equipment firmware updating and official user certificate distribution method based on combined key
CN102111273B (en) Pre-sharing-based secure data transmission method for electric load management system
CN104168114A (en) Distributed type (k, n) threshold certificate-based encrypting method and system
CN113037499B (en) Block chain encryption communication method and system
CN104301108A (en) Signcryption method based from identity environment to certificateless environment
CN105610773A (en) Communication encryption method of electric energy meter remote meter reading
CN109347829A (en) A kind of intelligent perception network true value discovery method based on secret protection
CN103414559A (en) Identity authentication method based on IBE-like system in cloud computing environment
CN103036684A (en) Identity-based encryption (IBE) data encryption system and method capable of lowering damages of master key crack and disclosure
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN113852460A (en) Implementation method and system for enhancing safety of working key based on quantum key
Hasan et al. Encryption as a service for smart grid advanced metering infrastructure
CN106713349A (en) Inter-group proxy re-encryption method capable of resisting selected ciphertext attack
Luo et al. A secure and anonymous communication scheme for charging information in vehicle-to-grid
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant