Research On Authentication Encryption System For The Security Protection Of Smart Grid Electric Data

With the advances of the smart grid technology in China, the power system is increasingly informationalized, as is shown by the change in the data collection and control means, which has transformed from manual to remote collection and intelligent control, bringing high security risks along with convenience and efficiency. The user identity, power consumption data and electric type information used during electric data collection, order transmit and control are vital secrets to a country’s power industry, if illegally used and lost, will probably result in unthinkable consequences. The traditional information protection strategy and security protection technology can no longer meet the needs of the development of power consumption data collection system in smart grid, and a set of security protection system and authenticated key exchange protocols are urgently needed to safeguard the security of the power system’s network communication.Based on China State Grid’s Certificate Authority, which is still under construction, this paper combines the digital certificate with physical means, symmetric cryptography, public key system and other security protection technologies to design a set of security protection authentication encryption system, in which two authentication key exchange protocols with higher security, smaller communication overhead and less computation amount are specially designated for the communication between the master station and the acquisition terminals, and then, this paper also analyzes the safety of the two protocols. The main work accomplished in the paper is as follows:Firstly, a detailed analysis of the safety hazards potentially exist in the Smart Grid electric data acquisition system was conducted. By mainly focusing on four aspects, i.e. overall architecture, master station, communication channel and acquisition equipment, the analysis assesses the safety level of the power system, analyzes the overall logical structure, identifies the key points in designing the security protection system.Secondly, according to the risk analysis result, a set of safety protection and authentication encryption system is designed in light of the communication channel, the network area, business application and other aspects. As the most important protected targets are master station, GPRS public network and acquisition equipments, this paper applies advanced safety technology, constructs dynamic safety protection scheme to provide safety authentication encryption mechanism for data acquisition terminals and intelligent electric meters.Thirdly, a four-wheel authentication key agreement protocol based on State Grid’s digital certificate is proposed to guarantee the communication security of master station and terminal. To protect the exchange of important parameters, the protocol uses public key as well as new and old protection keys to ensure dual identity authentication through digital certificate and sharing dynamic protection keys. The old and new protection keys update dynamically along with each session to ensure the protection keys’ safety. Then this paper analyzes the protocol by combining BAN logic formalized analysis and non-formalized analysis to prove its safety.Finally, this paper puts forward a three-wheel lightweight authentication protocol with key agreement based on digital certificate. The calculation of session key groups and the verifying of parameters’ correctness are done by simple bit operation on the basis of completing identity authentication, and the asynchronous attack can be resisted by dynamically switching the parameter of the protection keys. Then, this paper analyzes the proposed protocol’s safety and compares its performance with similar protocols.