Password Changing Protocol

Activity Leads: 
Industry Collaborators: 

Ameren

Research Summary: 

With the upgrade of the smart grid, the number of resource-constrained sensors and measurement devices that monitor the health of power lines is increasing. The devices are easy targets for security attacks, as they are accessible via wireless networks and use weak passwords for authentication and collection of telemetric data by pole maintenance personnel. General-purpose security protocols are not suitable for providing data security to devices with limited memory, computational power, and network connectivity. Also, these telemetric devices have lengthy deployment times and limited change management capabilities. Further, the data reported by the telemetric devices to the power operator should remain secret to a potential eavesdropper, an active attacker, or a compromised data collector.  The password changing framework made contributions in three major themes: (a) the entry of password of a human data collector, (b) the generation of unique symmetric keys to securely communicate among power grid utility, the human data collector and the telemetric sensor device at the electric pole, and (c) secure data collection protocols in case of different configurations between the power grid utility, human data collector and multiple pole telemetric sensor devices.

The generation of symmetric keys, utilizing environmental contextual information such as time, GPS location (but if other contextual sensors exist, e.g., humidity and temperature, they can be used as well), is an exceptionally important contribution. This contextual information is integrated with the user-entered password to generate unique keys, defending against remote denial-of-service and man-in-the-middle attacks. Furthermore, we introduced Physical Unclonable Functions (PUFs) to assist in unique key generation at the telemetric sensor devices, and alleviate the load of telemetric devices in generating and keeping keys without revealing them. The PUF takes the contextual sensor information as input and outputs a unique key. Hence, the symmetric key is calculated anew every time the data collection process is instantiated, and only necessary context-related information is passed between the collector and the telemetric sensor device to generate a joint symmetric key. Therefore, we ensure that the keys changes over time and at every location of telemetric data readings. Also, the memory and computational burden from telemetric devices is lessened when using PUF. The challenge is to come up with suitable PUFs and keep the PUF-related information secure on the data collecting and telemetric devices.

We also designed and analyzed a key establishment and data collection framework that allows a power operator to establish shared keys with multiple telemetric devices via an untrusted data collector. The data collector behaves like a relay for data communications, although it is not continuously connected to the power operator. Furthermore, the data collector has no access to the keys established between the power operator and the telemetric devices. Thus, the data collector can potentially be mobile and untrusted.

More Information: 

Download PDF of Fact Sheet
Download PDF of Research Poster (2014 Industry Workshop)
Download PDFs of Research Posters (2013 Industry Workshop)
  SCAPACH: Scalable Password-Changing Protocol
  Secure Data Collection in Smart Grid
Download PDF of Research Poster (2012 Industry Workshop)
Download PDF of Research Poster (2011 Industry Workshop)