Some Flaws of Authentication and Key Agreement Protocols Against Ephemeral Secret Leakage Attack for Smart Grid

The increasing complexity of the smart grid (SG) raises significant concerns regarding the security of SG communication. As a countermeasure, the authentication and key agreement (AKA) protocol ensures the secure transmission of sensitive information between legitimate entities by achieving mutual authentication and establishing session keys. One of the most urgent and critical security threats in the AKA protocol concerns the ephemeral secret leakage (ESL) attack, due to its threat to session key secrecy. However, there remains a lack of systematic understanding of how to resist ESL attacks in the SG environment. Therefore, we categorize the ESL attack into three different types, then conduct an in-depth analysis of their root causes and propose corresponding recommendations to mitigate it. To further illustrate the effectiveness of the recommendations, we design a secure and efficient AKA protocol based on elliptic curve cryptography accordingly. The proposed protocol is proven secure through rigorous security proof under the random oracle model and formally verified by the AVISPA tool. Performance comparisons indicate that the proposed protocol outperforms other related protocols due to its lightweight nature and adherence to all fundamental security attributes, making it well-suited for deployment in a resource-constrained SG environment.