Lightweight and secure PUF-based authenticated key agreement scheme for smart grid

Smart Grid technology with the help of Information Technology (IT) adds many benefits to the traditional grids, but security concerns and especially privacy preserving of users is still a major practical issue. Establishing a secure and reliable communication channel between smart meters and service provider can guarantee data privacy in AMI network. This secure channel can be established with data encryption using a session key which is generated during an authentication scheme. This scheme should be enough lightweight to implement on resource constrained smart meters in delay sensitive AMI network. In this work, we analyze proposed PUF-based authenticated key agreement scheme by Gope et al. and show that their scheme is vulnerable in CK-adversary model and does not provide session key secrecy and backward secrecy. We propose an end-to-end PUF-based key agreement scheme between smart meters and service provider in AMI network which is secure against physical tampering attack and also it provides security in CK-Adversary model for ephemeral leakage attack. Our scheme imposes low communication and computational costs to smart meters. We analyze the security of our proposed scheme against popular attacks and verify its security by using widely accepted scyther tool.