Customized Certificate Revocation Lists for IEEE 802.11s-Based Smart Grid AMI Networks


Akkaya K., Rabieh K., Mahmoud M., TONYALI S.

IEEE TRANSACTIONS ON SMART GRID, vol.6, no.5, pp.2366-2374, 2015 (Journal Indexed in SCI) identifier identifier

  • Publication Type: Article / Article
  • Volume: 6 Issue: 5
  • Publication Date: 2015
  • Doi Number: 10.1109/tsg.2015.2390131
  • Title of Journal : IEEE TRANSACTIONS ON SMART GRID
  • Page Numbers: pp.2366-2374
  • Keywords: Certificate revocations, grouping schemes, public key cryptography, security, smart grid, AD HOC NETWORKS, INFRASTRUCTURE, PROTOCOL

Abstract

Public-key cryptography (PKC) is widely used in smart grid (SG) communications to reduce the overhead of key management. However, PKC comes with its own problems in terms of certificate management. Specifically, certificate revocation lists (CRLs) need to be maintained and distributed to the smart meters (SMs) in order to ensure security of the communications. The size of CRLs may grow over time and eventually may introduce additional delay, bandwidth, and storage overhead when various applications are run on SG. In this paper, we propose novel algorithms for creating customized CRLs with reduced size for IEEE 802.11s-based advanced metering infrastructure (AMI) networks. Rather than maintaining a huge-size single CRL that introduces unnecessary search time and storage, the idea is to cluster/group SMs within the AMI network and create CRLs based on these groups. The grouping is mainly done in such a way that they bring together the SMs that will be very likely to communicate so that the CRLs will be kept local to that group. To this end, we propose two novel grouping algorithms. The first algorithm is a bottom-up approach, which is based on the existing routes from the SMs to the gateway. Since the SMs will be sending their data to the gateway through the nodes on the route, this forms a natural grouping. The second approach is a top-down recursive approach, which considers the minimum spanning tree of the network and then divides it into smaller subtrees. Via grouping, the length of the CRL for each SM and the corresponding distribution overhead can be reduced significantly. Simulation results have shown that our approach can maintain a balance between the size of the CRL and the number of signatures generated by CAs while guaranteeing security of the communications.