1. Field
Preferred embodiments described herein relate generally to Smart grid communications and to other communications. In particular, to a key management mechanism that does not depend on the frequency of re-key of a cryptographic key of each application using the same master session key.
2. Background Discussion
Efficient use and management of energy resources are becoming more and more important in today's world. Many nations are giving importance to power grid modernization by adding the capabilities to the system using state-of-art communication and information technologies. This transformation is taking place under the umbrella of Smart Grid initiatives whereby power grid is adding advanced features such as monitor, analysis, control and two-way communication capabilities. The goal is to save energy, reduce cost and increase reliability and transparency. While many of these features and capabilities exist today, they exist in isolation and are controlled by individual ESP. The goal of the Smart Grid is to create an infrastructure with the advanced features noted above to maximize the throughput of the grid system through efficient use of energy resources.
The Smart Grid Interoperability project and the Institute of Electrical and Electronics Engineers Standard bodies have realized that the best way to achieve the goal is to create a communication network consisting of multiple different technologies and layers. This communication network will span from wide area networks (WANs) to customer premise networks such as, home area networks (HANs) or Business area networks (BANS). For example, Advanced Metering, Home Appliances can be connected to either HAN or BAN and then can make use of WAN to transmit the information to the ESP. This system has potential to turn into an information super highway similar to today's Internet which could potentially enable all stakeholders in the community to interact, monitor and manage the system much more efficiently than what is available to them today.
While Electric Service Providers (ESPs) are excited about the capabilities of communication and information technologies, they are also concerned about the fact that there may not be any physical boundary by which the components of the power grid are connected. For example, unlike traditional grid, advanced metering system may be connected to the ESP via Internet or via wireless networks that are susceptible to attacks and vulnerable to eavesdropping or spoofing, which can eventually damage safety and reliability of the grid. Therefore communication and information security are becoming one of the major requirements for adopting such technologies. Thus, it is absolutely necessary to protect the networks in order to provide the guarantee that the information carried on it is safe and secure.
Although a vast majority of the security technologies are available today to address the communication network security, the smart grid environment is different thereby also making requirements different. For example, an electric or gas meter in the advanced metering system or a smart meter is a low processing power device with personal area wireless network technology such as, Zigbee (see background reference 8). These devices are usually considered as low-cost wireless devices typically with 4-12K of RAM and 64-256K of flash memory. Often these devices may be connected to the backhaul with low bandwidth links. The link characteristics can also vary depending upon the wireless radio features such as sleeping or idle mode of operation. For example, the advanced metering system may wake up periodically to sync with the network in order to save power rather than remaining active all the time. Additional requirements for device may include: i) supporting multi-hop networks using mesh topology (e.g., to extend the backhaul reach back); ii) supporting multiple link layer technologies. These requirements demand that the protocol overhead and performance must be optimized.
Advanced meters can also be used for other purposes besides simple metering data. ANSI C12.22, as disclosed in background reference 1, allows using advanced meters peering via relay or concentrators. Other application such as, COAP, as disclosed in background reference 5, may be able to run simultaneously on a single meter. While these are very attractive features and make the advanced meter economically more viable, they add additional requirements to security such as, each application needs to be authenticated and needs to preserve the integrity of the data to the system (e.g., billing system).
Key management has been an area of considerable attention, particularly in browser-based web applications. Most notably, initiatives such as OAuth (mentioned in background reference 11), OpenID (mentioned in background reference 12), SAML (mentioned in background reference 13), and others have emerged to provide single sign-on (SSO) capabilities. OAuth is popular SSO enabler. It provides mechanisms for end users to authorize third-party access to networked resources without requiring that static credentials be shared with the third-party. OAuth accomplishes this through user-agent redirections and temporally issued keys shared with the third-party. Another popular SSO technology is OpenID has gained considerable momentum with commercial web services and is employed several prominent web service providers such as Google, Yahoo!, AOL and facebook among others. OpenID is an open, decentralized access control mechanism that allows users to sign-on to several different services with a single digital identity. OpenID requires regular logon to the subscriber's service provider to access services provided by each service provider. There are also security concerns regarding vulnerabilities associated with OpenID that are just beginning to surface.
For example, in background reference 14, authors address perceived limitations such as symmetric cryptography, length of time authentication status is stored in relay providers and OpenID providers and vulnerabilities to Man-in-the-middle type attacks. Secure Assertion Markup Language (SAML) is technique to provide authentication and authorization data between secure domains such as enterprise networks. SAML is defined in XML and uses federated identity management techniques to ease authentication and authorization tasks across domains under the same federation. In background reference 15, authors identify several security flaws with respect to confidentiality, bilateral authentication, integrity and user tracking that could lead to vulnerable implementations of SAML.
However, OAuth, OpenID and SAML do not address fully unified key management which requires cross-layer key management. Some techniques have tackled the lack of network access authentication within Kerberos by attempting to integrate with EAP as described in background references 16 and 17. However, these techniques require modified EAP methods in order to interwork with Kerberos.
Also, communication protocols such as EAP (Extensible Authentication Protocol), PANA (Protocol for carrying Authentication for Network Access), and ANSI C12.22 (Protocol Specification For Interfacing to Data Communication Networks) are known.
For example, ANSI C12.22 is a meter application protocol in Smart Grid communication. ANSI C12.22 uses EAX′. EAX′ is a block cipher algorithm that is a combination of EAX and 128-bit AES, and provides data encryption using a symmetric cryptographic key (or ciphering key) to provide application layer ciphering. ANSI C12.22 allows two or more encryption keys to be used for the same peer, and chooses one ciphering key among those at the time of a session start.
However, the strength of a key being used is weakened as the amount of data enciphered using the same ciphering key increases, since ANSI C12.22 does not define a mechanism for dynamic re-key of the ciphering key of EAX'. Accordingly, it is necessary to provide a re-key mechanism for ANSI C12.22 ciphering keys.
A method that uses EAP is indicated in the PCT application JP2009—69982 filed on November 2010 by Oba, Y titled “Terminal for transmitting encrypted information” (background reference 2). This method is directed to generating a ciphering key of ANSI C12.22 from one EMSK (Extended Master Key) generated by EAP authentication. When re-key of C12.22 is required, it performs EAP re-authentication to generate a new ciphering key of ANSI C12.22 from newly generated EMSK.
As an enhancement of a re-key method defined in the PCT application JP2009—69982 above, a use case is considered in which two or more application ciphering keys are generated from the same EMSK.
Since EAP re-authentication will need to take place to re-key an EMSK when renewal of any descendant key of the EMSK is needed, renewal of ciphering keys of all applications using the same EMSK will take place.
Although the re-key frequency of a ciphering key generally depends on the characteristics of each application, if re-key of a ciphering key of an application requiring a higher re-key frequency takes place, it will lead to unnecessary re-key of ciphering keys of other applications not requiring such a high re-key frequency.
In order to solve this problem, a key management mechanism is needed in which the frequency of EAP re-authentication does not depend on the frequency of re-key of a ciphering key of each application using the same EMSK.
3. Background References
The following background references are incorporated herein by reference in their entireties:    1. American National Standard. Protocol Specification For Interfacing to Data Communication Networks. ANSI C12.22-2008. 2008 (hereinafter referred to as [1]).    2. Oba, Y, Terminal for transmitting encrypted information, JP2009—69982, November, 2010, PCT application (hereinafter referred to as [2]).    3. Salowey J., Specification for the Derivation of Root Keys from an Extended Master Session Key (EMSK). (hereinafter referred to as [3]).    4. Aboba B., Extensible Authentication Protocol (RAP), (hereinafter referred to as [4]).    5. Shelby Z., CoAP Requirements and Features. (hereinafter referred to as [5]).    6. Forsberg D., Protocol for Carrying Authentication for Network Access (PANA) (hereinafter referred to as [6]).    7. Smart Grid Interoperability Standards Project (hereinafter referred to as [7]).    8. ZigBee Alliance. ZigBee Specification. ZigBee Document 053474r18. 2009 6 (hereinafter referred to as [8]).    9. A Patrick, J. Newbury, and S. Gargan, Two-way communications systems in the electricity supply industry, IEEE Transactions on Power Delivery, 13:53-58, January, 1998 (hereinafter referred to as [9])    10. Smart Power Directorate (hereinafter referred to as [10]).    11. Hammer-Lahav E. The OAuth 1.0 Protocol. 2010 (hereinafter referred to as [11]).    12. OpenID Authentication 2.0—Final Technical Specification (hereinafter referred to as [12]).    13. Dynamic Security Assertion Markup Language: Simplifying Single Sign-On. Harding P., Johansson L., Klingenstein N.: IEEE Security 86 Privacy, 2008. 8 (hereinafter referred to as [13]).    14. OhHyun-Kyung, JinSeung-Hun, The Security Limitations of SSO in OpenID.: ICACT 2008 (hereinafter referred to as [14]).    15. Security analysis of the SAML single sign-on browser/artifact profile. Gross T.: Computer Security Applications Conference 2003 (hereinafter referred to as [15]).    16. Ohba Y., Das S., Dutta A., Kerberized handover keying: a media-independent handover key management architecture.: ACM MobiArch 2007 (hereinafter referred to as [16]).    17. A Kerberized Architecture for Fast Re-authentication in Heterogeneous Wireless Networks. Lopez R., Garcia F., Ohba Y.: Mobile Networks and Applications, 2010 (hereinafter referred to as [17]).    18. Aboba B., Simon D., Eronen P. Extensible Authentication Protocol (EAP) Key Management Framework. 2008 8 (hereinafter referred to as [18]).    19. Kaufman C. Internet Key Exchange (IKEv2) Protocol. 2005 5 (hereinafter referred to as [19]).    20. Vogt C. A Solution Space Analysis for First-Hop IP Source Address Validation. 2009 January (hereinafter referred to as [20]).
21. Ohba Y., Yegin A., Definition of Master Key between PANA Client and Enforcement Point, 2009 (hereinafter referred to as [21]).    22. ZigBee Alliance. ZigBee Smart Energy Profile™ 2.0 Technical Requirements Document. 2010 (hereinafter referred to as [22]).    23. Narayanan V., Dondeti L. EAP Extensions for EAP Re-authentication Protocol (ERP). 2008 August (hereinafter referred to as [23]).