SecureDataProvenanceinHomeEnergyMonitoringNetworksMingHongChia,SyeLoongKeoh,Zhaohui Tang

1

Outline

• DataProvenanceandSmartMetering• SecurityThreatsandRequirements• ProposedArchitecture

– ThresholdCryptography– LocationAuthenticityusingBLE

• PreliminaryEvaluations• FutureWorkandConclusions

2

“Dataprovenance referstorecordsoftheinputs,entities,systems,andprocessesthatinfluencedata ofinterest,providingahistoricalrecordofthedata anditsorigins.”

SystemsandInternetInfrastructureSecurity,PennStateUniversity

3

Data Provenance

• Cryptography

• Redundancyanddatacross-checking

4

Data Provenance

AuthenticationEncryption

Data Collector Measurement Device

Data Source

…

Data Collector

Measurement Devices

Data Source

• Sensordataistypicallyaggregated– smartmeter.

5

IoT and Smart Metering

NAN

Data Concentrator

Smart Home Appliances

Smart Meter

Neighbourhood Area Network (NAN)

Home Area Network (HAN)

ZigBee, WiFI, Ethernet

WiFi, Cellular

WAN

Wide Area Network (WAN)

Fibre Optic, Cellular

Utility

Public Realm Private Realm

Advanced Metering Infrastructure (AMI)

Utility End

Collection

Monitoring

• Issmartmeterthetruedatasourceofenergyconsumptionofthehousehold?

6

Smart Metering

Smart Home Appliances

Smart Meter

Home Area Network (HAN)

ZigBee, WiFI, Ethernet

HAN

Utility

Energy Consumption

Reporting

The real data source

The real data source

Potential compromise?- under reporting of energy usage- energy fraud

• Dataprovenance=thereportedenergyusageiscollectedfromthespecificapplianceasclaimed,andthatitreflectstherealenergyconsumption.

• Specifically,weareinterestedin:– Sourcedata/identityauthenticity– Dataintegrityandconsistency– Locationauthenticity

7

IoT Data Provenance

• Asecureplug(SSP)tomeasuretheenergyconsumptionateachdatasource.

• Usingmultiplesensorstotrackelectricityusage.

• UsingBluetoothlocalizationtodetectchangesinthelocation.

8

Secure Smart Plug

Smart EnergyPlug

SmartMeter

EnergyMagneticSensor

RaspberryPi 3 Bluetooth

Secure Smart Plug

Data Source

9

Proposed Approach

Smart EnergyPlug

EnergyMagneticSensor

RaspberryPi 3 Bluetooth

Secure Smart Plug Source Data / Identity• Using RSA threshold

scheme (k,n).

Data Integrity / Consistency• Both energy data from the

magnetic sensor and theenergy plug must match.

• Aggregated energy data from all data sources must also match the smart meter’s measured data.

Location Authenticity• Using Bluetooth Trilateration

technique.

10

Proposed Approach

SECURITYPROTOCOL

Commissioning

Operational

1. CommissioningPhaseA. DeploymentofSecureSmart

Plug- registerlocation

B. RSAKeyPairGeneration

C. SecretShareGeneration

2. OperationalPhaseA. SigningandVerificationProtocol

usingThresholdScheme(3,4)

B. LocationVerification

11

Commissioning Phase

SmartMeter

Smart EnergyPlug

EnergyMagneticSensor

RaspberryPi 3 Bluetooth

Secure Smart Plug

Public Key: nShare: s3

Public Key: nShare: s4

Public Key: nShares: s , s1 2

1. RSA Key Pair Generation (PK and SK)- Public Key (PK): (n, e)- Secret Key (SK): d

2. Generation of Secret Shares- Secret Shares: s1, s2, s3, s4

Data Source

• One-timekeygenerationusing(3,4)ThresholdSchemeforeachdatasourceinthenetwork.

Commissioning Phase

• UsingTrilaterationalgorithmtodeterminethelocationofSSP.

• UsingRSSIoftheBLEchiptocomputethedistance.

• LocationofthedeployedSSPisregistered.

12

Secure Smart Plug

Estimote Beacon (Candy)

Estimote Beacon (Yellow)

Estimote Beacon (Beetroot)

(Intersection)

13

Smart EnergyPlug

EnergyMagneticSensor

RaspberryPi 3 Bluetooth

(1) Sends m to BT, where m = m1

SP

i

(2) Check current location(XY)of SP upon receiving m

(3) if true, generate own partial signature share by signing mSIGN { s , n , m , N } i

(4) Sends psto SP

SmartMeter

(6) Send all respective partial signature shares to SM

ps = { s , n, m1 , N }1 1 SPps = { s , n, m1 , N }2 2 SP

(1) Sends m to BT, where m = m2

MS (4) Sends psto MS

i

(5) Generate own partial signature share by signing mSIGN { s , n , m , N }

(6) Send all respective partial signature shares to SMps = { s , n, m2 , N }4 MS4

ps = { s , n, m1 , N }3 SP3PS1 =SP

ps = { s , n, m1 , N }ps = { s , n, m1 , N }ps = { s , n, m1 , N }

SP1 1

SP2 2

SP3 3

PS2 =MS

ps = { s , n, m2 , N }ps = { s , n, m2 , N }ps = { s , n, m2 , N }

MS1 1MS2 2MS4 4

(1) Sends m to SM, where m = m1(5) Generate own partial signature share by signing mSIGN { s , n , m , N }

Secure Smart Plug

(1) Sends m to SM, where m = m2

SP

MS i

i

ps = { s , n, m2 , N }1 1 MSps = { s , n, m2 , N }2 2 MS

(7) Upon receiving the PS , combine and aggregate them to compute as FS for verification later.COMBINE { PS, PK , m, n, k, N }

(8) Verifies m with SKd

(9) VERISM FS ≡ m using PK

SK

(10) VERISM (m1 ≡ m 2)using PKe

e

SP MS

e

d

i

Operational Phase

Data Source

Operational Phase

• UsingBLEtodetectchangesinthelocationofSSP.

14

Estimote Beacon (Yellow)

Estimote Beacon (Beetroot)

Estimote Beacon (Candy)

WiFi Wireless Router

Smart Meter

Local Area Network (LAN)

Secure Smart Plug(Raspberry Pi 3)

• OneofthecomponentsinSSP“attempted”tounderreporttheenergyconsumption.

• Resultingin:– Differenceintheenergyusageatthesamedatasource:MMS ≠MSP ☛ datainconsistency

15

Attack Simulation I

• There-locationoftheSSPtomeasureadatasourcethatisoutsideofthehouse.

• Resultingin:– Detectionoflocationthatisdifferentfromthedeployedlocation,hencewillnotgeneratepartialsignatures,ps1 andps2☛ incorrectlocation.

– Energyusagedatacannotbeverifiedduetothelackofsignatureshares.

16

Attack Simulation II

17

Estimote Beacon (Yellow)

Estimote Beacon (Beetroot)

Estimote Beacon (Candy) Original Deployed

Location Coordinates (x:6.5, y: 10.0)

Relocated Secure Smart Plug Location Coordinates (x:2.5, y: 2.5)

Secured Smart Plug

Attack Simulation II

• Bothenergymeasurementsensors“werecompromised”.

• Resultingin:– (IFLocationofSSPisauthentic)☛ collusionbetweenMSandSPyieldedasuccessfulattack.

– (IFSSPisre-located)☛ collusionbetweenMSandSPdidnotworkasonlytwopartialsignaturesharescouldbegeneratedfora(3,4)ThresholdScheme.

18

Attack Simulation III

19

Performance Results

20

Performance Results

Entity Components in SSPKey Size (bits) 512 1024 2048 Average (ms) 148.33 863.67 6419

Time taken to generate a partial signature

Entity Smart MeterKey Size (bits) 512 1024 2048 Combine Signature (ms) 5 8.33 18.33

Signature Verification (ms) 132 157 875

Time taken to combine partial signatures and verify signature

• TheRSAthresholdschemeisfeasibleonaRaspberryPi3device,thoughnotveryefficient.

• Preliminarystudyofdataprovenance inthecontextofIoT.

• ICSsystemsalsousemanyredundantsensorsforcriticalinfrastructureandmonitoring.

• TPMandsoftware-basedattestationwillberequiredtoensuretheverificationsoftwareworkscorrectly?

• ReplacementofRSA-basedThresholdSchemewithaMAC-basedscheme?

• Autodetectionoflocationwithoutdeploymentofbeacons?

21

Conclusions

Thankyou!

Contact details:Sye Loong KeohUniversity of GlasgowSyeLoong.Keoh@glasgow.ac.uk

Zhaohui TangSingapore Institute of TechnologyZhaohui.Tang@SingaporeTech.edu.sg

22