in: Smart Grid in IoT-Enabled Spaces, Fadi Al-Turjman, Editor, Crc Press-Taylor & Francis Group, İstanbul, pp.1-9, 2021
In recent years, many efforts are seen to secure the smart grid environment through various methods. However, a large number of such methods were proved insecure, whereas, some other methods are heavy weight due to underlying computational costly operations like pairing and modular exponentiation. In 2019, Kumar et al. (IEEE Transactions on Industrial Informatics, 15(12), 6572–6582, 2019) proposed an elliptic curve cryptography-based solution (EccAuth) to secure transfer of data between entities of a smart grid. The analysis in this chapter, however, shows that their scheme has incorrect authentication phase. Precisely, in the presence of multiple devices, the request-receiving device in their scheme cannot process authentication request. Moreover, due to the absence of initial verification on receiving side, their scheme is subject to unnecessarily process arbitrary message even sent by adversary.