IEEE Internet of Things Journal, vol.9, no.9, pp.6855-6865, 2022 (SCI-Expanded)
© 2014 IEEE.Lightweight cryptography (LWC)-based authenticated encryption with associative data (AEAD) cryptographic primitives require fewer computational and energy resources than conventional cryptographic primitives as a single operation of an AEAD scheme provides confidentiality, integrity, and authenticity of data. This feature of AEAD schemes helps design an access control (AC) protocol to be leveraged for enhancing the security of the resource-constrained Internet of Things (IoT)-enabled smart grid (SG) system with low computational overhead and fewer cryptographic operations. This article presents a novel and robust AC protocol, called RACP-SG, which aims to enhance the security of resource-constrained IoT-enabled SG systems. RACP-SG employs an LWC-based AEAD scheme, ASCON and the hash function, ASCON-hash, along with elliptic curve cryptography to accomplish the AC phase. Besides, RACP-SG enables a smart meter (SM) and a service provider (SEP) to mutually authenticate each other and establish a session key (SK) while communicating across the public communication channel. By using the SK, the SM can securely transfer the gathered data to the SEP. We verify the security of the SK using the widely accepted random oracle model. Moreover, we conduct Scyther-based and informal security analyses to demonstrate that RACP-SG is protected against various covert security risks, such as replay, impersonation, and desynchronization attacks. Besides, we present a comparative study to illustrate that RACP-SG renders superior security features while reducing energy, storage, communication, and computational overheads compared to the state of the art.