A Dynamic Privacy-Preserving Key Management Protocol for V2G in Social Internet of Things

With the smart grid (SG) and the social Internet of Things (SIoT), an electric vehicle operator can use reliable, flexible, and efficient charging service with vehicle-to-grid (V2G). However, open channels can be vulnerable to various attacks by a malicious adversary. Therefore, secure mutual authentication for V2G has become essential, and numerous related protocols have been proposed. In 2018, Shen et al. proposed a privacy-preserving and lightweight key agreement protocol for V2G in SIoT to ensure security. However, we demonstrate that their protocol does not withstand impersonation, privileged-insider, and offline password guessing attacks, and it does not also guarantee secure mutual authentication, session key security, and perfect forward secrecy. Therefore, this paper proposes a dynamic privacy-preserving and lightweight key agreement protocol for V2G in SIoT to resolve the security weaknesses of Shen et al.'s protocol. The proposed protocol resists several attacks including impersonation, offline password guessing, man-in-the-middle, replay, and trace attacks, ensures anonymity, perfect forward secrecy, session key security, and secure mutual authentication. We evaluate the security of the proposed protocol using formal security analysis under the broadly-accepted real-or-random (ROR) model, secure mutual authentication proof using the widely-accepted Burrows-Abadi-Needham (BAN) logic, informal (non-mathematical) security analysis, and also the formal security verification using the broadly-accepted automated validation of Internet security protocols and applications (AVISPA) tool. We then compare computation costs, and security and functionality features of the proposed protocol with related protocols. Overall, the proposed protocol provides superior security, and it can be efficiently deployed to practical SIoT-based V2G environment.