Abstract
The Internet of Things (IoT) plays a crucial role in the new generation of smart cities, in which developing Internet of Energy (IoE) in the energy sector is a necessity also. Several schemes have been proposed so far and in this paper we analyze the security of a recently proposed authentication and key agreement framework for smart grid named PALK. Our security analysis demonstrates that an attacker can extract the user permanent identifier and password, which are enough to do any other attacks. To remedy the weaknesses and amend PALK, we propose an improved protocol based on Physical Unclonable Function(PUF) to provide desired security at a reasonable cost. We also prove the semantic security of constructed scheme by using the widely-accepted real and synthetic model, under the computationally hard Diffie-Hellman assumption. Computational and communication cost analysis of the improved protocol versus PALK, based on identical parameter sets on our experimental results on an Arduino UNO R3 board having microcontroller ATmega328P, shows 46% and 23% enhancements, respectively. We also provide, the energy consumption of the proposed protocol and each session of the protocol consumes almost 24 mJ energy. It shows that it is an appropriate choice for constrained environments, such as IoE.