Low complexity smart grid security protocol based on elliptic curve cryptography, biometrics and hamming distance.

The incorporation of information and communication technologies in the power grids has greatly enhanced efficiency in the management of demand-responses. In addition, smart grids have seen considerable minimization in energy consumption and enhancement in power supply quality. However, the transmission of control and consumption information over open public communication channels renders the transmitted messages vulnerable to numerous security and privacy violations. Although many authentication and key agreement protocols have been developed to counter these issues, the achievement of ideal security and privacy levels at optimal performance still remains an uphill task. In this paper, we leverage on Hamming distance, elliptic curve cryptography, smart cards and biometrics to develop an authentication protocol. It is formally analyzed using the Burrows-Abadi-Needham (BAN) logic, which shows strong mutual authentication and session key negotiation. Its semantic security analysis demonstrates its robustness under all the assumptions of the Dolev-Yao (DY) and Canetti- Krawczyk (CK) threat models. From the performance perspective, it is shown to incur communication, storage and computation complexities compared with other related state of the art protocols.

Harnessing the Challenges and Solutions to Improve Security Warnings: A Review.

The security warning is a representation of communication that is used to warn and to inform a person whether security menaces have been discovered in order to prevent any consequences of damage from taking place. The purpose of a security warning is to provide a legitimate alert (to notify and to warn) to the users so that a secure manner of action is safely conducted. It is worth noting that the majority of computer users prefer to dismiss security warnings due to lack of attention, the use of technical words, and the deficiency of information provided. This paper determines to achieve two outcomes: firstly, a thorough review of problems, challenges, and approaches to improving security warnings. Our work complements the previous classifications in the identification of problems and challenges in security warnings by value-adding a new classification, namely immersion in the primary task. Then, we add other related works within the known classifications accordingly. In addition, our work also presents the classifications of approaches to improving security warnings. Secondly, we propose two timelines by addressing the problems, challenges, and approaches to improving security warnings. It is expected that the outcomes of this research will be useful to researchers within the niche area for analysing trends and providing the groundwork in security warning studies, respectively.