On the security of a novel privacy‐preserving authentication scheme for V2G networks

Abstract

Vehicle‐to‐grid (V2G) network has a clear advantage in terms of economic advantages, it has attracted the interest of electric vehicle (EV) and power grid users. However, numerous security concerns limit its further progress. In existing V2G protocols a trusted third party independently generates the master key of the system, so if the adversary compromises the third party, then the system may become vulnerable to system master key leakage attack. Recently, Su et al. presented a privacy‐preserving mutual authentication protocol for V2G networks. Firstly, we crypt‐analysis Su et al.'s protocol and show that their protocol is vulnerable to several security attacks such as the reveal of the master secret key, impersonation attacks and the incorrect notion of EV's anonymity and traceability and does not meet the security features they claimed in their paper. Secondly, we verify that Su et al.'s protocol is unsafe against impersonation attacks, system key leakage, and electrical vehicle anonymity attack using the AVISPA tool.