Cryptanalysis and improvement of a three-factor user authentication scheme for smart grid environment

Nowadays, smart grid technology has become popular because it provides intelligent and distributed electrical power transmission systems. One of its main applications is to charge the electric vehicles. To provide a secure communication between a user and a smart meter and during the peak hours, authentication is necessary between them. Recently, Wazid et al. have discussed a three factor authentication (3FA) scheme for smart grid environment using ECC and showed that it is more secure than the related protocols. Here, we first cryptanalyze their scheme and find the user impersonation and stolen mobile terminal attacks in it. To remove these limitations, we design an improved authentication protocol for smart grid environment. We formally verify the security of our scheme using ProVerif tool. Also we present its informal security analysis to prove that it is invulnerable to many known attacks. In comparative study, we show that our scheme provides more security features than the existing schemes. © 2020, Springer Nature Switzerland AG.