Human-Factor-Aware Privacy-Preserving Aggregation in Smart Grid

Privacy-preserving metering aggregation is regarded as an important research topic in securing a smart grid. In this paper, we first identify and formalize a new attack, in which the attacker could exploit the information about the presence or absence of a specific person to infer his meter readings. This attack, coined as human-factor-aware differential aggregation (HDA) attack, cannot be addressed in existing privacy-preserving aggregation protocols proposed for smart grids. We give a formal definition on it and propose two novel protocols, including basic scheme and advanced scheme, to achieve privacy-preserving smart metering data aggregation and to resist the HDA attack. Our protocol ensures that smart meters periodically upload encrypted measurements to a (electricity) supplier/aggregator such that the aggregator is able to derive the aggregated statistics of all meter measurements but is unable to learn any information about the human activities. We present the formal security analysis for the proposed protocol to guarantee the strong privacy. Moreover, we evaluate the performance of our protocol in a Java-based implementation under different parameters. The performance and utility analysis shows that our protocol is simple, efficient, and practical.