Electric vehicles can place a significant load on the power grid due to their unscheduled charging events. One way of improving power grid stability is to schedule electric vehicle charging in advance. Before a charging visit, the electric vehicle provides necessary information to request for charging at a charging station, which prepares and reserves the energy before the visit. However, the reported information can cause privacy leakage of the electric vehicle user. Anonymous information reporting can protect user privacy, but also enables attacks on the charging station by unauthorized users. An anonymous authentication system can address these issues, but cannot detect misbehaviors by authenticated users. One remedy to this is revocable anonymity-based authentication, which can revoke the anonymity of malicious users after their misbehaviors. However, we show that such a system is still vulnerable to application-level Denial of Service attacks, where a malicious user requests for large amounts of energy simultaneously from many charging stations, preventing these stations from serving other users. To address this, we improve upon an existing revocable anonymity-based authentication framework. We propose a permit-based mechanism, where each electric vehicle is only issued with one blind signature-based permit at a time. A request is valid only if it contains a valid and unused permit, which protects the system from the application-level Denial of Service attacks. Security analysis and experiments demonstrate that our framework, while ensuring user anonymity and being robust to the aforementioned attack, is also scalable and lightweight.
