E2C2AKA: enhanced ECC-based authentication and key agreement for securing communication in electric vehicle charging systems
摘要
As a critical infrastructure for new energy vehicles, the Electric Vehicle Charging System (EVCS) is gradually integrating into household daily usage scenarios, leveraging its environmental and economic advantages. For securely enabling the charging service from EVCS, the technology of authentication and key agreement (AKA) can ensure that only legal entities can access the charging data without charging accident resulted from the malicious attacker. To our knowledge, existing related state-of-the-art (SOTA) AKA schemes entails extensive parameter computation prior to verification, not only results in an inevitable susceptibility to Denial-of-Service (DoS) attacks but also prolong authentication procedure in the EVCS and lead to diminished charging efficiency. To illustrate this deficiency more concretely, existing schemes typically require the verifier to perform multiple expensive cryptographic operations (such as scalar multiplications) before determining a request’s legitimacy. An attacker can exploit this by flooding the verifier with forged requests, forcing it to expend computational resources on each one. In contrast, our proposed E2C2AKA protocol, by embedding a pre-shared secret, enables the verifier to first perform a lightweight hash-based verification. Only after a packet is validated as legitimate does the protocol proceed to the more expensive ECC operations, thereby effectively neutralizing DoS threats. To address these issues, this study, based on elliptic curve cryptography (ECC), designs a robust E2C2AKA protocol. Security analysis and performance analysis demonstrate that compared to SOTA, the designed E2C2AKA holds more robustness in security and streamlines AKA procedure in efficiency and so can be a good candidate for securing charging service in EVCS.