On the security of a unique batch authentication protocol for vehicle-to-grid communications

The concept of vehicle-to-grid (V2G) is that electric vehicles (EVs) communicate with the smart grid to sell demand response services by delivering electricity into the grid. By letting EVs discharge during peak hours and charge during off-peak hours, V2G networks could bring numerous social and technical benefits to the smart grid. Due to the scale of the network, the speed of the vehicles, their geographic positions, and the very sporadic connectivity between them, V2G communications have the crucial requirements of fast authentication. In 2011, Guo et al. proposed a unique batch authentication protocol for V2G communications. They claimed their protocol is strong enough to defend against security attacks. In this paper, we investigate the security of Guo et al.´s protocol. More precisely, we show that either the vehicle or aggregator can easily generate a collection of bogus signatures that satisfies the batch verification criterion, i.e., forgery attacks. Any attackers can easily forge signatures satisfying the batch verification criterion without the knowledge of the signer´s private key. Consequently, Guo et al.´s protocol is not secure at all.