Using Homomorphic Encryption for Smart Metering Systems: Comparison
Please note this is a comparison between Version 2 by Alfred Zheng and Version 1 by Weiyan Xu.

Smart metering systems (SMSs) have been widely used by industrial users and residential customers for purposes such as real-time tracking, outage notification, quality monitoring, load forecasting, etc. Protecting data privacy for SMSs that considers trust boundaries (TBs) and computability using real-world data sets while providing privacy guarantees. The proposed framework uses homomorphic encryption (HE) as a primitive for security. HE can provide strong protection based on cryptography and data processing on encrypted data without first decrypting it.

  • smart metering system
  • homomorphic encryption

1. Introduction

Smart metering systems (SMSs) are pivotal in modernizing the energy and resource sector, driving efficiency (e.g., energy distribution [1]), reliability (e.g., industrial applications [2]), and sustainability (e.g., water management [3]). Their novelty and contribution lie in providing accurate, real-time or near-real-time data on energy and resource consumption, enabling utilities to provide more reliable services, optimize system operations, identify inefficiencies, and support the integration of renewable energy sources (e.g., smart grid systems) [4,5][4][5]. Simultaneously, they contribute to empowering consumers to make informed decisions regarding energy use, leading to demand-side management and cost savings. By supporting infrastructure modernization, SMSs can reduce overall energy consumption, decrease carbon emissions, and advance the transition to a low-carbon and sustainable economy [6,7][6][7].
SMSs provide various features such as tracking real-time or near-real-time usage data [8], detection of abnormal usage [9], more accurate billing information [10], and the ability to share the collected fine-grained data with third-party analysts for more comprehensive analysis (e.g., dynamic price prediction [11]). For instance, smart water metering (SWM) systems can generate fine-grained temporal water usage data, which can be used to recognize user behaviors such as tapping, taking a shower [12], and gardening [13].
However, this raises serious privacy concerns, as malicious actors, including service providers, third-party analysts, or neighbors, can eavesdrop and analyze these data without user consent. Their motivations vary from identifying a specific customer to monitoring the billing information or analyzing user behaviors. Therefore, it is crucial to carefully evaluate the security implications of sharing customer data with related entities or outsourcing to third-party analysts in different scenarios. Some smart metering systems, such as SWM, may have sparsity in their fine-grained data sets, with a granularity of 10 s or even longer (i.e., the gap between water usages is usually large), which makes it easier to identify the user by recognizing their behavior and mapping to real-world activities. In addition, installing and implementing a smart metering system requires security considerations and standards [14]. Poor installation practices or unauthorized personnel installing the smart meters may leave them vulnerable to tampering or unauthorized access. Therefore, this research mainly concentrated on making a given SMS more privacy- and security-compliant but did not consider the side effects of the SMS (e.g., the broader implications of SMSs such as energy consumption or reduction, energy sources, sustainability, etc.).

2. A Privacy-Preserving Framework Using Homomorphic Encryption for Smart Metering Systems

Smart metering systems (SMSs) are integral to modern resource management infrastructure, enabling the accurate measurement and monitoring of resource consumption in residential and commercial settings. However, SMSs have raised many security and privacy concerns [20][15], such as the fact that SMSs can be attacked through vulnerabilities to bring down the whole system and cause damage to customers and service providers. Particularly, SMSs can generate sensitive consumption data [8] that are used to provide valuable services such as load forecasting [16]. Meanwhile, many regulations and laws (e.g., GDPR [21][17]) exist as standards to protect data privacy. As a result, ensuring the security of smart metering systems has become a critical concern for SMSs.

2.1. Privacy Risk and Countermeasures of SMS

Cyber–physical systems (CPS), such as SMSs or IoT systems, combine physical and digital entities and generate enormous volumes of data. The data generated by SMSs can be used to infer customers’ presence [22][18] and for activity recognition, including short-term activities (e.g., tapping or taking a shower [12]) or long-term activities (e.g., gardening [13]). Priyadarshini [23][19] studied the optimal machine learning methods to reach a high accuracy of 98% in activity recognition using the data from smart wearables, which form an integral part of IoT systems. Because behavioral patterns can be analyzed through activity recognition, privacy concerns are increasingly growing due to customers’ privacy exposure [24][20]. A simple solution is to use the energy stored in the households that can later reshape the usage profile. Li et al. proposed a Bayesian detection-operational privacy leakage metric [25][21] for evaluating privacy risk and studied an optimal privacy-preserving energy control strategy. Li et al. presented a way [26][22] of pruning vulnerable data and randomly selecting database proportions for publishing.

2.2. General Privacy-Preserving Techniques

Some general privacy-preserving techniques have been investigated to address the privacy issues of SMSs. One example is k-anonymity. Alsaid et al. applied the Mondrian algorithm to ensure k-anonymity by excluding personally identifiable information within a smart grid system [27][23], which achieves anonymization in nlog(n) time complexity. Stegelmann and Kesdogan proposed using pseudonyms implementing k-anonymization to avoid the service provider identifying a specific customer in a smart grid [28][24]. However, k-anonymity does not include randomization, and adversaries can still successfully make inferences if they already know some background knowledge. Therefore, SMSs are vulnerable to adversaries if they can monitor the customers for a long time. Trusted execution environment (TEE), an isolated CPU space for secure computation, is a second choice. Karopoulos et al. chose TEE as trusted computing technology to protect cryptographic keys, sensitive data, and critical operations in the application of smart grids such as remote attestation [29][25]. Valadares et al. studied a trusted architecture solution based on TEE and other security mechanisms to protect data in IoT applications [30][26]. Although there is the advantage of low communication and computation costs, TEE has a cost for hardware and is highly reliant on hardware implementation. Moreover, TEE is suitable for the data federation rather than the data collection process. MPC is a technique that utilizes an MPC protocol to make participants collaborate on computations over their inputs while keeping them private through protocols. An MPC protocol refers to the rules and procedures that enable each party to compute the function securely and privately. It defines how the parties interact with each other, how they share information, and how they combine their inputs to produce the desired result. MPC comes with the huge cost of communication overhead. Kirschbaum et al. presented a privacy-aware communication protocol [31][27] for smart grid systems based on secure multiparty computation, which allows the aggregation of consumption data of a group of smart meters without disclosing individual information. Although this solution can reduce the communication effort through a special initialization phase, this phase increases the system’s complexity, for example, increasing the overhead of pre-computation. Danezis et al. proposed an MPC scheme based on secret sharing [32][28] through which they examined the usage of complex functions on smart meters. However, the scheme requires more computing rounds and negatively affects the bandwidth and latency. Differential privacy (DP) is also a widely used privacy-preserving method. However, by adding proper noise, there is always a balance between data utility and privacy protection. Assuming the water provider is honest and trustworthy, Cardell-Oliver and Carter-Turner proposed a solution by sampling differential privacy in SWM systems that use (ϵ,δ)-differential privacy for a sample of Nβ households [15][29], which significantly improved the differential privacy guarantees because smaller samples increase the adversary’s uncertainty about which households are in the sample. Gai et al. proposed a data aggregation scheme with local differential privacy (LDP) in smart grids [33][30] by discretizing and aggregating these data to meet the privacy guarantees of LDP and finally estimating the total or average power consumption after combining randomized responses. HE is a promising technique that supports computations over encrypted data. Fully homomorphic encryption (FHE) [34][31] is regarded as the complete form of HE, as FHE supports an unlimited number of arbitrary computations for potentially complex applications. Tonyali et al. assessed the feasibility of FHE for smart grids by adapting one existing FHE scheme for advanced metering infrastructure (AMI). The data size and delay overheads were acceptable [35][32]. As FHE supports arbitrary function evaluation and an unlimited number of operations, it depends on bootstrapping to reduce the noise level of ciphertexts when the level of the computation circuit is deep. Considering privacy protection based on cryptography for the whole process, honest data collectors or third-party analysts are no longer needed; thus, HE is regarded as the most promising method.


  1. Mbungu, N.T.; Bansal, R.C.; Naidoo, R.M.; Bettayeb, M.; Siti, M.W.; Bipath, M. A dynamic energy management system using smart metering. Appl. Energy 2020, 280, 115990.
  2. Elsisi, M.; Mahmoud, K.; Lehtonen, M.; Darwish, M.M. Reliable industry 4.0 based on machine learning and IOT for analyzing, monitoring, and securing smart meters. Sensors 2021, 21, 487.
  3. Luciani, C.; Casellato, F.; Alvisi, S.; Franchini, M. Green smart technology for water (GST4Water): Water loss identification at user level by using smart metering systems. Water 2019, 11, 405.
  4. Loureiro, D.; Vieira, P.; Makropoulos, C.; Kossieris, P.; Ribeiro, R.; Barateiro, J.; Katsiri, E. Smart metering use cases to increase water and energy efficiency in water supply systems. Water Sci. Technol. Water Supply 2014, 14, 898–908.
  5. Chakraborty, S.; Das, S.; Sidhu, T.; Siva, A. Smart meters for enhancing protection and monitoring functions in emerging distribution systems. Int. J. Electr. Power Energy Syst. 2021, 127, 106626.
  6. Gellings, C.W. The Smart Grid: Enabling Energy Efficiency and Demand Response; CRC Press: Boca Raton, FL, USA, 2020.
  7. Hledik, R. How green is the smart grid? Electr. J. 2009, 22, 29–41.
  8. Asghar, M.R.; Dán, G.; Miorandi, D.; Chlamtac, I. Smart meter data privacy: A survey. IEEE Commun. Surv. Tutor. 2017, 19, 2820–2835.
  9. Lu, N.; Du, P.; Guo, X.; Greitzer, F.L. Smart meter data analysis. In Proceedings of the PES T&D 2012, Orlando, FL, USA, 7–10 May 2012; pp. 1–6.
  10. Jawurek, M.; Johns, M.; Kerschbaum, F. Plug-in privacy for smart metering billing. In Proceedings of the International Symposium on Privacy Enhancing Technologies Symposium, Waterloo, ON, Canada, 27–29 July 2011; pp. 192–210.
  11. Xue, K.; Yang, Q.; Li, S.; Wei, D.S.; Peng, M.; Memon, I.; Hong, P. PPSO: A privacy-preserving service outsourcing scheme for real-time pricing demand response in smart grid. IEEE Internet Things J. 2018, 6, 2486–2496.
  12. Cominola, A.; Giuliani, M.; Castelletti, A.; Rosenberg, D.E.; Abdallah, A.M. Implications of data sampling resolution on water use simulation, end-use disaggregation, and demand management. Environ. Model. Softw. 2018, 102, 199–212.
  13. Cardell-Oliver, R.; Wang, J.; Gigney, H. Smart meter analytics to pinpoint opportunities for reducing household water use. J. Water Resour. Plan. Manag. 2016, 142, 04016007.
  14. Fan, Z.; Kulkarni, P.; Gormus, S.; Efthymiou, C.; Kalogridis, G.; Sooriyabandara, M.; Zhu, Z.; Lambotharan, S.; Chin, W.H. Smart grid communications: Overview of research challenges, solutions, and standardization activities. IEEE Commun. Surv. Tutor. 2012, 15, 21–38.
  15. Ur-Rehman, O.; Zivic, N.; Ruland, C. Security issues in smart metering systems. In Proceedings of the 2015 IEEE International Conference on Smart Energy Grid Engineering (SEGE), Oshawa, ON, Canada, 17–19 August 2015; pp. 1–7.
  16. Taïk, A.; Cherkaoui, S. Electrical load forecasting using edge computing and federated learning. In Proceedings of the IEEE International Conference on Communications (ICC 2020), Online, 7–11 June 2020; pp. 1–6.
  17. Albrecht, J.P. How the GDPR will change the world. Eur. Data Prot. L. Rev. 2016, 2, 287.
  18. Jin, M.; Jia, R.; Kang, Z.; Konstantakopoulos, I.C.; Spanos, C.J. Presencesense: Zero-training algorithm for individual presence detection based on power monitoring. In Proceedings of the 1st ACM Conference on Embedded Systems for Energy-Efficient Buildings, Memphis, TN, USA, 3–6 November 2014; pp. 1–10.
  19. Priyadarshini, I.; Sharma, R.; Bhatt, D.; Al-Numay, M. Human activity recognition in cyber-physical systems using optimized machine learning techniques. Clust. Comput. 2022.
  20. Salomons, E.; Sela, L.; Housh, M. Hedging for privacy in smart water meters. Water Resour. Res. 2020, 56, e2020WR027917.
  21. Li, Z.; Oechtering, T.J.; Skoglund, M. Privacy-preserving energy flow control in smart grids. In Proceedings of the 2016 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Shanghai, China, 20–25 March 2016; pp. 2194–2198.
  22. Li, N.; Qardaji, W.; Su, D. On sampling, anonymization, and differential privacy or, k-anonymization meets differential privacy. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Republic of Korea, 2–4 May 2012; pp. 32–33.
  23. Alsaid, M.; Slay, T.; Bulusu, N.; Bass, R.B. K-anonymity applied to the energy grid of things distributed energy resource management system. In Proceedings of the 20th Annual International Conference on Mobile Systems, Applications and Services, Portland, OR, USA, 27 June–1 July 2022; pp. 581–582.
  24. Stegelmann, M.; Kesdogan, D. Gridpriv: A smart metering architecture offering k-anonymity. In Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, UK, 25–27 June 2012; pp. 419–426.
  25. Karopoulos, G.; Xenakis, C.; Tennina, S.; Evangelopoulos, S. Towards trusted metering in the smart grid. In Proceedings of the 2017 IEEE 22nd International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), Lund, Sweden, 19–21 June 2017; pp. 1–5.
  26. Valadares, D.C.G.; Sobrinho, Á.A.D.C.C.; Perkusich, A.; Gorgonio, K.C. Formal verification of a trusted execution environment-based architecture for IoT applications. IEEE Internet Things J. 2021, 8, 17199–17210.
  27. Kirschbaum, M.; Plos, T.; Schmidt, J.M. On secure multi-party computation in bandwidth-limited smart-meter systems. In Proceedings of the 2013 International Conference on Availability, Reliability and Security, Regensburg, Germany, 2–6 September 2013; pp. 230–235.
  28. Danezis, G.; Fournet, C.; Kohlweiss, M.; Zanella-Béguelin, S. Smart meter aggregation via secret-sharing. In Proceedings of the first ACM Workshop on Smart Energy grid Security, Berlin, Germany, 8–10 November 2013; pp. 75–80.
  29. Cardell-Oliver, R.; Carter-Turner, H. Activity-aware privacy protection for smart water meters. In Proceedings of the 8th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation, Coimbra, Portugal, 17–18 November 2021; pp. 31–40.
  30. Gai, N.; Xue, K.; Zhu, B.; Yang, J.; Liu, J.; He, D. An efficient data aggregation scheme with local differential privacy in smart grid. Digit. Commun. Netw. 2022, 8, 333–342.
  31. Gentry, C. Fully homomorphic encryption using ideal lattices. In Proceedings of the 41st Annual ACM Symposium on Theory of Computing, Bethesda, MD, USA, 31 May–2 June 2009; pp. 169–178.
  32. Tonyali, S.; Saputro, N.; Akkaya, K. Assessing the feasibility of fully homomorphic encryption for smart grid ami networks. In Proceedings of the 2015 Seventh International Conference on Ubiquitous and Future Networks, Sapporo, Japan, 7–10 July 2015; pp. 591–596.
Video Production Service