The smart grid provides a flexible interactive platform for energy stakeholders by sharing energy usage data to enhance management efficiency and service accuracy. However, such data are often highly sensitive and vulnerable to eavesdropping and tampering during transmission. Ensuring data authenticity, integrity and users’ privacy is therefore critical. Redactable signatures have emerged as a promising cryptographic primitive to address these concerns. Nonetheless, most existing redactable signature schemes lack fine-grained control over the redaction process, making them susceptible to unauthorized or malicious modifications. To address this issue, we propose an identity-based Controlled Redactable Signature Scheme (CRSS), enabling users to selectively disclose information under controlled conditions without revealing private information. We define a formal security model and prove that the proposed scheme achieves unforgeability, redaction controllability, privacy, and transparency. Furthermore, theoretical analysis and experimental evaluation demonstrate that our scheme offers superior efficiency and practicality compared to existing approaches.

In Vehicular Communication (VC) systems, neighboring vehicles exchange authenticated transportation safety messages, informing about own mobility and the environment. Verifying all received messages in a dense neighborhood introduces significant cryptographic computation overhead for resource-constrained vehicular On-Board Units (OBUs). Attackers can exploit this to launch Denial of Service (DoS) attacks to clog OBUs by broadcasting bogus messages at a high rate. This attack is particularly effective due to an inherent asymmetry and amplification factor: each safety message is to be validated by all receiving neighboring vehicles. This imbalance can lead to significant delays in sifting benign messages amidst a deluge of bogus messages. Even worse, failure to promptly verify a significant amount of benign messages can paralyze Vehicle-to-Vehicle (V2V) enabled applications. We address this challenge, proposing a mechanism that thwarts such attacks: puzzle-based pre-validation that prioritizes verification of potentially valid messages with yet unknown (i.e., unverified) Pseudonymous Certificates (PCs). Verification of such PCs (and their corresponding messages) can bootstrap the efficient pre-validation of follow-up messages authenticated by the same PCs. We show experimental results confirming our scheme can effectively mitigate unsophisticated clogging DoS attacks that do not attempt to solve puzzles. We further show our scheme also significantly raises the bar for sophisticated adversaries: it can be configured to force attackers to solve puzzles for their bogus messages actively - something possible only by investing in significantly higher (hundreds of times more) computational power than that of the targeted benign vehicles. Last but not least, our scheme can be adaptive while remaining compatible to standardized V2V security.

Clogging Denial of Service (DoS) attacks have disrupted or disabled various networks, in spite of security mechanisms. External adversaries can severely harm networks, especially when high-overhead security mechanisms are deployed in resource-constrained systems. This can be especially true in the emerging standardized secure Vehicular Communication (VC) systems: mandatory message signature verification can be exploited to exhaust resources and prevent validating incoming messages sent by neighboring vehicles, information that is critical, often, for transportation safety. Efficient message verification schemes and better provisioned devices could serve as potential remedies, but existing solutions have limitations. We point out those and identify, challenges to address for scalable and resilient secure Vehicular Communication (VC) systems, and, most notably, the need for integrating defense mechanisms against clogging Denial of Service (DoS) attacks. We take the position that existing secure Vehicular Communication (VC) protocols are vulnerable to clogging Denial of Service (DoS) attacks and recommend symmetric key chain based pre-validation with mandatory signature verification to thwart clogging Denial of Service (DoS) attacks, while maintaining all key security properties, including non-repudiation to enable accountability.

Parameter-based damping ratio sensitivity (DRS) is usually used for designing multi-loop complex control systems in grid-forming (GFM) inverters. However, it is found that this method will be affected not only by the interactions among parameters in a controller, but also by the change of the parameter itself, which makes the parameter design based on the parameter-based DRS unreliable. To address these issues, each controller is considered as a whole, which avoids the interactions among controller parameters in a controller. Then, the controller-based determinant sensitivity (DS) that calculates the sensitivity of each controller to system stability is proposed for designing the control system, which will not be affected by interactions among parameters since the sensitivity is calculated at the controller level. Then, combined with the proposed solution, a controller shaping method is also presented, which can improve system stability by shaping the controller. Finally, the effectiveness of the proposed scheme is validated through experimental results.