Abstract | The widespread deployment of smart meters that frequently report energy consumption information, is a known threat to consumers’ privacy. Many
promising privacy protection mechanisms based on secure aggregation schemes have been proposed. Even
though these schemes are cryptographically secure, the
energy provider has access to the plaintext aggregated
power consumption. A privacy trade-off exists between
the size of the aggregation scheme and the personal
data that might be leaked, where smaller aggregation
sizes leak more personal data. Recently, a UK industrial
body has studied this privacy trade-off and identified
that two smart meters forming an aggregate, are sufficient to achieve privacy. In this work, we challenge this
study and investigate which aggregation sizes are sufficient to achieve privacy in the smart grid. Therefore,
we propose a flexible, yet formal privacy metric using a
cryptographic game based definition. Studying publiclyavailable, real world energy consumption datasets with
various temporal resolutions, ranging from minutes to
hourly intervals, we show that a typical household can
be identified with very high probability. For example,
we observe a 50% advantage over random guessing in
identifying households for an aggregation size of 20
households with a 15-minutes reporting interval. Furthermore, our results indicate that single appliances can
be identified with significant probability in aggregation
sizes up to 10 households. |
---|