The digitalization of energy systems, particularly smart grids and energy IoT infrastructures, has amplified cybersecurity risks, with distributed devices such as smart meters, gateways, and controllers being highly susceptible to man-in-the-middle (MitM) and replay attacks. This study introduces a collaborative multi-party encryption scheme that integrates RSA- and ElGamal-inspired mechanisms into a transactional, nested key structure. Unlike conventional public-private key approaches, the scheme employs a collaboratively generated master key across multiple intermediate nodes, ensuring layered confidentiality and decentralized trust without reliance on third parties. Formal analysis under the Dolev-Yao threat model demonstrates provable resistance to MitM attacks, while comparative evaluation highlights collusion resistance and confidentiality guarantees. Experimental results show that encryption remains lightweight, with minimal computational burden on resource-constrained IoT devices, whereas decryption time scales with the number of participating nodes. Message overhead grows linearly with the number of encryption layers but remains manageable for IoT deployments. Comparative benchmarks confirm that the proposed method uniquely combines MitM resistance, collaborative trust, and IoT suitability-features not jointly achieved by existing schemes. Overall, the scheme provides a resilient and scalable security solution for anonymous, decentralized energy infrastructures, supporting the integrity and privacy of next-generation smart energy systems.
Mai Alfawair (Thu,) studied this question.