Smart grid is the modernization of the existing nation-wide power grid. As a core component of the smart grid, Advanced Metering Infrastructure (AMI) integrates a two-way communications network which enables customers and utilities to actively monitor and manage their energy use. While the deployment of AMI brings enormous social and industrial benefits, some incurred security and privacy issues need to be properly addressed. In this paper, we propose a data communication scheme for AMI with particular considerations on these issues. In our approach, we require strong device authentication before a smart meter joins AMI network. Data confidentiality as well as customer privacy associated with sensitive data are protected by taking advantage of homomorphic encryption. Each in-network message is digitally signed for data integrity. Security analysis is provided to justify our scheme.