Accurate state estimation is of critical importance to maintain normal operating conditions of smart power grids. To ensure the integrity of state estimation, the current power grid systems use bad data detection (BDD) system to filter faulty measurements caused by device malfunctions or malicious attacks, etc. However, recent research shows that carefully synthesized false-data injection attacks can bypass the BDD system and thus introduce arbitrary errors to state estimates. In this paper, we investigate defending mechanisms against false-data injection attacks. Through protecting carefully selected meter measurements, no false-data injection attack can be launched to compromise any set of state estimates. We first derive a necessary and sufficient condition to select the protection measurements and analyze the properties of the optimal solution which protects the state estimates with minimum number of measurements. Based on the arguments, both optimal and reduced-complexity suboptimal algorithms are proposed. In particular, the suboptimal algorithm allows the system operator to protect the state estimates in arbitrary sequence according to their relative importance. Analysis and experiments show that it significantly reduces computational complexity, while yielding negligible performance degradation compared with the optimal algorithm. Our results here may find applications in the security upgrade projects of our current large-scale electrical power system towards smart power grids.