Cyber Security Algorithms

Research Project on “Secure Digital Life”

This assignment has been issued for students and they are required to write a research project on topic “Secure Digital Life”. The project has to contain details about cyber security. The evaluator is more interested in secure phone communications, secure phone app idea. The examiner has restricted students against making use of any cloud services for the research paper. Also, the examiner is dissuading students from using any kind of survey for the research paper. The examiner is more interested in practical examples in the writing. The given research project should contain about 12,000 words.

SOLUTION: –

Cyber Security Algorithms for Internet of Things

COVER  PAGE

Abstract

Internet of Things is becoming more and more commonplace. This is one of the main reasons why security is a very crucial aspect for its success. Without sufficient security and privacy, all the benefits of IoT could prove disadvantageous if misused. IoT uses the same internet as traditional devices and therefore, it is expected to undergo similar security measures. In this thesis, some of the challenges and limitations of IoT security are overviewed. Also, different attacks on different layers are presented along with potential solutions. The main focus of this thesis, is exploring the current security solutions in terms of hardware security along with some of the popular encryption algorithms used for this purpose. It shows that AES as a standard algorithm and PRESENT as a standard lightweight algorithm are the most suited for hardware implementations. More important is that PRESENT is more suited for IoT as a low power platform. Accordingly, the thesis work focuses on the PRESENT algorithm and compares the different design methodologies.

Table of Contents

Abstract 2

List of Figures. iii

List of Tables. iv

Chapter 1 Introduction.. 1

1.1        Challenges and Limitations. 2

1.2        IoT Security Problems. 3

1.2.1        Perception Layer Security Problems. 3

1.2.2        Network Layer Security Problems. 5

1.2.3        Application Layer Security Problems. 6

1.3        IoT Security Measures. 6

1.3.1        Perception Layer Security Measures. 6

1.3.2        Wireless Sensor Network Security Measures. 7

1.3.3        Network Layer Security Measures. 7

1.3.4        Application Layer Security Measures. 8

1.4        Case Study. 9

1.4.1        Key components of the proposed IoT system… 9

1.4.2        Security concerns of the proposed IoT system… 9

1.5        Motivation and Objective. 10

Chapter 2 Literature Survey. 12

2.1        Hardware-Based Solutions. 12

2.1.1        Physically unclonable functions (PUF). 12

2.1.2        Trusted Platform Module (TPM). 13

2.1.3        Trusted Platform Module (TPM). 13

2.2        Security Algorithms. 13

2.2.1        Popular Standardized algorithms. 14

2.2.2        Lightweight Algorithms. 16

Chapter 3 Proposed Algorithms. 19

3.1        AES. 19

3.1.1        SubBytes() Transformation.. 20

3.1.2        ShiftRows() Transformation.. 21

3.1.3        MixColumns() Transformation.. 22

3.1.4        Key Expansion.. 22

3.2        PRESENT.. 23

3.2.1        Encryption.. 23

3.2.2        Decryption.. 26

4.1 Image Processing. 30

Evaluation Parameters. 31

Chapter 5 Conclusions. 34

References. 35

List of Figures

Figure 1 IoT different layers security problems. 4

Figure 2 IoT different layers security measures. 8

Figure 3 IoT case study diagram. 10

Figure 4 (a) TPM diagram, (b) TEE diagram. 13

Figure 5 Different Security Algorithms. 14

Figure 6 AES flowchart. 20

Figure 7 Key expansion pseudo-code. 23

Figure 8 Encryption Algorithm Flow chart. 24

Figure 9 Encryption Algorithm Flow chart. 26

Figure 10 Block Diagram of MATLAB code for encryption and decryption. 29

Figure 11 Contents of the for iterator for encryption and decryption (the for iterator (bottom left) applies to all blocks and its output is the current iteration index). 30

Figure 12 Images Encryption/Decryption. 31

List of Tables

Table 1 Comparison Between Different Communication Protocols. 2

Table 2 Different Algorithms Implementation on Reconfigurable Hardware. 17

Table 3 ASIC Implementations Comparison Between Different Algorithms. 17

Table 4 Sadhukhans FPGA Implementation Results. 17

Table 5 Sadhukhans ASIC Implementation Results. 18

Table 6 AES Substitution Box. 21

Table 7 Substitution Box of PRESENT. 25

Table 8 Permutation layer table. 25

Table 9 Inverse Permutation layer table. 27

Table 10 Inverse Substitution Box of PRESENT. 28

Table 11 Results for Correlation and Entropy. 33

Chapter 1 Introduction

Internet of Things (IoT) is a new life-changing technology that allows connecting objects to each other. The main idea of IoT is utilizing the variety of things surrounding us everywhere such as Radio-Frequency IDentification (RFID) tags, sensors, actuators, mobile phones, etc. [1]. IoT is considered as the evolution of the machine to machine (M2M) communication which allows 2 physical objects to talk to each other [2]. Despite the benefits of IoT, there are some challenges such as power and area limitations, and security issues. Once these challenges are solved, it is expected that the IoT will invade the world. The IoT structure can be divided into 3 main architecture layers: perception layer, network layer, and application layer.

The perception layer is responsible for identification, sensing and communication [1,2]. Due to transmission through air, this layer is prone to several attacks such as node capture, fake node, and man in middle attack, etc. It consists of sensors, wireless sensor networks, actuators, and controller.

Sensors are responsible for the measurement of a certain type of input such as: light, heat, motion, moisture, pressure, or any other environmental phenomena [2]. They are very important in IoT as they convert the inputs into a signal that could be dealt with and perceived by the controller. It includes temperature sensors, pressure sensors, cameras, Radio Frequency IDentification (RFID) tags, etc. [3]. A Wireless Sensor Network (WSN) is a self-organized wireless network of many sensors distributed over a large area [3].

Actuators, on the other hand, are devices that convert electrical signals from the controller into a certain type of output, such as light, heat, motion, etc. For instance, thermal actuator takes a signal from the controller and based on that signal, it converts it into temperature. Lastly, controllers are the devices that receive the signal from sensors then process the data by comparing the signal to the desired value and accordingly produce the appropriate signals back to actuators to do the desired task.

To understand how the sensors and actuators work concurrently, let’s consider a smart house in which lights automatically turn on if someone is in the room and off otherwise. The sensors are responsible for detecting if there is someone in the room or not. On the other hand, the actuators respond to the controller’s signal to turn on/off the light.

The second layer is the network layer, it is also called transmission layer or communication layer: it is the backbone for IoT as it is responsible for: linking different IoT nodes and layers with each other [4], management and processing of data [5]. Accordingly, choosing the appropriate protocol is crucial. There are different communication protocols such as Ethernet, Bluetooth, Wi-Fi, ZigBee, RFID and Fifth Generation (5G). Table 1.1 summarizes the main differences between them.

For data processing, cloud computing, database software or intelligent processing are used. In fact, this feature could be considered as a separate layer as in [5]. This layer suffers from cluster security problems and some privacy issues.

The third layer is the application layer, it is the highest abstraction level in IoT. It includes services, message protocols of the lower layers and applications based on smart objects [12]. Furthermore, it is responsible for data transport, device management and security [2]. These applications could be in the form of graphical user interface (GUI) as in mobile applications, or clouds for massive projects and data [2]. Managing between different IoT applications could induce the need of a new sublayer called a Business layer [5]. The main goal of this layer is to identify the needed applications for a certain IoT domain and how to manage between them.

1.1 Challenges and Limitations

As IoT devices become more capable of higher processing powers they become suitable targets for malware. The imposed size and power limitations of IoT call for limited computing capacity. The fact that security is not the main functionality of an IoT device means that even lesser portion of that computing power is available for security. Security measures implemented in traditional computers such as cryptography, present a challenge from this context when applied in IoT devices [13].

Table 1 Comparison Between Different Communication Protocols.

Protocol Connection Distance Speed Application Limitation Standard
Ethernet [6] Wired Medium 10 Mbits/s up to

100 Gbits/s

High speed and bandwidth Vulnerable to physical damage IEEE 802.3
Bluetooth 5 [2,7] Wireless Short (300m) 2Mbits/s Suitable for IoT low power protocol Slave devices are limited to 7 devices IEEE 802.15.1
WIFI [2,8] Wireless Short (100m) 433 Mbits/s up to several GB/s Low cost small area application Very small range/ subject to interference IEEE 802.11ac
ZigBee [2,9] Wireless Short 250 Kbits/s Low-power low-data transfer application Very slow/ small range IEEE 802.15.4
RFID [1,10] Wireless Short

(up to 10m)

Up to 4 Mbits/s Low-cost, IoT application Interference with other RFID tags possible ISO18000
5G [2,11] Wireless Long More than 100 Mbits/s Connects millions of devices. Traffic management Security and privacy issues yet to be solved
  1. Location in an open environment:

Not all IoT devices are used in home appliances or within securely locked locations, some devices will be embedded in the environment such as sensors for example. These devices are prone to tampering via hostile users who could manipulate them or change their location. The huge number of IoT devices makes it an unfeasible task to monitor each device individually for correct locality or to check for suspicious behavior manually [13].

  1. Privacy concerns:

IoT devices have the potential to be employed in all aspects of our life. As a result, these devices are able to collect a huge database of extensive information about users life. This provides a concern for privacy as these data can be exploited for profit or other gains. Consequently, it is very important to provide a measure for protecting user information to avoid manipulation without their consent.

  1. Identification:

Another IoT challenge is the huge number of different applications and protocols of the IoT devices that dont particularly follow a predictable pattern. Many of the IoT devices already present follow identification protocols that were sufficient for specific applications of the time but lacks a universal reference for identification. A universal identification scheme is important for the success of IoT and that is yet to be established [13].

  1. Authentication:

A large portion of IoT devices depends on sensors and actuators to collect data from the environment. These devices usually are not able to process information on their own but rather rely on sending this data over to a more capable device such as cloud-based devices. Authentication ensures that each side of the communicating parties correctly identifies the other. To ensure security proper authentication procedures should be followed to gain access to sensors information. A low power solution for this task is thus needed.

1.2 IoT Security Problems

IoT security problems could be attacks, threats, or compatibility problems. It is useful to categorize them according to their perspective layers as shown in Figure

1.1. The following section will discuss the security problems in each layer.

1.2. Perception Layer Security Problems

Transmission through open area opens the possibility of attacking, intercepting and monitoring the data. The attacker can access the equipment or physically damage them by performing, for instance, DPA (Differential Power Analysis) attack [19].

Some examples of the possible attacks and issues includes:

Figure 1IoT different layers security problems

  1. Node capture: key nodes are controlled by the attacker to take the critical information from the system like communication key, radio key, matching key, etc. [14].
  2. Fake node and malicious data: fake nodes are added to the system by the attacker, then fake code or data is entered. The added nodes could consume the power of the system leading to the failure of the whole system or allow the attacker to control the network [14].
  3. Denial of Service Attack (DOS): which is the most common attack on wireless sensor network (WSN). It is used to make the system go down by flooding it with useless traffic, forcing devices to hang and fail to respond to the instructions. An example of this attack is using the weakness of TCP/IP TCMP to send data that the system didn’t expect. Furthermore, the hacker can utilize TCP/IP 3-way handshake to hack the system. In this mechanism, the user sends a request to synchronize (SYN packet) and the system responds back with confirmation (SYN-ACK packet). Then, the user sends a confirmation (ACK packet) of receiving that package after which, the system begins to talk. The hacker can utilize this by not responding back after the ACK packet which will cause the system to hang. The hacker will send multiple requests to fill all the open-requests so when the actual user sends a request the system will not respond to him [16].
  4. Timing Attack: by analyzing the time required by certain queries and knowing the crypto-system design, the CPU running the system, the algorithms used, assorted implementation details, timing attack countermeasures and the accuracy of the timing measurements, the hacker can know the key information [14,17].
  5. Routing Threats: also called Routing Loop, for example, assume there is a WSN consisting of A, B and C that uses the lowest cost algorithm such that the minimum cost of sending information from A to C is through B. Assume that the linkage between B and C is broken and B didn’t inform A about the broken linkage. If A wants to send a package to C, it will send the package first to B. Then, B will try to reach C, but due to the broken linkage, B will not find another route except through A. Accordingly, the packages will go into infinite loop between A and B. In this example, the hacker will try to break the linkage between B and C without letting B inform A about this issue which in turn will prevent the data transmission. Fortunately, Recent distance-vector routing protocols such as BGP, EIGRP, DSDV, or Babel have built-in loop prevention) [14].
  6. Side Channel Attack (SCA): at which the system is attacked via the channel leaked information such as time consumption, power consumption, or electromagnetic radiation [14].
  7. Man-in-middle attack: consider two IoT nodes A and B, by adding 2 fake nodes A’ & B’ such that B’ is near A, and A’ is near B. Then, A will send the information to B’ instead of B and B’ will send the information to A’ which send a replication of data to node B [1].
  8. Replay Attack: It is a specific type of man in middle attack where the hacker receives a packet from the destination host and resends it in order to gain the trust of the system. It may use authentication processing to destroy the validity of the certification [14]. This attack can be prevented by using timestamp and sequence number. The system which has the correct timestamp will be the only system allowed to communicate [18].

1.2.2  Network Layer Security Problems

The network layer security problems include some common issues in internet security in addition to compatibilities issues, cluster security problems, and privacy disclosure. For common internet issues, there are solid measures to prevent them. Common threats are such as illegal access, eavesdropping information, confidentiality damage, integrity damage, DoS attack, Man-in-the-middle attack, virus invasion, and exploit attacks, etc. [19].

  1. Compatibilities issues: the existing internet security measures are based on the man-use of the machines. However, in IoT, it is a machine to machine interaction and there are various accessing methods which in turn will make the communication worse [19].
  1. The Cluster Security Problems: due to the large number of the IoT devices, if the same authentication techniques are used, the amount of data traffic will block the network as the existing IP doesn’t support the huge number of devices [14].
  2. Privacy Disclosure: because of the development of information retrieval techniques, the attackers can easily collect a large number of a particular users private information [14].

1.2.3  Application Layer Security Problems

Problems differ from each environment because there is no universal standard, but there are some common issues, such as: The Ability to deal with Mass-data: there are huge data transmission and machine talk in the complex environment. If this data processing doesn’t meet the requirement, the network will be interrupted and data will be lost [14].

  1. Data Access Permissions and Identity Authentication: there is a different number of users in the different applications and data should not intervene between them. To do so, effective authentication technology should be used. Spam and malicious information should be protected against [15].
  2. Data Protection and Recovery: the mass nodes management of IoT can cause data loss breaching the users privacy [15].
  3. The Application Layer Software Vulnerabilities: because a programmer may write non-standard codes. It can cause buffer overflow vulnerabilities in the software. Hacker can use these exploits to carry their purposes [14].

1.3 IoT Security Measures

IoT contains various layers and therefore, each layer has security measures associated to it, a summary of these layers is shown in Figure 1.2.

1.3.1  Perception Layer Security Measures

RFID and WSN are widely used in IoT, their security measures are:

  1. Data Encryption: it is a must to use an appropriate algorithm in RFID, which is discussed in details in [19].
  1. Access control: RFID tags couldn’t be read at will under any circumstances

[19].

  1. Cryptography Technology Scheme: it is used in privacy protection, confidentiality, authenticity, and integrity of the RFID system. Security communication protocols are based on hash functions, the random numbers mechanisms, server data search, logic algorithms, and re-encryption mechanisms [14].
  2. The Based-on IPSec Security Channel: it provides 2 types of security mechanisms; authentication and encryption. The receiver of the IP must be able to ascertain the identity of the user through authentication. Data encryption is a must to prevent eavesdropping from the attacker [19].

1.3.2  Wireless Sensor Network Security Measures

The signal is transferred through the free space which could allow the attacker to hack the system. The security measures that have to be taken are:

  1. Key Management: the WSN security requirements are key generation and updatability against collusion attacks, source authentication, and freshness. For the secret key algorithm, there are 2 algorithms mainly used: symmetric key algorithm and asymmetric keys algorithm. Asymmetric key algorithm mainly uses RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curves Cryptography), while Symmetric key algorithms mainly use Skipjack and RC5

[19].

  1. Intrusion Detection: Technology: can be used to monitor the timing and notice any weird time in nodes to prevent attacks like replay attack [19].
  2. Security Routing Protocol: the main protocols used to secure routing protocols are clustering mechanism, data fusion mechanism, multiple hops routing mechanism, key mechanism, etc. [14].

1.3.3          Network Layer Security Measures

Currently, IoT depends on the existing communication network which is fully adapted to IoT. Due to the massive number of nodes, the randomness and unreliability of energy limitations and communication, this causes the IoT to have no infrastructure and can be hacked easily. The main measures that have to be taken are as follows: Network virtualization has to be used to ensure the right operations by reducing the complexity of the system [19]. For different network architectures, the cross-domain authentication, cross-network authentication, and key management in network layer have to be set up.

Figure 2IoT different layers security measures.

1.3.4  Application Layer Security Measures

Due to the different applications in IoT, there are different security needs. In general, there are two main aspects of measures:

Technical: which may include across heterogeneous network authentication and key agreement, and the protection of private information like fingerprint, digital watermarking and anonymous information such as symmetric key cryptosystem authentication, threshold cryptography, etc.

  1. Nontechnical: for nontechnical, increasing the awareness of safety is the main measure [14].

1.4   Case Study

A case study representing a smart home system along with examples of possible security challenges can be as follows: The system consists of the following subcategories as in Figure 1.3.

1.4.1  Key components of the proposed IoT system

  1. IoT Peripherals: this subcategory represents IoT devices spread in the environment. Examples of this can be sensors and actuators with communication abilities. They don’t necessarily carry out processing tasks on the same device but are able to communicate with stronger devices or even cloud servers to carry out heavy computations. These can be smart cameras spread in the home or sensors such as thermal or air content sensors.
  2. IoT Central: IoT central represents nodes responsible for control of the overall system. They are able to give orders to separate devices and can efficiently coordinate between them. An IoT central can be a database that is able to store large amount of data and process them accordingly. They can also be cloud-based servers that carry out the same functionality remotely via internet connection.
  3. Persons: The persons rectangle represents all human beings expected to interact with the system. They include normal users being part of the household or technical experts who could be personnel from the manufacturing firm or people who belong to a third party.

1.4.2  Security concerns of the proposed IoT system

  1. Trust: The concern of trust is represented as the link between the peripheral IoT devices and the IoT central. Imagine the scenario of a thermostat that takes temperature readings and accordingly reports the results to a centraldevice. The central device in turn controls an air conditioning unit and modifies its settings according to the sensor readings. The concept of trust is manifested in the ability of the IoT central to trust the sensor to carry out its function of temperature measurement correctly. Trust in this regard represents a main challenge, especially managing trust across a large system. An IoT system should be able to interrogate the different devices to ascertain whether to establish or revoke trust. IoT devices in open environments that are physically accessible are prone to tampering via hostile individuals. Consequently, they shouldn’t be trusted without proper checking.

Privacy: It represents the link between persons and the IoT central. Due to the pervasive nature of IoT devices, privacy represents a major concern. In our example of smart home system, privacy could be depicted in the example of a smart refrigerator. A common example of IoT device in a refrigerator is one that is able to monitor the contents and status of its own inventory and accordingly can order required items from respective sources or warn the user of expiry dates. The information collected by IoT devices like this can be amassed from several users and sold for profits to be used for targeted ads, for example, without the users consent. They also contain sensitive information about the users lifestyle and shouldnt be misused without prior authorization from the user. Privacy challenge here is to ensure that such data is accessed only as agreed for legitimate purposes by legitimate users.

Figure 3IoT case study diagram.

  1. Identification: Identification ensures that communicating entities are what they claim to be. It represents the link between persons and IoT peripherals. IoT devices should restrict access to their content to any entity without proper identification protocols to ensure that access is given to the correct parties. For example, a smart home IoT system with smart camera sensors that monitor the location of users among other tasks shouldn’t publicize their information to the wrong individuals or devices.

1.5 Motivation and Objective

As IoT devices become more capable of higher processing powers they become suitable targets for malware. The imposed size and power limitations of IoT call for limited computing capacity. The fact that security is not the main functionality of an IoT device means that even lesser portion of that computing power is available for security. Security measures implemented in traditional computers such as cryptography, present a challenge from this context when applied in IoT devices [8].

Hardware-based security measures are more suited to IoT than software ones due to these limitations. Software-based solutions will naturally require a generalpurpose processor and this solution will be costly both in terms of power and area footprint. Hardware-based security, on the other hand, is implemented as an architecture that is specifically designed for this purpose. It’s ideally suited for this specific task and consumes less power and area while offering better efficiency [9,10]. Hardware-based security is immune against some software prone attacks such as buffer overruns and is more versatile against physical attacks and side channel attacks. It cannot be affected by software introduced bugs. IoT devices are expected to last their entire lifetime without being subject to active management or software updates making software solutions less ideal for the task.

Different algorithms have been presented in the literature that meet IoT requirements and yet maintain the needed security level. Most of the studies have focused on popular algorithms, especially AES finalists, such as Rijndael (chosen AES), 3DES, TwoFish, Mars, serpent, RSA and more. However, for aforementioned reasons, more IoT oriented algorithms have been presented to provide better performance in terms of power and capacity, those are known as lightweight cryptographic algorithms. The results show that AES as a standard algorithm and PRESENT as a standard lightweight algorithm are the most suited for hardware implementations especially for IoT as a low power platform.

Chapter 2 Literature Survey

Hardware-based security measures are more suited to IoT than software ones due to several reasons. IoT has very limited area and energy budget, only a part of this area and energy should be allocated for security. Software-based solutions will naturally require a general-purpose processor and this solution will be costly both in terms of power and area footprint. Hardware-based security, on the other hand, is implemented as an architecture that is specifically designed for this purpose. It’s ideally suited for this specific task and consumes less power and area while offering better efficiency. [20,21].

Hardware-based security is immune against some software prone attacks such as buffer overruns and is more versatile against physical attacks and side channel attacks. It cannot be affected by software introduced bugs. IoT devices are expected to last their entire lifetime without being subject to active management or software updates software solutions less ideal for the task.

2.1 Hardware-Based Solutions

2.1.1 Physically unclonable functions (PUF)

They are based on the random non-reproducible nature of silicon chips process variations during manufacturing. This concept is based on the ability to extract a unique identifier from these physical features for each silicon chip. These unique numbers are able to make strong keys for cryptography and identification and is non-repeated even if the same process is used in all chips. One prominent feature of these functions is that they require a small hardware footprint since we dont have to use a storage for the key but rather we depend on physical features. The process variations result in involved delay characteristics, specific to each device, that can be extracted only when the device is working. This lack of dependence on memory to store keys makes PUF more secure and significantly harder for tampering users to extract. These functions cannot be predicted or controlled during fabrication due to the random nature of process variations [13,22].

Figure 4(a) TPM diagram, (b) TEE diagram

2.1.2  Trusted Platform Module (TPM)

As shown in Figure 1.4.a, it is an international standard for security co-processors or crypto processors. They are separate chips on the device that are specialized for security using encryption. Making key generation/storage not mixed with insecure components on the same chip avoids possible vulnerabilities that may result from unwanted flaws. TPM using attestation functions which keeps a record of hardware configuration that can prove whether the device has been tampered with or not

[23].

2.1.3  Trusted Platform Module (TPM)

As shown in Figure 1.4.b, it is a secured environment on part of the same processor. It divides execution environment into two separate spaces. A secured space for trusted applications that are able to access all resources and contains secured keys. An insecure location for non-critical operations and insecure applications that could be, for example, user installed [24].

2.2  Security Algorithms

Different algorithms have been presented in the literature that meet IoT requirements and yet maintain the needed security level. Most of the studies have focused on popular algorithms, especially AES finalists, such as Rijndael (chosen AES), 3DES, TwoFish, Mars, serpent, RSA and more. However, for aforementioned reasons, more IoT oriented algorithms have been presented to provide better performance in terms of power and capacity, those are known as lightweight cryptographic algorithms.

In the following subsections, both algorithms categories are overviewed and discussed. Starting from an overview of the algorithm then presenting different

Figure 5Different Security Algorithms.

performance metrics and ending up with different comparative studies shown in the literature.

2.2.1 Popular Standardized algorithms

  1. Rijndael (AES): The Advanced Encryption Standard (AES) was established by National Institute of Standards and Technology (NIST) in 2001 as the current standard for encrypting electronic data [26]. AES is based on Rijndael cipher which is an iterated block cipher with a fixed block length and supports variable key lengths. A block length of 128-bits and three different key sizes of 128, 192 and 256, which require 10, 12, 14 rounds respectively, are used.
  2. 3-DES: The main standard for encryption was the symmetric algorithm known as Data Encryption Standard (DES). DES is based on the Feistel block cipher developed by IBM in early 70s. It is a 64-bit block cipher with a key-size of 56-bit. However, DES became non-efficient because of small key size [28].

An enhanced version of the DES was introduced known as triple DES (3DES) which is done by repeating the normal DES algorithm 3 consecutive times to increase reliability and security against different attacks. The data is encrypted using the first key, then decrypted using the second one and finally encrypted again using the third key [29].

  1. RSA: The Rivest-Shamir-Adleman (RSA) algorithm has been proposed first time in 1978 [30], becoming a very popular public key algorithm since then. RSA is based on modular expansion which can be accomplished by a sequence of modular multiplication. Its security is mainly because of the hardness of factoring its long integer [31].

P.L Montgomery in [32], has done pioneering work in modular multiplication by implementing it using simple additions and shiftings. This allowed more optimizations to the algorithm leading to lower power consumption implementation [31]. Its recommended to use large key-sizes of 2048-bits to avoid attacks such as prime factorization [33].

  1. TwoFish: Similar to AES, TwoFish [34] uses 128-bit block cipher with different key-sizes of 128, 192 and 256 bits. However, it consists of 16 fixed rounds which doesnot depend on the key size which is built similar to the Feistel network structure [35].

Additional algorithms such as RC6, Serpent and Mars are also presented in the literature [35-38]. According to [39] the differences in hardware performance have no correlation with software performances. For instance, serpent, which was the slowest algorithm compared to other AES-based algorithms in software, appeared to be the fastest in hardware implementation.

This work will focus only on hardware implementations of different algorithms as it’s the main focus of this work. Most of the aforementioned algorithms have been hardware implemented in the literature, however, Rijndael (AES) was the most extensively studied due to its proven high security in addition to promising performance metrics in both software and hardware [27,28,40-43].

Hmlinen and his colleagues in [27] were working on the implementation of low power AES Hardware encryption core on 0.13 um technology. They proposed a novel 8-bit architecture with a 128-bit key. They achieved a throughput of 121 Mbps at a frequency of 153 MHz. Also, they were able to get a minimal achievable power of 30 W/MHz with 3900 gates at a frequency of 290 MHz.

Unlike other designs proposed by [44, 45] they performed both key expansion and round operations in parallel which led to increasing the throughput and decreasing the number of cycles significantly, they achieved a latency of 160 clock cycles.

An asynchronous AES core based on 0.13um technology has been proposed in [46]. The design incorporated the quasi delay insensitive (QDI) logic style and was capable of achieving a throughput of 426 Mbit/s using a power of 5.47 mW with a total area of 0.64 mm2. The results were obtained from a fabricated chip which shows promising results compared to others obtained in the literature.

Other works focused on comparing between different algorithms to highlight the differences between them in terms of power, area and speed using different hardware platforms [28, 39, 41, 43]. For instance, in [39] a hardware performance comparison of AES finalist candidates AES, RC6, TwoFish, Mars and Serpent is done using reconfigurable hardware.

The results of such a study are shown in Table 2. The results are divided into three different categories. The first category includes both of RC6 and TwoFish algorithms, both are exhibiting low area implementation with medium speed. However, TwoFish outperforms RC6 in speed being more suitable for inner-pipelining. Rijndael and Serpent both lie in the second category of being the fastest on

the cost of high area compared to the first category algorithms. However, Rijndael exhibits a lower area of about 35% percent than Serpent. Finally, Mars has fallen alone in the third category with the slowest and largest area compared to the aforementioned four algorithms. To conclude, TwoFish algorithm seems to be the most suitable for area-constrained designs, while both Serpent and Rijndael offer a superior speed with Rijndael exhibiting lower area.

Another study which is based on ASIC implementation instead of FPGA was proposed in [43]. They provided a comparative review for AES, RSA, 3-DES and TwoFish in terms of power, area and speed. The investigation was done using UMC 130nm CMOS with the results highlights presented in Table 3.

Results show that RSA is the worst to be used in IoT applications due to its high-power consumption and low throughput compared to the other algorithms. Although TwoFish seems to exhibit the lowest power and area at the same frequency, AES has higher security and yet exhibits comparable power and area, hence the authors recommended AES as the most suitable security algorithm for IoT applications.

2.2.2  Lightweight Algorithms

The emerging applications such as sensor networks, automotive systems, IoT for healthcare and personal security communication have developed the need for so-called lightweight cryptographic algorithms to meet the low area and power requirements of such an application and yet maintain the needed security for the system. In March 2017, NIST (National Institute of Standards and Technology) has announced the creation of a portfolio of lightweight algorithms through an open process [47].

Recently, many lightweight algorithms have been proposed, each one showing different resistance to classical cryptoanalysis and resource efficient implementations. PRESENT, RECTANGLE, HIGHT, CLEFIA, SPECK, SIMON and KHUDRA are examples of such lightweight algorithms with a proven fine security. In this sub-section, different comparative studies between those algorithms are discussed highlighting suitability of each one to IoT applications based on several previous studies [41, 47-52].

PRESENT: It is the international standard lightweight algorithm for hardware implementation, standardized by NIST. PRESENT operates on a 64-bit plain text block size with the ability to use 80-bit or 128-bit keys. PRESENT is SPN (Substitution Permutation Network) based algorithm with 31 round operations. Each round, the key is XORed with the message block from last round followed by a substitution layer using 4X4 S-Box and a permutation layer done as the linear layer [53].

Table 2Different Algorithms Implementation on Reconfigurable Hardware.

Cipher Min clock period Virtex [ns] # of CLB slices – Virtex Number of rounds
Rijndael 38.6 2902 10
Twofish 45.1 1076 16
Serpent 94.3 4438 4
RC6 61.6 1139 20
Mars 100.6 2737 32

Table 3ASIC Implementations Comparison Between Different Algorithms.

Frequency

(MHz)

10 100 200
Power (mW) Area (mm) Power (mW) Area (mm) Power (mW) Area (mm)
AES 128 0.724 0.148 6.197 0.148 12.24 0.148
192 0.729 0.149 6.218 0.149 12.31 0.149
256 0.727 0.149 6.216 0.149 12.28 0.149
3DES 0.968 0.217 8.728 0.217 17.75 0.217
Twofish 0.675 0.101 N/A N/A
RSA 9.38 1.236 N/A N/A

Table 4Sadhukhans FPGA Implementation Results.

Block cipher Register count LUT count Slice count Power (W)
KHUDRA 184 334 312 1.78
AES 407 2048 1004 1.7684
PRESENT-64/80 165 218 109 1.78
SIMON-128/128 149 214 63 1.777
SPECK-128/128 448 599 215 1.794
  1. HIGHT: High Security Lightweight (HIGHT) algorithm is based on Feistel network structure instead of SPN. HIGHT operates on a 64-bit block size with 128-bit key size. The algorithm is comprised of 32 rounds, each is based on basic operations such as XOR and addition mod 28 [54].
  2. KHUDRA: KHUDRA is a FPGA oriented lightweight algorithm. Its optimized for balancing LUTs and registers to minimize the FPGA slices. The algorithm is based on recursive Feistel structure with 64-bit plain text block size and 80-bit key size. It is comprised of 8 rounds with a permutation unit based on Feistel structure and F-function with the F-function containing SPN using the same S-box of the PRESENT algorithm [55].
  3. CAMELLIA: It is somehow similar to the standard AES, as its a symmetric key block cipher with a fixed block size of 128-bits and three different key sizes of 128, 192 and 256-bits. Unlike other algorithms that focuses on hardware implementation, CAMELLIA was designed for both software and hardware. It can be used for both low cost and high-speed applications [56].

Table 5Sadhukhans ASIC Implementation Results.

Specifications KHUDRA AES SIMON PRESENT SPECK
Gate equivalent 1939.4 10654.7 2035 2031.2 4078.1
Frequency (MHz) 25 25 25 25 25
Clock period (ns) 40 40 40 40 40
Throughput (Mbps) 14.81 320 47.058 51.61 100
Leakage power (nW) 36.08 176.02 31.568 31.02 67.778
Dynamic power (mW) 0.935 2.481 1.004 0.842 1.5091

In [23], Sadhukhan and his research group presented a holistic comparison study for the most popular lightweight block cipher algorithms, PRESENT, SIMON, SPECK and KHUDRA. They compared the results to the standard AES algorithm on the level of both ASIC and FPGA. The results were discussed in terms of power, area and speed as shown in Tables 4 and 5. The ASIC & FPGA implementation results show that PRESENT exhibits the best performance with 0.8 mW power consumption and 2031 GE (gate equivalent) at frequency of 25 MHz for ASIC and1.78 mW power consumption, 109 slices and 184 register count for FPGA.

Chapter 3 Proposed Algorithms

In this section, the methodology of implementing the proposed algorithms are presented.

3.1 AES

Advanced Encryption Standard (AES) is a standard algorithm based on Rijndaels work. His Algorithm was chosen by National Institute of Standards and Technology (NIST) from 5 other algorithms to be the AES which was later approved by Federal Information Processing Standards (FIPS). AES is an iterated block cipher with a fixed block length and supports variable key lengths. A block length of 128-bits and three different key sizes of 128, 192 and 256 are supported, which require 10, 12, 14 rounds respectively.

AES has 4 main operations; SubBytes(), ShiftRows(), MixColumns(), and AddRoundKey(). For the first iteration, the plaintext is XORed with round key0 then SubBytes, ShiftRows and MixCloumns are performed respectively in order. These operations are repeated for each round except for the last round. For the last round, SubBytesytes and ShiftRows are only used. The key expansion unit is responsible for generating round keys for each round. The flowchart of AES algorithm is shown in Figure 4.1.

After XORing the plaintext with Key0, the 128-bit will be divided into 4 words, each word consists of 4 states. The plaintext can be visualized by a 4×4 matrix such that each word is represented by a column as follows:

In the following subsections the steps of each operation is going to be presented in details.

Figure 6AES flowchart

3.1.1         SubBytes() Transformation

The SubBytes() transformation is the only non-linear operation in the AES algorithm. It’s non-linear byte substitution that operates on each byte interdependently. One advantage of the construction of such a substitution box is that it is invertible. The S-Box of the AES is shown in Figure 4.2, and it’s constructed mainly by composing the following two transformations:

  1. First, taking the multiplicative inverse in GF(28), with the following irreducible polynomial. Noting that the 0000 is mapped onto itself.

Table 6AES Substitution Box.

Figure 7Key expansion pseudo-code.

3.2 PRESENT

Present is an ultra-low power encryption algorithm that is based on Substitution Permutation (SP) network. Present has a 64-bit input plaint text and either 80-128 bit key based on the level of the Security wanted. The present algorithm is appropriate algorithm for low-power mediocre security applications such as IoT. This algorithm consumes low power, because it is a hardware-oriented algorithm that uses an optimized hardware concepts that take low power such permutation which is very easy on hardware level [53]. This algorithm was standardized by NIST in 2012, which provide the algorithm more credibility in its use.

3.2.1 Encryption

Present is a 31-round operation in which an XOR operation is introduced with round Key Ki for 1 ≤ i ≤ 32. The K32 is used for post whitening. The linear transformation which is done each round is called permutation in which the position of each bit is changed. On other hand, the nonlinear transformation is called the substitution box which substitutes every bits non linearly. The main proposal of the algorithm suggests that 16-Sbox perform the substitution in parallel. The Substitution and Permutation are performed once every round. Figure

4.3 , illustrates the Flow Chart of the present algorithm.

Figure 8Encryption Algorithm Flow chart

Table 8Permutation layer table.

i 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
P(i) 0 16 32 48 1 17 33 49 2 18 34 50 3 19 35 51
i 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
P(i) 4 20 36 52 5 21 37 53 6 22 38 54 7 23 39 55
i 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
P(i) 8 24 40 56 9 25 41 57 10 26 42 58 11 27 43 59
i 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
P(i) 12 28 44 60 13 29 45 61 14 30 46 62 15 31 47 63

Figure 9Encryption Algorithm Flow chart.

AddRoundKey

The same as encryption, a simple bitwise XORing.

Inverse P-layer

In this layer, every bit changes its position according to Table 4.3.

Table 9Inverse Permutation layer table.

i 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
P(i) 0 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60
i 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
P(i) 1 5 9 13 17 21 25 29 33 37 41 45 49 53 57 61
I 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
P(i) 2 6 10 14 18 22 26 30 34 38 42 46 50 54 58 62
i 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
P(i) 3 7 11 15 19 23 27 31 35 39 43 47 45 55 59 63

Table 10Inverse Substitution Box of PRESENT.

xi 0 1 2 3 4 5 6 7 8 9 A B C D E F
S(xi) 5 E F 8 C 1 2 D B 4 6 3 0 7 9 A

Chapter 4 Implementation

In this section, the implementation of the PRESENT algorithm is to be discussed. A MATLAB code for PRESENT algorithm was written using MATLAB 2017a to facilitate testing and validation of the present algorithm. Using this code, a large number of testcases can be verified easily to be used as a reference to compare the Verilog code results. The code implemented follows up closely with the flowchart of the present algorithm presented in Figure 4.4 , 4.6.

The code is divided neatly into two main functions, namely; ”Present enc” and ”Present dec” for encryption and decryption respectively, each takes the key and the plain or cipher text as inputs. Each of these functions consists primarily of a for loop iterator consisting of 31 loops. Each loop calls the round functions in this order: addRoundKey, sboxLayer, permutation and finally update Key for encryption (addRoundKey, permutation d, sboxLayer d then updateKey d for decryption). Outside the loop, the addRoundKeyis called for one last time before the output is ready.

Figure 10Block Diagram of MATLAB code for encryption and decryption.

Figure 11Contents of the for iterator for encryption and decryption (the for iterator (bottom left) applies to all blocks and its output is the current iteration index).

One key difference in the case of decryption is that the initial key is not used in calling the main function (Present dec) directly but first, it undergoes 31 rounds of updateKeyto obtain the last round key that was used in encryption since this is the first key for decryption. The block diagram of the code for both encryption and decryption is provided in figure 1 below. The contents of each for iterator is also provided in Figure 4.2.

Using this code, a generic test bench generator was implemented that generates custom number of test vectors as specified. To do so, a random function is used to generate random binary numbers that represent the key and the plaintext/ciphertext. These random numbers were then entered into the MATLAB module and the output ciphertext is saved for comparison later on.

4.1 Image Processing

In order to encrypt and decrypt images using PRESENT algorithm, some modifications and scripts are used to prepare the image for that. Since the data width of the PRESENT is 64-bits, the image data bits must be in the form of packets, each packet consists of 64-bits. So, some operations are done on the image first before applying the encryption on it, these operations are explained below.

The process is done in three main steps, ImagetoHex, Encryption/Decryption and HextoImage. First, the ImagetoHexstep is meant to read the image to a Hex file representing the pixels values of the image. This is done in matlab as follows: imread() function is used to read image into matlab then the read image is converted to 1D array of decimal values, each representing a pixel value of the image. The 1D decimal values array is converted to hex using dec2hex() function and then saved into hex file of 64-bit line width.

The hex file output of the previous stage is ready to be fed into the PRESENT algorithm as a data input. Each line in the file represents the input at one instant of time and the files is read sequentially line at a time. Both encryption and decryption processes are applied to each line as explained in 5.1, and the output is written in two hex files one for Ciphertext and one for the obtained Plaintext after decryption.

Finally, the output hex files of the encryption/decryption step is converted to image as follows. The files are read using imread() and the reshpae() function is used to construct the image once again from the hex file, this is done by the aid of original map and size of the image. Therefore, the image is written back to the desk using imwrite() function. Those steps are done on three of the popular grayscale images shown in Figure x.

Figure 12Images Encryption/Decryption.

Evaluation Parameters

To test the strength of the a given algorithm, there are various evaluation schemes to be applied to this algorithm. Such schemes are, key sensitivity, effect of encryption process on the entropy of the system and if the data is to be image, a correlation between the original and cipher image is one parameter.

In the following subsections the entropy and correlation is to be studied and the results are found in Table 5.1.

  1. Correlation:

The correlation between two values is a statistical relationship that indicates the dependency of one value on another. A good encryption algorithm should produces a cipher that has no dependency on the original plain message, which translates to a minimal correlation. This parameter is better described in Shannon’s theory of secrecy systems [Ref].

Let γx,ybe the correlation coefficient between two variables x,y. An ideal encryption algorithm should produce γ equals to 0. γx,ycan be calculated as follows:

Table 11Results for Correlation and Entropy.

Image Size Correlation Entropy
Encrypted Decrypted Original Encrypted
LENA 256 X 256 0.001 1 4.4643 7.9898
PANDA 256 X 256 0.008 1 7.4936 7.9947
MONALIZA 256 X 256 0.0134 1 7.4408 7.9967

 Chapter 5 Conclusions

Internet of Things is more spreading than ever. Its a revolutionary technology that is expected to reshape our daily lives. If the IoT is to become a part of the internet global network, its expected to undergo the same level of security measurements. This feat requires the accomplishment of low power security algorithms that follow unified schemes that can be used in a large number of devices. In our work, an ultra-low power cryptography named PRESENT was implemented. Some implementations were discussed to lower the power by reducing the number of s-boxes in the design, but in exchange for lower throughput. Furthermore, power optimization was done by using logic s-box instead of memory.

It is suggested that for applications with very low speed requirements, the 1-s-box design is very suitable in terms of power consumption albeit at the cost of extra hardware and slower maximum operating frequency. But, even for the architecture with full 16 s-box modules, the power requirement is not much higher and the area is very efficient, this algorithm has the highest operating frequency.

References

  • Atzori, A. Iera and G. Morabito, ”The Internet of Things: A survey”, Computer Networks, vol. 54, no. 15, pp. 2787-2805, 2010.
  • El-Shweky, K. El-Kholy, M. Abdelghany, M. Salah, M. Wael, O. Alsherbini, Y. Ismail, K. Salah and M. AbdelSalam, ”Internet of Things: A Comparative Study”, in The 8th IEEE Annual Computing and Communication Workshop and Conference (IEEE CCWC 2018), Las Vegas, 2018.
  • Zhu, R. Wang, Q. Chen, Y. Liu and W. Qin, ”IOT Gateway: BridgingWireless Sensor Networks into Internet of Things”, 2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, 2010.
  • Zhu, R. Wang, Q. Chen, Y. Liu and W. Qin, ”IOT Gateway: BridgingWireless Sensor Networks into Internet of Things”, 2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, 2010.
  • Wu et al., Research on the architecture of Internet of Things, in 3rd International Conference on Advanced Computer Theory and Engineering, 2010, pp. 484-487.
  • Santitoro, Metro Ethernet Services A Technical Overview. Metro Ethernet Forum.
  • ”IEEE Standard for Information technology– Local and metropolitan area networks– Specific requirements– Part 15.1a: Wireless Medium Access Control (MAC) and Physical Layer (PHY) specifications for Wireless Personal Area Networks (WPAN).
  • ”Wireless Networking (Wi-Fi) – Advantages and Disadvantages of Wifi”, iPoint Technologies, 2018. [Online]. Available:

https://ipointtech.com/wireless-networking-wi-fi-advantages-anddisadvantagesto-wireless-networking/. [Accessed: 29- Jan- 2018].

  • ”IEEE Standard for Local and metropolitan area networks–Part 15.4: LowRate Wireless Personal Area Networks (LR-WPANs).
  • Pillin, N. Joehl, C. Dehollain and M. Declercq, ”High Data Rate RFID Tag/Reader Architecture Using Wireless Voltage Regulation”, 2008 IEEE International Conference on RFID, 2008.
  • ”Standards – IEEE 5G”, 5g.ieee.org, 2018. [Online]. Available: https://5g.ieee.org/standards. [Accessed: 29- Jan- 2018].
  • Fortino, A. Guerrieri, W. Russo and C. Savaglio, ”Integration of agentbased and Cloud Computing for the smart objects-oriented IoT”, Proceedings of the 2014 IEEE 18th International Conference on Computer Supported Cooperative Work in Design (CSCWD), 2014.
  • Baldini, T. Peirce and M. C. Tallachini, ”Internet of Things: IoT Governance, Privacy and Security Issues,” European Research Cluster on the Internet of Things, 2015.
  • Kai Zhao, LinaGe and Guangxi, China, A Survey on the Internet of Things Security, Ninth International Conference on Computational Intelligence and Security, IEEE, 2013.
  • Xu Xiaohui, Study on Security Problems and Key Technologies of The Internet of Things, International Conference on Computational and Information Sciences, IEEE, 2013
  • Senie, D., and P. Ferguson. ”Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing.” Network, 1998
  • Kocher, ”Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems”, Advances in Cryptology CRYPTO 96, pp. 104-113,

1996.

  • Malladi, Sreekanth, Jim Alves-Foss, and Robert B. Heckendorn. On preventing replay attacks on security protocols. IDAHO UNIV MOSCOW DEPT OF COMPUTER SCIENCE, 2002
  • Tailor and A. Patel, ”Comprehensive Survey on Security Problems and Key Technologies of the Internet of Things (IoT)”, International Journal of Research and Scientific Innovation (IJRSI), vol., no., pp. 107-110, 2017
  • Xu, J. B. Wendt and M. Potkonjak, ”Security of IoT Systems: Design Challenges and Opportunities,” 2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).
  • Gralla, ”Techtarget,” July 2004. [Online]. Available: http://searchmicroservices.techtarget.com/tip/An-introduction-tohardwaresecurity. [Accessed 26 1 2018].
  • Devadas, E. Suh, S. Paral, R. Sowell, T. Ziola and V. Khandelwal, ”Design and Implementation of PUF-Based Unclonable RFID ICs for AntiCounterfeiting and Security Applications,” in IEEE International Conference on RFID, Las Vegas, 2008.
  • trustedcomputinggroup, 1 April 2008. [Online]. Available: https://trustedcomputinggroup.org/trusted-platform-moduletpmsummary/. [Accessed 27 1 2018].
  • Shapiro, ”iotcentral,” Icon Labs, 27 June 2017. [Online]. Available: https://www.iotcentral.io/blog/hardware-or-software-security-whichisright-for-my-iot-device. [Accessed 27 1 2018].
  • Suo, H., Wan, J., Zou, C. and Liu, J. (2012). Security in the Internet of Things: A Review. 2012 International Conference on Computer Science and Electronics Engineering.
  • National Institute of Standards and Technology (NIST). Advanced Encryption Standard (AES), 2001. FIPS-197.
  • Hamalainen, P., Alho, T., Hannikainen, M. and Hamalainen, T. (2006). Design and Implementation of Low-Area and Low-Power AES Encryption Hardware Core. 9th EUROMICRO Conference on Digital System Design (DSD’06).
  • Rihan, S., Khalid, A. and Osman, S. (2015). A Performance Comparison of Encryption Algorithms AES and DES. International Journal of Engineering Research & Technology (IJERT), 4(12), pp.151-154
  • Rao, P., H M, M. and Manjusha, S. (2018). Design and ASIC Implementation of Triple Data Encryption and Decryption Standard Algorithm. International Journal of Power Electronics and Technology, 1(1), pp.1 – 15.
  • Rivest R L, Shamir A and Adleman L A. Method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, 1978, 21(2): 120-126.
  • Zheng, X., Liu, Z. and Peng, B. (2008). Design and Implementation of an Ultra Low Power RSA Coprocessor. 2008 4th International Conference on Wireless Communications, Networking and Mobile Computing.
  • Montgomery P L. Modular multiplication without trial division, Mathematics of Computation, 1985, 44(170): 519 -521.
  • Wen Hu, Peter Corke, Wen Chan Shih, and Leslie Overs, ”A public key technology platform for wireless sensor networks.”, Proceedings of the European Conference on Wireless Sensor Networks, 2009, pp. 296 311.
  • Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, N. Ferguson Twofish: A 128-Bit Block Cipher. Counterpane Internet Security, Inc, 1998
  • Feistel, W.A. Notz and J.L. Smith, Some Cryptography Techniques for Machine-to-Machine Data Communications. Proceedings on the IEEE, v.63, n. 11, 1975, pp.1545-1554.
  • Burwick, D. Coppersmith, E. D’Avignon, R. Gennaro, S. Halevi, C. Jutla, S. M. Matyas, L. O’Connor, M. Peyravian, D. Safford, and N. Zunic, ”Mars – A Candidate Cipher for AES,” NIST AES Proposal, June 1998.
  • J. Elbirt and C. Paar, ”An FPGA Implementation and Performance Evaluation of the Serpent Block Cipher,” Eighth ACM International Symposium on Field-Programmable Gate Arrays, Monterey, California, February 10-11, 2000.
  • Rivest, M. Robshaw, R. Sidney, and Y. L. Yin, ”The RC6 Block Cipher,” NIST AES Proposal, June 1998.
  • Gaj, K. and Chodowiec, P. (2000). Comparison of the hardware performance of the AES candidates using reconfigurable hardware.
  • Agwa, S., Yahya, E. and Ismail, Y. (2017). Power efficient AES core for IoT constrained devices implemented in 130nm CMOS. 2017 IEEE International Symposium on Circuits and Systems (ISCAS).
  • Bui, D., Puschini, D., Bacles-Min, S., Beigne, E. and Tran, X. (2017). AES Datapath Optimization Strategies for Low-Power Low-Energy MultisecurityLevel Internet-of-Things Applications. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 25(12), pp.3281-3290.
  • Farooq, U. and Aslam, M. (2017). Comparative analysis of different AES implementation techniques for efficient resource usage and better performance of an FPGA. Journal of King Saud University – Computer and Information Sciences, 29(3), pp.295-302.
  • Bahnasawi, M., Ibrahim, K., Mohamed, A., Mohamed, M., Moustafa, A., Abdelmonem, K., Ismail, Y. and Mostafa, H. (2016). ASICoriented comparative review of hardware security algorithms for internet of things applications. 2016 28th International Conference on Microelectronics (ICM).
  • Feldhofer, S. Dominikus, and J. Wolkerstorfer. Strong authentication for RFID systems using the AES algorithm. In Proc. 6th Int. Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004), pages 357370, Boston, MA, USA, Aug. 1113, 2004.
  • Good and M. Benaissa. AES on FPGA from the fastest to the smallest. In Proc. 7th Int. Workshop on Cryptographic Hardware and Embedded Systems (CHES 2005), pages 427440, Edinburgh, UK, Aug. 29Sept. 1, 2005.
  • El-meligy, N., Amin, M., Yahya, E. and Ismail, Y. (2017). 130nm Low power asynchronous AES core. 2017 IEEE International Symposium on Circuits and Systems (ISCAS).
  • Sadhukhan, R., Patranabis, S., Ghoshal, A., Mukhopadhyay, D., Saraswat, V. and Ghosh, S. (2017). An Evaluation of Lightweight Block Ciphers for Resource-Constrained Applications: Area, Performance, and Security. Journal of Hardware and Systems Security, 1(3), pp.203-218.
  • Bhardwaj, I., Kumar, A. and Bansal, M. (2017). A review on lightweight cryptography algorithms for data security and authentication in IoTs. 2017 4th International Conference on Signal Processing, Computing and Control (ISPCC).
  • Goyal, T. and Sahula, V. (2016). Lightweight security algorithm for low power IoT devices. 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).
  • Koteshwara, S. and Das, A. (2017). Comparative Study of Authenticated Encryption Targeting Lightweight IoT Applications. IEEE Design & Test, 34(4), pp.26-33.
  • Usman, M., Ahmed, I., Imran, M., Khan, S. and Ali, U. (2017). SIT: A Lightweight Encryption Algorithm for Secure Internet of Things. International Journal of Advanced Computer Science and Applications, 8(1).
  • Eisenbarth, T., Kumar, S., Paar, C., Poschmann, A. and Uhsadel, L. (2007). A Survey of Lightweight-Cryptography Implementations. IEEE Design & Test of Computers, 24(6), pp.522-533.
  • Bogdanov et al., PRESENT: An Ultra-Lightweight Block Cipher, in Cryptographic Hardware and Embedded Systems – CHES 2007 Lecture Notes in Computer Science, Springer, 2007, pp. 450-466.
  • Hong et al., HIGHT: A New Block Cipher Suitable for LowResource Device, in Cryptographic Hardware and Embedded Systems – CHES 2006 Lecture Notes in Computer Science, 2006, pp. 46-59.
  • Kolay S, Mukhopadhyay D (2014) Khudra: a new lightweight block cipher for fpgas. In: SPACE, vol 8804 of LNCS. Springer, pp 126145.
  • Satoh and S. Morioka, Hardware-Focused Performance Comparison for the Standard Block Ciphers AES, Camellia, and TripleDES, in Lecture Notes in Computer Science Information Security, Springer, 2003, pp. 252-266.
  • Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T. and Regazzoni, F., 2014, December. Midori: A block cipher for low energy. In International Conference on the Theory and Application of Cryptology and Information Security(pp. 411-436). Springer, Berlin, Heidelberg.
  • Weis, S.A., Sarma, S.E., Rivest, R.L. and Engels, D.W., 2004. Security and privacy aspects of low-cost radio frequency identification systems. In Security in pervasive computing (pp. 201-212). Springer, Berlin, Heidelberg.