Research Project on "Secure Digital Life"This assignment has been issued for students and they are required to write a research project on topic "Secure Digital Life". The project has to contain details about cyber security. The evaluator is more interested in secure phone communications, secure phone app idea. The examiner has restricted students against making use of any cloud services for the research paper. Also, the examiner is dissuading students from using any kind of survey for the research paper. The examiner is more interested in practical examples in the writing. The given research project should contain about 12,000 words.
Cyber Security Algorithms for Internet of Things COVER PAGE
AbstractInternet of Things is becoming more and more commonplace. This is one of the main reasons why security is a very crucial aspect for its success. Without sufficient security and privacy, all the benefits of IoT could prove disadvantageous if misused. IoT uses the same internet as traditional devices and therefore, it is expected to undergo similar security measures. In this thesis, some of the challenges and limitations of IoT security are overviewed. Also, different attacks on different layers are presented along with potential solutions. The main focus of this thesis, is exploring the current security solutions in terms of hardware security along with some of the popular encryption algorithms used for this purpose. It shows that AES as a standard algorithm and PRESENT as a standard lightweight algorithm are the most suited for hardware implementations. More important is that PRESENT is more suited for IoT as a low power platform. Accordingly, the thesis work focuses on the PRESENT algorithm and compares the different design methodologies.
Table of Contents
1.1 Challenges and Limitations. 2
1.2.1 Perception Layer Security Problems. 3
1.2.2 Network Layer Security Problems. 5
1.2.3 Application Layer Security Problems. 6
1.3.1 Perception Layer Security Measures. 6
1.3.2 Wireless Sensor Network Security Measures. 7
1.3.3 Network Layer Security Measures. 7
1.3.4 Application Layer Security Measures. 8
1.4.1 Key components of the proposed IoT system... 9
1.4.2 Security concerns of the proposed IoT system... 9
1.5 Motivation and Objective. 10
Chapter 2 Literature Survey. 12
2.1 Hardware-Based Solutions. 12
2.1.1 Physically unclonable functions (PUF). 12
2.1.2 Trusted Platform Module (TPM). 13
2.1.3 Trusted Platform Module (TPM). 13
2.2.1 Popular Standardized algorithms. 14
2.2.2 Lightweight Algorithms. 16
Chapter 3 Proposed Algorithms. 19
3.1.1 SubBytes() Transformation.. 20
3.1.2 ShiftRows() Transformation.. 21
3.1.3 MixColumns() Transformation.. 22
List of FiguresFigure 1 IoT different layers security problems. 4
Figure 2 IoT different layers security measures. 8
Figure 3 IoT case study diagram. 10
Figure 4 (a) TPM diagram, (b) TEE diagram. 13
Figure 5 Different Security Algorithms. 14
Figure 7 Key expansion pseudo-code. 23
Figure 8 Encryption Algorithm Flow chart. 24
Figure 9 Encryption Algorithm Flow chart. 26
Figure 10 Block Diagram of MATLAB code for encryption and decryption. 29
Figure 11 Contents of the for iterator for encryption and decryption (the for iterator (bottom left) applies to all blocks and its output is the current iteration index). 30
Figure 12 Images Encryption/Decryption. 31
List of TablesTable 1 Comparison Between Different Communication Protocols. 2
Table 2 Different Algorithms Implementation on Reconfigurable Hardware. 17
Table 3 ASIC Implementations Comparison Between Different Algorithms. 17
Table 4 Sadhukhans FPGA Implementation Results. 17
Table 5 Sadhukhans ASIC Implementation Results. 18
Table 6 AES Substitution Box. 21
Table 7 Substitution Box of PRESENT. 25
Table 8 Permutation layer table. 25
Table 9 Inverse Permutation layer table. 27
Table 10 Inverse Substitution Box of PRESENT. 28
Table 11 Results for Correlation and Entropy. 33
Chapter 1 Introduction
Internet of Things (IoT) is a new life-changing technology that allows connecting objects to each other. The main idea of IoT is utilizing the variety of things surrounding us everywhere such as Radio-Frequency IDentification (RFID) tags, sensors, actuators, mobile phones, etc. . IoT is considered as the evolution of the machine to machine (M2M) communication which allows 2 physical objects to talk to each other . Despite the benefits of IoT, there are some challenges such as power and area limitations, and security issues. Once these challenges are solved, it is expected that the IoT will invade the world. The IoT structure can be divided into 3 main architecture layers: perception layer, network layer, and application layer.
The perception layer is responsible for identification, sensing and communication [1,2]. Due to transmission through air, this layer is prone to several attacks such as node capture, fake node, and man in middle attack, etc. It consists of sensors, wireless sensor networks, actuators, and controller.
Sensors are responsible for the measurement of a certain type of input such as: light, heat, motion, moisture, pressure, or any other environmental phenomena . They are very important in IoT as they convert the inputs into a signal that could be dealt with and perceived by the controller. It includes temperature sensors, pressure sensors, cameras, Radio Frequency IDentification (RFID) tags, etc. . A Wireless Sensor Network (WSN) is a self-organized wireless network of many sensors distributed over a large area .
Actuators, on the other hand, are devices that convert electrical signals from the controller into a certain type of output, such as light, heat, motion, etc. For instance, thermal actuator takes a signal from the controller and based on that signal, it converts it into temperature. Lastly, controllers are the devices that receive the signal from sensors then process the data by comparing the signal to the desired value and accordingly produce the appropriate signals back to actuators to do the desired task.
To understand how the sensors and actuators work concurrently, let’s consider a smart house in which lights automatically turn on if someone is in the room and off otherwise. The sensors are responsible for detecting if there is someone in the room or not. On the other hand, the actuators respond to the controller’s signal to turn on/off the light.
The second layer is the network layer, it is also called transmission layer or communication layer: it is the backbone for IoT as it is responsible for: linking different IoT nodes and layers with each other , management and processing of data . Accordingly, choosing the appropriate protocol is crucial. There are different communication protocols such as Ethernet, Bluetooth, Wi-Fi, ZigBee, RFID and Fifth Generation (5G). Table 1.1 summarizes the main differences between them.
For data processing, cloud computing, database software or intelligent processing are used. In fact, this feature could be considered as a separate layer as in . This layer suffers from cluster security problems and some privacy issues.
The third layer is the application layer, it is the highest abstraction level in IoT. It includes services, message protocols of the lower layers and applications based on smart objects . Furthermore, it is responsible for data transport, device management and security . These applications could be in the form of graphical user interface (GUI) as in mobile applications, or clouds for massive projects and data . Managing between different IoT applications could induce the need of a new sublayer called a Business layer . The main goal of this layer is to identify the needed applications for a certain IoT domain and how to manage between them.
1.1 Challenges and Limitations
As IoT devices become more capable of higher processing powers they become suitable targets for malware. The imposed size and power limitations of IoT call for limited computing capacity. The fact that security is not the main functionality of an IoT device means that even lesser portion of that computing power is available for security. Security measures implemented in traditional computers such as cryptography, present a challenge from this context when applied in IoT devices .
Table 1 Comparison Between Different Communication Protocols.
|Ethernet ||Wired||Medium||10 Mbits/s up to 100 Gbits/s||High speed and bandwidth||Vulnerable to physical damage||IEEE 802.3|
|Bluetooth 5 [2,7]||Wireless||Short (300m)||2Mbits/s||Suitable for IoT low power protocol||Slave devices are limited to 7 devices||IEEE 802.15.1|
|WIFI [2,8]||Wireless||Short (100m)||433 Mbits/s up to several GB/s||Low cost small area application||Very small range/ subject to interference||IEEE 802.11ac|
|ZigBee [2,9]||Wireless||Short||250 Kbits/s||Low-power low-data transfer application||Very slow/ small range||IEEE 802.15.4|
|RFID [1,10]||Wireless||Short (up to 10m)||Up to 4 Mbits/s||Low-cost, IoT application||Interference with other RFID tags possible||ISO18000|
|5G [2,11]||Wireless||Long||More than 100 Mbits/s||Connects millions of devices. Traffic management||Security and privacy issues yet to be solved|
- Location in an open environment:
- Privacy concerns:
Figure 1IoT different layers security problems
- Node capture: key nodes are controlled by the attacker to take the critical information from the system like communication key, radio key, matching key, etc. .
- Fake node and malicious data: fake nodes are added to the system by the attacker, then fake code or data is entered. The added nodes could consume the power of the system leading to the failure of the whole system or allow the attacker to control the network .
- Denial of Service Attack (DOS): which is the most common attack on wireless sensor network (WSN). It is used to make the system go down by flooding it with useless traffic, forcing devices to hang and fail to respond to the instructions. An example of this attack is using the weakness of TCP/IP TCMP to send data that the system didn’t expect. Furthermore, the hacker can utilize TCP/IP 3-way handshake to hack the system. In this mechanism, the user sends a request to synchronize (SYN packet) and the system responds back with confirmation (SYN-ACK packet). Then, the user sends a confirmation (ACK packet) of receiving that package after which, the system begins to talk. The hacker can utilize this by not responding back after the ACK packet which will cause the system to hang. The hacker will send multiple requests to fill all the open-requests so when the actual user sends a request the system will not respond to him .
- Timing Attack: by analyzing the time required by certain queries and knowing the crypto-system design, the CPU running the system, the algorithms used, assorted implementation details, timing attack countermeasures and the accuracy of the timing measurements, the hacker can know the key information [14,17].
- Routing Threats: also called Routing Loop, for example, assume there is a WSN consisting of A, B and C that uses the lowest cost algorithm such that the minimum cost of sending information from A to C is through B. Assume that the linkage between B and C is broken and B didn’t inform A about the broken linkage. If A wants to send a package to C, it will send the package first to B. Then, B will try to reach C, but due to the broken linkage, B will not find another route except through A. Accordingly, the packages will go into infinite loop between A and B. In this example, the hacker will try to break the linkage between B and C without letting B inform A about this issue which in turn will prevent the data transmission. Fortunately, Recent distance-vector routing protocols such as BGP, EIGRP, DSDV, or Babel have built-in loop prevention) .
- Side Channel Attack (SCA): at which the system is attacked via the channel leaked information such as time consumption, power consumption, or electromagnetic radiation .
- Man-in-middle attack: consider two IoT nodes A and B, by adding 2 fake nodes A’ & B’ such that B’ is near A, and A’ is near B. Then, A will send the information to B’ instead of B and B’ will send the information to A’ which send a replication of data to node B .
- Replay Attack: It is a specific type of man in middle attack where the hacker receives a packet from the destination host and resends it in order to gain the trust of the system. It may use authentication processing to destroy the validity of the certification . This attack can be prevented by using timestamp and sequence number. The system which has the correct timestamp will be the only system allowed to communicate .
1.2.2 Network Layer Security ProblemsThe network layer security problems include some common issues in internet security in addition to compatibilities issues, cluster security problems, and privacy disclosure. For common internet issues, there are solid measures to prevent them. Common threats are such as illegal access, eavesdropping information, confidentiality damage, integrity damage, DoS attack, Man-in-the-middle attack, virus invasion, and exploit attacks, etc. .
- Compatibilities issues: the existing internet security measures are based on the man-use of the machines. However, in IoT, it is a machine to machine interaction and there are various accessing methods which in turn will make the communication worse .
- The Cluster Security Problems: due to the large number of the IoT devices, if the same authentication techniques are used, the amount of data traffic will block the network as the existing IP doesn’t support the huge number of devices .
- Privacy Disclosure: because of the development of information retrieval techniques, the attackers can easily collect a large number of a particular users private information .
1.2.3 Application Layer Security ProblemsProblems differ from each environment because there is no universal standard, but there are some common issues, such as: The Ability to deal with Mass-data: there are huge data transmission and machine talk in the complex environment. If this data processing doesn’t meet the requirement, the network will be interrupted and data will be lost .
- Data Access Permissions and Identity Authentication: there is a different number of users in the different applications and data should not intervene between them. To do so, effective authentication technology should be used. Spam and malicious information should be protected against .
- Data Protection and Recovery: the mass nodes management of IoT can cause data loss breaching the users privacy .
- The Application Layer Software Vulnerabilities: because a programmer may write non-standard codes. It can cause buffer overflow vulnerabilities in the software. Hacker can use these exploits to carry their purposes .
1.3 IoT Security MeasuresIoT contains various layers and therefore, each layer has security measures associated to it, a summary of these layers is shown in Figure 1.2.
1.3.1 Perception Layer Security MeasuresRFID and WSN are widely used in IoT, their security measures are:
- Data Encryption: it is a must to use an appropriate algorithm in RFID, which is discussed in details in .
- Access control: RFID tags couldn’t be read at will under any circumstances
- Cryptography Technology Scheme: it is used in privacy protection, confidentiality, authenticity, and integrity of the RFID system. Security communication protocols are based on hash functions, the random numbers mechanisms, server data search, logic algorithms, and re-encryption mechanisms .
- The Based-on IPSec Security Channel: it provides 2 types of security mechanisms; authentication and encryption. The receiver of the IP must be able to ascertain the identity of the user through authentication. Data encryption is a must to prevent eavesdropping from the attacker .
1.3.2 Wireless Sensor Network Security MeasuresThe signal is transferred through the free space which could allow the attacker to hack the system. The security measures that have to be taken are:
- Key Management: the WSN security requirements are key generation and updatability against collusion attacks, source authentication, and freshness. For the secret key algorithm, there are 2 algorithms mainly used: symmetric key algorithm and asymmetric keys algorithm. Asymmetric key algorithm mainly uses RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curves Cryptography), while Symmetric key algorithms mainly use Skipjack and RC5
- Intrusion Detection: Technology: can be used to monitor the timing and notice any weird time in nodes to prevent attacks like replay attack .
- Security Routing Protocol: the main protocols used to secure routing protocols are clustering mechanism, data fusion mechanism, multiple hops routing mechanism, key mechanism, etc. .
1.3.3 Network Layer Security Measures
Currently, IoT depends on the existing communication network which is fully adapted to IoT. Due to the massive number of nodes, the randomness and unreliability of energy limitations and communication, this causes the IoT to have no infrastructure and can be hacked easily. The main measures that have to be taken are as follows: Network virtualization has to be used to ensure the right operations by reducing the complexity of the system . For different network architectures, the cross-domain authentication, cross-network authentication, and key management in network layer have to be set up.
Figure 2IoT different layers security measures.
1.3.4 Application Layer Security MeasuresDue to the different applications in IoT, there are different security needs. In general, there are two main aspects of measures: Technical: which may include across heterogeneous network authentication and key agreement, and the protection of private information like fingerprint, digital watermarking and anonymous information such as symmetric key cryptosystem authentication, threshold cryptography, etc.
- Nontechnical: for nontechnical, increasing the awareness of safety is the main measure .
1.4 Case StudyA case study representing a smart home system along with examples of possible security challenges can be as follows: The system consists of the following subcategories as in Figure 1.3.
1.4.1 Key components of the proposed IoT system
- IoT Peripherals: this subcategory represents IoT devices spread in the environment. Examples of this can be sensors and actuators with communication abilities. They don’t necessarily carry out processing tasks on the same device but are able to communicate with stronger devices or even cloud servers to carry out heavy computations. These can be smart cameras spread in the home or sensors such as thermal or air content sensors.
- IoT Central: IoT central represents nodes responsible for control of the overall system. They are able to give orders to separate devices and can efficiently coordinate between them. An IoT central can be a database that is able to store large amount of data and process them accordingly. They can also be cloud-based servers that carry out the same functionality remotely via internet connection.
- Persons: The persons rectangle represents all human beings expected to interact with the system. They include normal users being part of the household or technical experts who could be personnel from the manufacturing firm or people who belong to a third party.
1.4.2 Security concerns of the proposed IoT system
- Trust: The concern of trust is represented as the link between the peripheral IoT devices and the IoT central. Imagine the scenario of a thermostat that takes temperature readings and accordingly reports the results to a centraldevice. The central device in turn controls an air conditioning unit and modifies its settings according to the sensor readings. The concept of trust is manifested in the ability of the IoT central to trust the sensor to carry out its function of temperature measurement correctly. Trust in this regard represents a main challenge, especially managing trust across a large system. An IoT system should be able to interrogate the different devices to ascertain whether to establish or revoke trust. IoT devices in open environments that are physically accessible are prone to tampering via hostile individuals. Consequently, they shouldn’t be trusted without proper checking.
Figure 3IoT case study diagram.
- Identification: Identification ensures that communicating entities are what they claim to be. It represents the link between persons and IoT peripherals. IoT devices should restrict access to their content to any entity without proper identification protocols to ensure that access is given to the correct parties. For example, a smart home IoT system with smart camera sensors that monitor the location of users among other tasks shouldn’t publicize their information to the wrong individuals or devices.
1.5 Motivation and ObjectiveAs IoT devices become more capable of higher processing powers they become suitable targets for malware. The imposed size and power limitations of IoT call for limited computing capacity. The fact that security is not the main functionality of an IoT device means that even lesser portion of that computing power is available for security. Security measures implemented in traditional computers such as cryptography, present a challenge from this context when applied in IoT devices . Hardware-based security measures are more suited to IoT than software ones due to these limitations. Software-based solutions will naturally require a generalpurpose processor and this solution will be costly both in terms of power and area footprint. Hardware-based security, on the other hand, is implemented as an architecture that is specifically designed for this purpose. It’s ideally suited for this specific task and consumes less power and area while offering better efficiency [9,10]. Hardware-based security is immune against some software prone attacks such as buffer overruns and is more versatile against physical attacks and side channel attacks. It cannot be affected by software introduced bugs. IoT devices are expected to last their entire lifetime without being subject to active management or software updates making software solutions less ideal for the task. Different algorithms have been presented in the literature that meet IoT requirements and yet maintain the needed security level. Most of the studies have focused on popular algorithms, especially AES finalists, such as Rijndael (chosen AES), 3DES, TwoFish, Mars, serpent, RSA and more. However, for aforementioned reasons, more IoT oriented algorithms have been presented to provide better performance in terms of power and capacity, those are known as lightweight cryptographic algorithms. The results show that AES as a standard algorithm and PRESENT as a standard lightweight algorithm are the most suited for hardware implementations especially for IoT as a low power platform.
Chapter 2 Literature SurveyHardware-based security measures are more suited to IoT than software ones due to several reasons. IoT has very limited area and energy budget, only a part of this area and energy should be allocated for security. Software-based solutions will naturally require a general-purpose processor and this solution will be costly both in terms of power and area footprint. Hardware-based security, on the other hand, is implemented as an architecture that is specifically designed for this purpose. It’s ideally suited for this specific task and consumes less power and area while offering better efficiency. [20,21]. Hardware-based security is immune against some software prone attacks such as buffer overruns and is more versatile against physical attacks and side channel attacks. It cannot be affected by software introduced bugs. IoT devices are expected to last their entire lifetime without being subject to active management or software updates software solutions less ideal for the task.
2.1 Hardware-Based Solutions
2.1.1 Physically unclonable functions (PUF)They are based on the random non-reproducible nature of silicon chips process variations during manufacturing. This concept is based on the ability to extract a unique identifier from these physical features for each silicon chip. These unique numbers are able to make strong keys for cryptography and identification and is non-repeated even if the same process is used in all chips. One prominent feature of these functions is that they require a small hardware footprint since we dont have to use a storage for the key but rather we depend on physical features. The process variations result in involved delay characteristics, specific to each device, that can be extracted only when the device is working. This lack of dependence on memory to store keys makes PUF more secure and significantly harder for tampering users to extract. These functions cannot be predicted or controlled during fabrication due to the random nature of process variations [13,22].
Figure 4(a) TPM diagram, (b) TEE diagram
2.1.2 Trusted Platform Module (TPM)As shown in Figure 1.4.a, it is an international standard for security co-processors or crypto processors. They are separate chips on the device that are specialized for security using encryption. Making key generation/storage not mixed with insecure components on the same chip avoids possible vulnerabilities that may result from unwanted flaws. TPM using attestation functions which keeps a record of hardware configuration that can prove whether the device has been tampered with or not .
2.1.3 Trusted Platform Module (TPM)As shown in Figure 1.4.b, it is a secured environment on part of the same processor. It divides execution environment into two separate spaces. A secured space for trusted applications that are able to access all resources and contains secured keys. An insecure location for non-critical operations and insecure applications that could be, for example, user installed .
2.2 Security AlgorithmsDifferent algorithms have been presented in the literature that meet IoT requirements and yet maintain the needed security level. Most of the studies have focused on popular algorithms, especially AES finalists, such as Rijndael (chosen AES), 3DES, TwoFish, Mars, serpent, RSA and more. However, for aforementioned reasons, more IoT oriented algorithms have been presented to provide better performance in terms of power and capacity, those are known as lightweight cryptographic algorithms. In the following subsections, both algorithms categories are overviewed and discussed. Starting from an overview of the algorithm then presenting different
Figure 5Different Security Algorithms.performance metrics and ending up with different comparative studies shown in the literature.
2.2.1 Popular Standardized algorithms
- Rijndael (AES): The Advanced Encryption Standard (AES) was established by National Institute of Standards and Technology (NIST) in 2001 as the current standard for encrypting electronic data . AES is based on Rijndael cipher which is an iterated block cipher with a fixed block length and supports variable key lengths. A block length of 128-bits and three different key sizes of 128, 192 and 256, which require 10, 12, 14 rounds respectively, are used.
- 3-DES: The main standard for encryption was the symmetric algorithm known as Data Encryption Standard (DES). DES is based on the Feistel block cipher developed by IBM in early 70s. It is a 64-bit block cipher with a key-size of 56-bit. However, DES became non-efficient because of small key size .
- RSA: The Rivest-Shamir-Adleman (RSA) algorithm has been proposed first time in 1978 , becoming a very popular public key algorithm since then. RSA is based on modular expansion which can be accomplished by a sequence of modular multiplication. Its security is mainly because of the hardness of factoring its long integer .
- TwoFish: Similar to AES, TwoFish  uses 128-bit block cipher with different key-sizes of 128, 192 and 256 bits. However, it consists of 16 fixed rounds which doesnot depend on the key size which is built similar to the Feistel network structure .
2.2.2 Lightweight AlgorithmsThe emerging applications such as sensor networks, automotive systems, IoT for healthcare and personal security communication have developed the need for so-called lightweight cryptographic algorithms to meet the low area and power requirements of such an application and yet maintain the needed security for the system. In March 2017, NIST (National Institute of Standards and Technology) has announced the creation of a portfolio of lightweight algorithms through an open process . Recently, many lightweight algorithms have been proposed, each one showing different resistance to classical cryptoanalysis and resource efficient implementations. PRESENT, RECTANGLE, HIGHT, CLEFIA, SPECK, SIMON and KHUDRA are examples of such lightweight algorithms with a proven fine security. In this sub-section, different comparative studies between those algorithms are discussed highlighting suitability of each one to IoT applications based on several previous studies [41, 47-52]. PRESENT: It is the international standard lightweight algorithm for hardware implementation, standardized by NIST. PRESENT operates on a 64-bit plain text block size with the ability to use 80-bit or 128-bit keys. PRESENT is SPN (Substitution Permutation Network) based algorithm with 31 round operations. Each round, the key is XORed with the message block from last round followed by a substitution layer using 4X4 S-Box and a permutation layer done as the linear layer . Table 2Different Algorithms Implementation on Reconfigurable Hardware.
|Cipher||Min clock period Virtex [ns]||# of CLB slices - Virtex||Number of rounds|
|Power (mW)||Area (mm)||Power (mW)||Area (mm)||Power (mW)||Area (mm)|
|Block cipher||Register count||LUT count||Slice count||Power (W)|
- HIGHT: High Security Lightweight (HIGHT) algorithm is based on Feistel network structure instead of SPN. HIGHT operates on a 64-bit block size with 128-bit key size. The algorithm is comprised of 32 rounds, each is based on basic operations such as XOR and addition mod 28 .
- KHUDRA: KHUDRA is a FPGA oriented lightweight algorithm. Its optimized for balancing LUTs and registers to minimize the FPGA slices. The algorithm is based on recursive Feistel structure with 64-bit plain text block size and 80-bit key size. It is comprised of 8 rounds with a permutation unit based on Feistel structure and F-function with the F-function containing SPN using the same S-box of the PRESENT algorithm .
- CAMELLIA: It is somehow similar to the standard AES, as its a symmetric key block cipher with a fixed block size of 128-bits and three different key sizes of 128, 192 and 256-bits. Unlike other algorithms that focuses on hardware implementation, CAMELLIA was designed for both software and hardware. It can be used for both low cost and high-speed applications .
|Clock period (ns)||40||40||40||40||40|
|Leakage power (nW)||36.08||176.02||31.568||31.02||67.778|
|Dynamic power (mW)||0.935||2.481||1.004||0.842||1.5091|
Chapter 3 Proposed AlgorithmsIn this section, the methodology of implementing the proposed algorithms are presented.
3.1 AESAdvanced Encryption Standard (AES) is a standard algorithm based on Rijndaels work. His Algorithm was chosen by National Institute of Standards and Technology (NIST) from 5 other algorithms to be the AES which was later approved by Federal Information Processing Standards (FIPS). AES is an iterated block cipher with a fixed block length and supports variable key lengths. A block length of 128-bits and three different key sizes of 128, 192 and 256 are supported, which require 10, 12, 14 rounds respectively. AES has 4 main operations; SubBytes(), ShiftRows(), MixColumns(), and AddRoundKey(). For the first iteration, the plaintext is XORed with round key0 then SubBytes, ShiftRows and MixCloumns are performed respectively in order. These operations are repeated for each round except for the last round. For the last round, SubBytesytes and ShiftRows are only used. The key expansion unit is responsible for generating round keys for each round. The flowchart of AES algorithm is shown in Figure 4.1. After XORing the plaintext with Key0, the 128-bit will be divided into 4 words, each word consists of 4 states. The plaintext can be visualized by a 4x4 matrix such that each word is represented by a column as follows:
In the following subsections the steps of each operation is going to be presented in details
Figure 6AES flowchart
3.1.1 SubBytes() TransformationThe SubBytes() transformation is the only non-linear operation in the AES algorithm. It’s non-linear byte substitution that operates on each byte interdependently. One advantage of the construction of such a substitution box is that it is invertible. The S-Box of the AES is shown in Figure 4.2, and it’s constructed mainly by composing the following two transformations:
- First, taking the multiplicative inverse in GF(28), with the following irreducible polynomial. Noting that the 0000 is mapped onto itself.
Figure 7Key expansion pseudo-code.
3.2 PRESENTPresent is an ultra-low power encryption algorithm that is based on Substitution Permutation (SP) network. Present has a 64-bit input plaint text and either 80-128 bit key based on the level of the Security wanted. The present algorithm is appropriate algorithm for low-power mediocre security applications such as IoT. This algorithm consumes low power, because it is a hardware-oriented algorithm that uses an optimized hardware concepts that take low power such permutation which is very easy on hardware level . This algorithm was standardized by NIST in 2012, which provide the algorithm more credibility in its use.
3.2.1 EncryptionPresent is a 31-round operation in which an XOR operation is introduced with round Key Ki for 1 ≤ i ≤ 32. The K32 is used for post whitening. The linear transformation which is done each round is called permutation in which the position of each bit is changed. On other hand, the nonlinear transformation is called the substitution box which substitutes every bits non linearly. The main proposal of the algorithm suggests that 16-Sbox perform the substitution in parallel. The Substitution and Permutation are performed once every round. Figure 4.3 , illustrates the Flow Chart of the present algorithm.
Figure 8Encryption Algorithm Flow chart
Table 8Permutation layer table.
Figure 9Encryption Algorithm Flow chart. AddRoundKey The same as encryption, a simple bitwise XORing.
Inverse P-layerIn this layer, every bit changes its position according to Table 4.3. Table 9Inverse Permutation layer table.
Table 10Inverse Substitution Box of PRESENT.
Figure 10Block Diagram of MATLAB code for encryption and decryption.
Figure 11Contents of the for iterator for encryption and decryption (the for iterator (bottom left) applies to all blocks and its output is the current iteration index). One key difference in the case of decryption is that the initial key is not used in calling the main function (Present dec) directly but first, it undergoes 31 rounds of updateKeyto obtain the last round key that was used in encryption since this is the first key for decryption. The block diagram of the code for both encryption and decryption is provided in figure 1 below. The contents of each for iterator is also provided in Figure 4.2. Using this code, a generic test bench generator was implemented that generates custom number of test vectors as specified. To do so, a random function is used to generate random binary numbers that represent the key and the plaintext/ciphertext. These random numbers were then entered into the MATLAB module and the output ciphertext is saved for comparison later on.
4.1 Image ProcessingIn order to encrypt and decrypt images using PRESENT algorithm, some modifications and scripts are used to prepare the image for that. Since the data width of the PRESENT is 64-bits, the image data bits must be in the form of packets, each packet consists of 64-bits. So, some operations are done on the image first before applying the encryption on it, these operations are explained below. The process is done in three main steps, ImagetoHex, Encryption/Decryption and HextoImage. First, the ImagetoHexstep is meant to read the image to a Hex file representing the pixels values of the image. This is done in matlab as follows: imread() function is used to read image into matlab then the read image is converted to 1D array of decimal values, each representing a pixel value of the image. The 1D decimal values array is converted to hex using dec2hex() function and then saved into hex file of 64-bit line width. The hex file output of the previous stage is ready to be fed into the PRESENT algorithm as a data input. Each line in the file represents the input at one instant of time and the files is read sequentially line at a time. Both encryption and decryption processes are applied to each line as explained in 5.1, and the output is written in two hex files one for Ciphertext and one for the obtained Plaintext after decryption. Finally, the output hex files of the encryption/decryption step is converted to image as follows. The files are read using imread() and the reshpae() function is used to construct the image once again from the hex file, this is done by the aid of original map and size of the image. Therefore, the image is written back to the desk using imwrite() function. Those steps are done on three of the popular grayscale images shown in Figure x.
Figure 12Images Encryption/Decryption.
Evaluation ParametersTo test the strength of the a given algorithm, there are various evaluation schemes to be applied to this algorithm. Such schemes are, key sensitivity, effect of encryption process on the entropy of the system and if the data is to be image, a correlation between the original and cipher image is one parameter. In the following subsections the entropy and correlation is to be studied and the results are found in Table 5.1.
Table 11Results for Correlation and Entropy.
|LENA||256 X 256||0.001||1||4.4643||7.9898|
|PANDA||256 X 256||0.008||1||7.4936||7.9947|
|MONALIZA||256 X 256||0.0134||1||7.4408||7.9967|
Chapter 5 ConclusionsInternet of Things is more spreading than ever. Its a revolutionary technology that is expected to reshape our daily lives. If the IoT is to become a part of the internet global network, its expected to undergo the same level of security measurements. This feat requires the accomplishment of low power security algorithms that follow unified schemes that can be used in a large number of devices. In our work, an ultra-low power cryptography named PRESENT was implemented. Some implementations were discussed to lower the power by reducing the number of s-boxes in the design, but in exchange for lower throughput. Furthermore, power optimization was done by using logic s-box instead of memory. It is suggested that for applications with very low speed requirements, the 1-s-box design is very suitable in terms of power consumption albeit at the cost of extra hardware and slower maximum operating frequency. But, even for the architecture with full 16 s-box modules, the power requirement is not much higher and the area is very efficient, this algorithm has the highest operating frequency.
- Atzori, A. Iera and G. Morabito, ”The Internet of Things: A survey”, Computer Networks, vol. 54, no. 15, pp. 2787-2805, 2010.
- El-Shweky, K. El-Kholy, M. Abdelghany, M. Salah, M. Wael, O. Alsherbini, Y. Ismail, K. Salah and M. AbdelSalam, ”Internet of Things: A Comparative Study”, in The 8th IEEE Annual Computing and Communication Workshop and Conference (IEEE CCWC 2018), Las Vegas, 2018.
- Zhu, R. Wang, Q. Chen, Y. Liu and W. Qin, ”IOT Gateway: BridgingWireless Sensor Networks into Internet of Things”, 2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, 2010.
- Zhu, R. Wang, Q. Chen, Y. Liu and W. Qin, ”IOT Gateway: BridgingWireless Sensor Networks into Internet of Things”, 2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, 2010.
- Wu et al., Research on the architecture of Internet of Things, in 3rd International Conference on Advanced Computer Theory and Engineering, 2010, pp. 484-487.
- Santitoro, Metro Ethernet Services A Technical Overview. Metro Ethernet Forum.
- ”IEEE Standard for Information technology– Local and metropolitan area networks– Specific requirements– Part 15.1a: Wireless Medium Access Control (MAC) and Physical Layer (PHY) specifications for Wireless Personal Area Networks (WPAN).
- ”Wireless Networking (Wi-Fi) - Advantages and Disadvantages of Wifi”, iPoint Technologies, 2018. [Online]. Available:
- ”IEEE Standard for Local and metropolitan area networks–Part 15.4: LowRate Wireless Personal Area Networks (LR-WPANs).
- Pillin, N. Joehl, C. Dehollain and M. Declercq, ”High Data Rate RFID Tag/Reader Architecture Using Wireless Voltage Regulation”, 2008 IEEE International Conference on RFID, 2008.
- ”Standards - IEEE 5G”, 5g.ieee.org, 2018. [Online]. Available: https://5g.ieee.org/standards. [Accessed: 29- Jan- 2018].
- Fortino, A. Guerrieri, W. Russo and C. Savaglio, ”Integration of agentbased and Cloud Computing for the smart objects-oriented IoT”, Proceedings of the 2014 IEEE 18th International Conference on Computer Supported Cooperative Work in Design (CSCWD), 2014.
- Baldini, T. Peirce and M. C. Tallachini, ”Internet of Things: IoT Governance, Privacy and Security Issues,” European Research Cluster on the Internet of Things, 2015.
- Kai Zhao, LinaGe and Guangxi, China, A Survey on the Internet of Things Security, Ninth International Conference on Computational Intelligence and Security, IEEE, 2013.
- Xu Xiaohui, Study on Security Problems and Key Technologies of The Internet of Things, International Conference on Computational and Information Sciences, IEEE, 2013
- Senie, D., and P. Ferguson. ”Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing.” Network, 1998
- Kocher, ”Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems”, Advances in Cryptology CRYPTO 96, pp. 104-113,
- Malladi, Sreekanth, Jim Alves-Foss, and Robert B. Heckendorn. On preventing replay attacks on security protocols. IDAHO UNIV MOSCOW DEPT OF COMPUTER SCIENCE, 2002
- Tailor and A. Patel, ”Comprehensive Survey on Security Problems and Key Technologies of the Internet of Things (IoT)”, International Journal of Research and Scientific Innovation (IJRSI), vol., no., pp. 107-110, 2017
- Xu, J. B. Wendt and M. Potkonjak, ”Security of IoT Systems: Design Challenges and Opportunities,” 2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).
- Gralla, ”Techtarget,” July 2004. [Online]. Available: http://searchmicroservices.techtarget.com/tip/An-introduction-tohardwaresecurity. [Accessed 26 1 2018].
- Devadas, E. Suh, S. Paral, R. Sowell, T. Ziola and V. Khandelwal, ”Design and Implementation of PUF-Based Unclonable RFID ICs for AntiCounterfeiting and Security Applications,” in IEEE International Conference on RFID, Las Vegas, 2008.
- trustedcomputinggroup, 1 April 2008. [Online]. Available: https://trustedcomputinggroup.org/trusted-platform-moduletpmsummary/. [Accessed 27 1 2018].
- Shapiro, ”iotcentral,” Icon Labs, 27 June 2017. [Online]. Available: https://www.iotcentral.io/blog/hardware-or-software-security-whichisright-for-my-iot-device. [Accessed 27 1 2018].
- Suo, H., Wan, J., Zou, C. and Liu, J. (2012). Security in the Internet of Things: A Review. 2012 International Conference on Computer Science and Electronics Engineering.
- National Institute of Standards and Technology (NIST). Advanced Encryption Standard (AES), 2001. FIPS-197.
- Hamalainen, P., Alho, T., Hannikainen, M. and Hamalainen, T. (2006). Design and Implementation of Low-Area and Low-Power AES Encryption Hardware Core. 9th EUROMICRO Conference on Digital System Design (DSD’06).
- Rihan, S., Khalid, A. and Osman, S. (2015). A Performance Comparison of Encryption Algorithms AES and DES. International Journal of Engineering Research & Technology (IJERT), 4(12), pp.151-154
- Rao, P., H M, M. and Manjusha, S. (2018). Design and ASIC Implementation of Triple Data Encryption and Decryption Standard Algorithm. International Journal of Power Electronics and Technology, 1(1), pp.1 - 15.
- Rivest R L, Shamir A and Adleman L A. Method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, 1978, 21(2): 120-126.
- Zheng, X., Liu, Z. and Peng, B. (2008). Design and Implementation of an Ultra Low Power RSA Coprocessor. 2008 4th International Conference on Wireless Communications, Networking and Mobile Computing.
- Montgomery P L. Modular multiplication without trial division, Mathematics of Computation, 1985, 44(170): 519 -521.
- Wen Hu, Peter Corke, Wen Chan Shih, and Leslie Overs, ”A public key technology platform for wireless sensor networks.”, Proceedings of the European Conference on Wireless Sensor Networks, 2009, pp. 296 311.
- Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, N. Ferguson Twofish: A 128-Bit Block Cipher. Counterpane Internet Security, Inc, 1998
- Feistel, W.A. Notz and J.L. Smith, Some Cryptography Techniques for Machine-to-Machine Data Communications. Proceedings on the IEEE, v.63, n. 11, 1975, pp.1545-1554.
- Burwick, D. Coppersmith, E. D’Avignon, R. Gennaro, S. Halevi, C. Jutla, S. M. Matyas, L. O’Connor, M. Peyravian, D. Safford, and N. Zunic, ”Mars - A Candidate Cipher for AES,” NIST AES Proposal, June 1998.
- J. Elbirt and C. Paar, ”An FPGA Implementation and Performance Evaluation of the Serpent Block Cipher,” Eighth ACM International Symposium on Field-Programmable Gate Arrays, Monterey, California, February 10-11, 2000.
- Rivest, M. Robshaw, R. Sidney, and Y. L. Yin, ”The RC6 Block Cipher,” NIST AES Proposal, June 1998.
- Gaj, K. and Chodowiec, P. (2000). Comparison of the hardware performance of the AES candidates using reconfigurable hardware.
- Agwa, S., Yahya, E. and Ismail, Y. (2017). Power efficient AES core for IoT constrained devices implemented in 130nm CMOS. 2017 IEEE International Symposium on Circuits and Systems (ISCAS).
- Bui, D., Puschini, D., Bacles-Min, S., Beigne, E. and Tran, X. (2017). AES Datapath Optimization Strategies for Low-Power Low-Energy MultisecurityLevel Internet-of-Things Applications. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 25(12), pp.3281-3290.
- Farooq, U. and Aslam, M. (2017). Comparative analysis of different AES implementation techniques for efficient resource usage and better performance of an FPGA. Journal of King Saud University - Computer and Information Sciences, 29(3), pp.295-302.
- Bahnasawi, M., Ibrahim, K., Mohamed, A., Mohamed, M., Moustafa, A., Abdelmonem, K., Ismail, Y. and Mostafa, H. (2016). ASICoriented comparative review of hardware security algorithms for internet of things applications. 2016 28th International Conference on Microelectronics (ICM).
- Feldhofer, S. Dominikus, and J. Wolkerstorfer. Strong authentication for RFID systems using the AES algorithm. In Proc. 6th Int. Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004), pages 357370, Boston, MA, USA, Aug. 1113, 2004.
- Good and M. Benaissa. AES on FPGA from the fastest to the smallest. In Proc. 7th Int. Workshop on Cryptographic Hardware and Embedded Systems (CHES 2005), pages 427440, Edinburgh, UK, Aug. 29Sept. 1, 2005.
- El-meligy, N., Amin, M., Yahya, E. and Ismail, Y. (2017). 130nm Low power asynchronous AES core. 2017 IEEE International Symposium on Circuits and Systems (ISCAS).
- Sadhukhan, R., Patranabis, S., Ghoshal, A., Mukhopadhyay, D., Saraswat, V. and Ghosh, S. (2017). An Evaluation of Lightweight Block Ciphers for Resource-Constrained Applications: Area, Performance, and Security. Journal of Hardware and Systems Security, 1(3), pp.203-218.
- Bhardwaj, I., Kumar, A. and Bansal, M. (2017). A review on lightweight cryptography algorithms for data security and authentication in IoTs. 2017 4th International Conference on Signal Processing, Computing and Control (ISPCC).
- Goyal, T. and Sahula, V. (2016). Lightweight security algorithm for low power IoT devices. 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).
- Koteshwara, S. and Das, A. (2017). Comparative Study of Authenticated Encryption Targeting Lightweight IoT Applications. IEEE Design & Test, 34(4), pp.26-33.
- Usman, M., Ahmed, I., Imran, M., Khan, S. and Ali, U. (2017). SIT: A Lightweight Encryption Algorithm for Secure Internet of Things. International Journal of Advanced Computer Science and Applications, 8(1).
- Eisenbarth, T., Kumar, S., Paar, C., Poschmann, A. and Uhsadel, L. (2007). A Survey of Lightweight-Cryptography Implementations. IEEE Design & Test of Computers, 24(6), pp.522-533.
- Bogdanov et al., PRESENT: An Ultra-Lightweight Block Cipher, in Cryptographic Hardware and Embedded Systems - CHES 2007 Lecture Notes in Computer Science, Springer, 2007, pp. 450-466.
- Hong et al., HIGHT: A New Block Cipher Suitable for LowResource Device, in Cryptographic Hardware and Embedded Systems - CHES 2006 Lecture Notes in Computer Science, 2006, pp. 46-59.
- Kolay S, Mukhopadhyay D (2014) Khudra: a new lightweight block cipher for fpgas. In: SPACE, vol 8804 of LNCS. Springer, pp 126145.
- Satoh and S. Morioka, Hardware-Focused Performance Comparison for the Standard Block Ciphers AES, Camellia, and TripleDES, in Lecture Notes in Computer Science Information Security, Springer, 2003, pp. 252-266.
- Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T. and Regazzoni, F., 2014, December. Midori: A block cipher for low energy. In International Conference on the Theory and Application of Cryptology and Information Security(pp. 411-436). Springer, Berlin, Heidelberg.
- Weis, S.A., Sarma, S.E., Rivest, R.L. and Engels, D.W., 2004. Security and privacy aspects of low-cost radio frequency identification systems. In Security in pervasive computing (pp. 201-212). Springer, Berlin, Heidelberg.