The security of Internet of Things (IoT) is a challenging task for researchers due to plethora of IoT networks. Side Channel Attacks (SCA) are one of the major concerns. The prime objective of SCA is to acquire the information by observing the power consumption, electromagnetic (EM) field, timing analysis, and acoustics of the device. Later, the attackers perform statistical functions to recover the key. Advanced Encryption Standard (AES) algorithm has proved to be a good security solution for constrained IoT devices. This paper implements a simulation model which is used to modify the AES algorithm using logical masking properties. This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES. This model is used against SCA and particularly Power Analysis Attacks (PAAs). Simulation model is designed on MATLAB simulator. Results will give better solution by hiding power profiles of the IoT devices against PAAs. In future, the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic (WDDL) will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array (FPGA).

Internet-of-things (IoT) establishes connections between billions of smart devices, performing a diverse range of purposes. Connected devices will grow to almost 31 billion in the world of IoT [

According to a published report in 2013, revenue generation using IoT-based devices, will be more than 300 billion by the end of the 20^{th} century. So, when more devices communicate with each other than network complexity and hardware security will increase. By Statista (a statistical website) the number of devices around the world used for IoT network will noticeably increase from 20.35 billion to 75.44 billion from 2017 to 2025. Now researchers are working to explore the security of constrained devices including integrated circuits, microcontrollers, sensors, and wearable gadgets, among other similar hardware. With the exponential increase of its infrastructure, there are plethora security concerns. Hardware attacks are categorized by hardware trojan, side channel analysis, fault attacks, counterfeit chips, and reverse engineering [

Side channel analysis is more considerable attack for the researchers. This attack involves analyzing the external outputs of the hardware and retrieving the information. Side channel attacks (SCA) is most powerful attack against encryption, but this attack is hard to implement. Initially, SCA was implemented at the edge node level. At this level, SCA are usually non-invasive and intentionally leaked information is extracted. Untraceable is the important characteristic of non-invasive attack and the result of this property is the addition of noise to the information which is leaked and hard to secure the whole process. SCAs based on processing time or power consumption of the device rather than plaintext or ciphertext messages. This information is observed during the computation of different security protocols. The process of SCA is to recover the information processed in Advanced Encryption Standard (AES) algorithm encrypted enable device by observing the power consumption, electromagnetic (EM) field, timing analysis, and acoustics of the devices as shown in

The most effective type of SCAs is power analysis attacks (PAAs) as they are easy to achieve in exercise and at relatively low cost for attackers. PAAs works on power calculation. Every PAA mechanism needs the usage of a particular power model of the IoT device for the forecast of the real power to be consumed by the device, by the observing specific procedure of the algorithm and choosing the output word for the attack because the power consumption of electronic circuits based on the bit word-processed by themselves. The power model is developed considering the logical characteristics of the data word. After that, consumption of actual power and power model are compared by using different variables. IoT devices operate at low power because they have short storage and complicated process; hence the algorithm may fail, and devices become corrupted. All mentioned reasons are very much helpful for PAA [

Simple power analysis (SPA), Differential power analysis (DPA) and Correlation power analysis (CPA) are the main types of PAAs. In SPA, a single display shows the power trace of a cryptographic device and tries to establish the secret key based on the electrical levels over time. In DPA, statistical techniques are used to recognize differences in power traces, thus showing data leakage to guess the secret key. Generally, in CPA to identify the correlation between predicted output and the actual power output of an encrypted device by using the hamming weight power model [

Researchers use countermeasures for SCA and categorize them into masking techniques, hiding techniques, and code morphing techniques. Hiding relates to the hardware of the system and masking relates to changes in the algorithm through software [

In this manner, the National Institute of Science and Technology (NIST) endorsed the AES, in 2001. Higher security levels and low complexity are characteristics of AES. This algorithm has proved to be a good security solution for constrained IoT devices [

AES is the most powerful symmetrical algorithm against SCA and is designed based on a block cipher. It plays a vital role in securing the network from attackers. It is supported for data privacy [

1. Add Round Key 2. Substitution Byte 3. Shift Rows 4. Mix Column

Add a round key based on key extension algorithm. This algorithm runs parallel to the AES rounds and provides the key for each round. It has three functions.

1. Rotation Word 2. Substitution Word 3. Round Constant

One round of AES consists of 2 layers:

Non-linear Layer: Substitution Byte transformation is only non-linear function in AES.

Linear Layer

Shift Rows is a linear part of the AES. b. Mix column is a linear part of the AES.

As above define the substitution byte is the only non-linear function and based on the values of Substitution Box (S-BOX) for encryption and INVERSE S-BOX for the decryption process. The backbone of the cryptographic system is S-BOX because of its non-linear property. It is based on substitution-permutation networks (SPNs) and built by Galois Field for the AES and Data Encryption Standard (DES) algorithm. Attackers use ‘S’ boxes for differential attacks [

This research paper adequately investigates the literature on AES and their types in the IoT. Compares different encryption algorithms, then we analyze and explore the characteristics of AES which is used to provide security of different IoT devices. For prevention of SCAs on IoT devices, a proposed model is presented. This paper implements and resurrects a model which is based on enhancement of the AES algorithm using logical masking property and demonstrates hardware attacks with countermeasure algorithms on IoT devices comprehensively. This enhanced AES invariant algorithm masks the bit array by using the masking technique in converting AES substitution bytes effectively. This model is used for SCAs and particularly PAAs. Simulation model is designed on the MATLAB simulator by using a script. Results will validate and provide a better solution by hiding the power profile of IoT devices from the AES [

The rest of this research paper is organized as follows: In Section 2 methodology is present. Section 3 defines the implementation environment of the model. Section 4 shows the procedure and results. Section 5 defines the research contributions. Section 6 discusses the results obtained by implementing the proposed model. Section 7 shows the conclusions and future work of the research paper.

In literature the expansion of demand pushes towards improving information encryption algorithms. Cryptographic algorithms are used to provide security of the IoT devices, and it helps minimize the total implementation cost and covers various parameters such as power consumption, key size, throughput rate, and cycle rate. Symmetric lightweight and asymmetric lightweight ciphers are the types of lightweight cryptography. To cope with attacks, we have different encryption algorithms: As

S. no. | Algorithm |
Type |
Published |
Block |
Key size |
structure | Number of rounds | Remarks |
---|---|---|---|---|---|---|---|---|

1 | DES | Symmetric | 1975 | 64 | 54 | Feistel | 16 | Less secure (brute force search) |

2 | 3DES | Symmetric | 1995 | 64 | 56/112/168 | Feistel | 48 | Increase the runtime, now deprecated. |

3 | AES | Symmetric | 2001 | 128 | 128/192/256 | SPN | 10/12/14 | Extremely effective on equipment. |

4 | RSA | Asymmetric | 1977 | 86/214 | 1024 | X | 1 | Slow for big data. |

5 | TWOFISH | Symmetric | 1997 | 128 | 128/192/256 | Feistel | 16 | Slower than the ESA. |

6 | BLOWFISH | Symmetric | 1993 | 64 | 32–448 | Feistel | 16 | Initialize slowly with each change button. |

7 | RC2 | Symmetric | 1987 | 64 | 1–128 bytes | Feistel | 18 | Encryption operation does not equal the decryption operation. |

8 | RC6 | Symmetric | 1998 | 128 | 128/192/256 | Feistel | X | Not generally used as RSA. |

9 | RC5 | Symmetric | 1994 | 16/32/64 | 0–255 | Feistel | 0–255 | Not on duty. |

10 | CAST | Symmetric | 1996 | 64 | 40–128 | Feistel | 12/16 | Royalty-free algorithm, free access for anyone therefore less secure. |

11 | IDEA | Symmetric | 1991 | 64 | 128 | Lamasery scheme | 8.5 | The large number of weak keys were found. |

12 | DSA | Asymmetric | 1991 | X | X | X | X | DSA data is not encrypted, we can only authenticate the data. |

13 | ECC | Asymmetric | 1985 | X | 160 | Algebraic | X | Less power for calculation. |

14 | ELGAMAL | Asymmetric | 1985 | 514 | 32 bytes | X | X | Double-encrypt the text into clear text so that the speed is slow. |

15 | SPECK | Symmetric | 2013 | 128 | 128 | SPN | 32 | Specifically used for hardware implementation with a micro-controller. |

16 | LiCi | Symmetric | 2017 | 64 | 128 | Feistel and SPN | 31 | Use for to increase efficiency, reduce surface area and energy use. |

The idea behind our design is to secure the data by using encryption algorithm.

Software tools and platform used to implement proposed algorithm is described in

Name | Specification |
---|---|

IDE | MATLAB |

Programming language | C/C++, MATLAB |

MATLAB Version | MATLAB 2018a |

Operating System | Windows 10 pro 64 bit |

Processor | Intel Core Ii7 3rd generation, 2.4 GHz. |

RAM | 4.00 GB |

MATLAB is specially developed for engineers and scientists. It allows the creation or expression of matrices and mathematical tables directly. The use of toolboxes is very important. All toolboxes work together and integrate with parallel computer environments. In MATLAB several algorithms are directly accessible and used in design, interactive applications with immediate visual display with minimal time. Researchers can alter or replicate their work until they get the outcome as they want [

In this section, we have improved the characteristics of the AES algorithm by using a logical masking technique in substitution byte transformation. Here are the steps to redesign and use the AES algorithm in a special way.

Enter a plain text as string value from user.

Take an input key as string value from user.

Both inputs have string properties, so, convert them into decimal numbers by using the DOUBLE ( ) function of MATLAB.

By Key Expansion Algorithm generates round keys for every round of AES simultaneously.

Then run the XOR operation between the plain text and the 1st round key using the BITXOR ( ) function of MATLAB.

We now have 16 distinct values. These values overwrite the S-BOX values.

We use S-BOX for the encryption process.

S-BOX is 16 x 16 array with decimal values. It means that this box has 16 rows and 16 columns in hexadecimal form start from 0 to F.

The 16 values mentioned in step no. (vi) are replaced by the values of S-BOX.

Now shift rows transformation is performed by using circshift( ) function in MATLAB.

Similarly, Mix Column transformation is carried out by the Galois Field array function.

In last the output matrix performed XOR operation with round keys.

Step no. (xii) is the last step of the 1st round. Likewise, the remaining rounds are conducted one by one and generate a new matrix using loop iterations.

Finally, after 10th round, we have a ciphertext as shown in

Furthermore, the algorithm converts all values into hexadecimal values as 27 is a decimal number and 1B is a hexadecimal conversion of this number. Thus, 1 and B convert addresses of row and column. This means that 1 row and B column contain the value 175 and replaced by 27. Simultaneously, all the values replaced by their specific row and column. In the decryption process, we use inverse SBOX table in substitution bytes and key expansion algorithm process of AES by using reverse key mechanism. Therefore, starting with SBOX, value of 8th row and 8th column is C4 in hexadecimal and 196 in decimal, this value is generated by the mentioned steps. All input values are replaced by specific SBOX values, and the collective data are sent to the next transformations of AES, which is shift rows and mix column. To process S-box transformations, we propose to use a new SBOX lookup table which is recalculated each time when AES is performed.

The variable i and j are used for the loop structure and R is the return value after process the equation. When we apply MATLAB code for the above flow diagram, then the output is given below:

When we apply the proposed algorithm in the above code the result is given below:

In ^{st} to 10^{th} round of AES algorithm without implementation of masking property as define in algorithm 1. The graph has 16 different values with a different power level, so attackers execute statistical functions on a set of measured energy consumption tracks to retrieve the secret key. Likewise, the graph shows in ^{st} to 10^{th} rounds of AES. The chart has 16 different values with the same power level as the previous one, so attackers face the challenge of observing different energy consumption values. The unit of y-axis is power in watt and x-axis labels are number of rounds of AES i.e., 1, 2, 3, ….16.

This paper is extended version of “Invariant of AES algorithm implementations against side channel attacks in IoT devices”, which was presented in ICCOINS 2021 conference and published in IEEE Xplore. In this paper, we work on hiding the power traces of encrypted text using masking technique and get result from the simulation model design on MATLAB. The basic design of simulation was performed in published paper. This paper was based on proposal of generalize AES implementation on MATLAB.

Attackers analyze different values per differential power analysis (DPA) and retrieve the key. Moreover, this process takes a long time. Thousands of patterns are analyzed by DPA, but attackers perform this activity. Thus, with the help of the proposed algorithm attackers cannot analyze the power and fail to retrieve the key. Also, many researchers provide better solutions against PAAs with different masking techniques like Boolean masking. Results will provide a better solution than that available in the literature to protect IoT device infrastructure against side channel attacks. Temperature and humidity data from the DHT11 and DHT22 sensors will be used as a preliminary experimental configuration. During the attack scenario stages, we will consider clock sampling, which is the vulnerable parameter of the sensor through the correlation analysis. During the counter-measures phase, the data from DHT11 and DHT22 sensors will go through industry standard for encrypting and decrypting hex strings using AES-128.This analysis will be used as a benchmark for the proposed method.

This paper implements and resurrects a model which is based on the enhancement of the AES algorithm using logical masking property and demonstrates hardware attacks with countermeasure algorithms on IoT devices comprehensively. This enhanced AES invariant algorithm masks the bit array by using the masking technique in converting AES substitution bytes effectively. The model is used for SCAs and PAAs. The simulation model is designed on the MATLAB simulator by using a script. All the results of AES rounds shows that different values occur in each round. These values can be easily analyzed by the attacker with the help of PAA attack. When we apply algorithm 2 on MATLAB, all the different values give an equal power level and hide the different power level. The results will validate and provide a better solution by masking the power profile of IoT devices with respect to SCA.

When we apply algorithm 2 in MATLAB, all the different values have the same value and hide the different power. This analysis will provide a reference point for the proposed method. In the future, the lightweight AES algorithm with the proposed false key mechanism and power reduction technique such as wave dynamic differential logic (WDDL) will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable field array (FPGA).

The results have been implemented using 128-bit AES codes available on GitHub Community Forum and the MATLAB function and codes available online for the initial implementation [

This paper is an extended version of “Invariant of AES algorithm implementations against side channel attacks in IoT devices”, which was presented at ICCOINS 2021 conference and published in IEEE Xplore. This work was carried out with the support of Y. Weize and S. Kose, “A Lightweight Masked AES Implementation for Securing IoT Against CPA Attacks,” IEEE Transactions on Circuits and System, vol. 64, no. 11, pp. 2934–2944, 2017. This work is an extension of author's PhD. Research proposal from Hamdard University. The results have been implemented using Advanced Encryption Standard (AES) 128-Bit codes available GitHub Community Forum and MATLAB Function and codes available online for the purpose of initial implementation.