See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/331872865

Lightweight Cryptography for Internet of Insecure Things: A Survey

Conference Paper · January 2019

DOI: 10.1109/CCWC.2019.8666557

CITATIONS READS
105 6,004

3 authors:

Indira Kalyan Dutta Bhaskar Ghosh

Arkansas Tech University Arkansas Tech University
23 PUBLICATIONS 308 CITATIONS 18 PUBLICATIONS 198 CITATIONS

SEE PROFILE SEE PROFILE

Magdy Bayoumi
University of Louisiana at Lafayette
852 PUBLICATIONS 10,226 CITATIONS

SEE PROFILE

All content following this page was uploaded by Indira Kalyan Dutta on 30 September 2020.

The user has requested enhancement of the downloaded file.

 Lightweight Cryptography for Internet of Insecure
Things: A Survey
Indira Kalyan Dutta Bhaskar Ghosh Dr. Magdy Bayoumi
Center for Advanced Computer Studies Center for Advanced Computer Studies Department of Electrical and
University of Louisiana at Lafayette University of Louisiana at Lafayette Computer Engineering
Louisiana, USA Louisiana, USA University of Louisiana at Lafayette
ikd4174@louisiana.edu bxg0564@louisiana.edu Louisiana, USA
magdy.bayoumi@louisiana.edu

Abstract— This paper surveys Lightweight Cryptographic have different entities connected which have different
solutions for Internet of Things (IoT). This survey covers purposes and levels in the whole structure.
comprehensively a flow of security measures from Lightweight • Heterogeneity- As different entity of the network has a
Cryptographic solutions to comparison among different types of
different function, complexity, and even different
block ciphers. It also includes comparison between Hardware vs
Software solutions and different recent approaches of the most manufacturer. So, we need to ensure the Heterogeneity of
trusted and researched block cipher, Advanced Encryption the network too.
Standard (AES) in terms of architecture, Mix-Column/S-box • Key Encryption- This is the most important step. To
modify strategy and attacks for IoT security. According to the ensure a secured connection, the devices and the other
study, lightweight AES has proved to be a good security solution entities need to have a lightweight key management
for constrained IoT devices. system.
Keywords— Internet of Things, Lightweight Security Solution, Over time, security of data and key transmission have led to
Block Cipher, Advanced Standard Encryption, Hardware Attack the idea of cryptography. Cryptography is a process of securing
the data from unauthorized access by transforming the data into
I. INTRODUCTION an unrecognizable and unrelatable form. As per IoT
requirements, dedicated cryptographic algorithms need to be
With the urge to make human lives easier, history has lightweight in terms of area, memory footprint, power and
implied that it is need that motivates innovation, and the energy consumption.
advancement of modern science and technology has increased
in kind. The world is now getting more connected every day by In this paper, we surveyed recent research work about
the storming number of Internet of Things. According to different stages of security solution for IoT. We covered
Statista 2018, by 2020 the number of connected devices will comprehensively a flow of security measures from
grow to almost 31 billion. With the increment of the numbers Lightweight Cryptographic solutions to comparison among
of these devices, the most important concern is now security. different types of block ciphers. We also included comparison
The security aspect of this huge network has been often between Hardware vs Software solutions and different recent
disregarded by both the manufacturers and consumers for a approaches of the most trusted and researched block cipher,
long time. As our technology dependent lifestyle is leading us Advanced Encryption Standard (AES), for IoT security.
towards a world of Internet of Insecure Things, it is a crucial The paper is divided in the following way: In Section II, we
time we take a step back and analyze the security aspect of this. discussed about Lightweight Cryptography, two main division
Security has been a main area of focus for researchers in this of Cryptography, known as Asymmetric Cryptography and
field. Symmetric Cryptography. We also discussed and gathered
Internet of things (IoT) consists of several interconnected different types of Stream Ciphers and Block Ciphers which are
devices which continuously share information and data among possibly suitable for IoT applications.
each other. To protect that information, we need to know the In section III, we discussed about Advanced Encryption
basic characteristics of security for IoT devices: Standard, the most researched and trusted block cipher. We
• Confidentiality- We need to make sure that the tried to put together different recent research work on AES for
information is only available to the authorized users. IoT according to their architecture, Mix-Column/S-box modify
• Availability- Multiple devices are connected, we need to strategy and attacks.
make sure a device gets its required data when it needs.
• Integrity- We need to make sure that the data is accurate. II. LIGHTWEIGHT CRYPTOGRAPHY
• Authentication- This is an important characteristic yet Different types of cryptographic solutions are available to
difficult to implement from IoT perspective. In IoT, we protect our important data but unfortunately not all of them are

978-1-7281-0554-3/19/$31.00 ©2019 IEEE

0475
suitable for resource constrained environments like IoT ECC approach for IoT has become an important research
devices. Lightweight cryptographic solutions are being topic recently, but mostly from software perspective. An
researched thoroughly with an aim to have area efficient and implementation and evaluation of an open source ECC for the
power efficient solution. Both commercial and industrial IoT Contici OS for IoT has done by [4]. Their implementation is
devices are vulnerable to IoT specific attacks [1]. If we released under BSD license. ECC approach was applied by [5]
continue utilizing the existing IoT device design flow, we will and the paper presented an implementation of Zero
face a security disaster in near future. The current Knowledge Protocol in an open source and generic
cryptographic primitives can be divided into two categories. programming library called Wiselib. A hardware approach was
taken by [6] and they showed that an ECC computation can be
Asymmetric key cryptography and Symmetric key
efficiently protected against Side Channel Attacks. Their
cryptography.
approach is well suited for lightweight implementations with a
A. Asymmetric Key Cryptography minimal security level and with a limited hardware overhead.
Asymmetric key cryptography is known as public key A comparative study was done by [7] among RSA, Diffie-
cryptography, because in this technique, a pair of public key Hellman and Elliptical Curve Cryptography with Diffie-
and private key are needed (Fig. 1). Very recently the focus of Hellman (ECDH) and they have found ECDH is better than
lightweight cryptography shifted towards asymmetric key other algorithms in terms of power and area.
cryptography, but the results are not yet steady and fruitful like B. Symmetric Key Cryptography
symmetric key cryptography. Lightweight asymmetric
Symmetric key cryptography is also known as secret key or
algorithms are complex in terms of operation and are not time
shared key cryptography (Fig. 2). In this process, a sender and
efficient. The size of the operands and relentless advance of
a receiver both share a common key through secret
attack models are also making these algorithms vulnerable [2].
communication for both encryption and decryption. Symmetric
Some of the very important asymmetric algorithms are as
cryptography is more suitable for IoT applications because of
follows:
its fast operations which are mostly XOR and permutations.
Rivest-Shamir-Adleman (RSA), Diffie-Hellman, Digital The processing speed is faster and they don’t use many
Signature Algorithm (DSA), Elliptical Curve Cryptography resources [3]. Table I shows direct comparison between
(ECC). Asymmetric Key Cryptography and Symmetric Key
Cryptography.
• Rivest-Shamir Adleman (RSA) – The reverse procedure is
very difficult for an attacker and it is also difficult to A very important distinction in Symmetric Algorithms is
produce the private key from the public key. So, this among Stream and Block ciphers. Stream Ciphers use a key
method is highly secure, but key generation is complex, which is the same size as the data. In this process, the cipher
and the process is very slow. text is obtained by a ‘bit by bit’ operations on plaintext. There
are few common Lightweight Stream Ciphers such as Trivium,
• Diffie-Hellman – The private key is very short, as a result,
Chacha, WG-8, Espresso, but these have high throughput.
the process is faster. Due to a short private key, it faces Grain 128 is one of the most accepted and suitable lightweight
more attacks and the process is also vulnerable to man in ciphers for constrained device, though it has low throughput.
the middle attacks. Espresso is known to be the fastest among the lightweight
• Digital Signature Algorithm (DSA) – This process is faster ciphers below 1500 GE. [8]
and more beneficial than other Asymmetric algorithms,
but the digital signatures have short life span and the Block ciphers have a fixed length of bits and different
sharing is complicated [3]. stages of transformation which is determined by a symmetric
key. Block ciphers are very versatile, which is very helpful
• Elliptical Curve Cryptography (ECC) – Though it is more
from IoT perspective. Another advantage is that this process
complex and difficult to implement, it consumes less has almost identical encryption and decryption methods. So, it
power. Amongst the different types of Asymmetric is possible to be implemented with lesser resources.
algorithms ECC is most favorable for implementation in
restricted devices [2].

Fig. 1. Asymmetric Key Cryptography Fig. 2. Symmetric Key Cryptography

0476
 TABLE I. COMPARISON BETWEEN ASYMMETRIC KEY It is important to mention that among all the block cipher
CRYPTOGRAPHY AND SYMMETRIC KEY CRYPTOGRAPHY algorithms, AES (Advanced Encryption Standard) is the most
well-studied algorithm. Numerous studies have already been
done and more are ongoing on AES, to make it lightweight and
Cryptography Methods IoT friendly.
Asymmetric Key
Symmetric Key Cryptography
Cryptography III. ADVANCED STANDARD ENCRYPTION (AES)
A unique pair of private and
Keys
public key
One shared private key AES received standardization in 2001 by the National
Institute of Standards and Technology (NIST) and from that
Number of Linearly proportional to the Exponentially proportional to
keys number of users the number of users
time it has been studied fully by the researchers. In the
security level, it is possible that different devices will require a
Because of different keys
Speed and
used, it requires more time
Faster than asymmetric key different level of security and each device will have different
Complexity cryptography power budget and throughput.
to get the transmission done
More complex hardware Less complex hardware
implementation as it implementation as it If we think from the algorithm level, the security level will
Hardware implements computational implements algorithms with depend on the construction of the algorithm and on the length
complexity heavy algorithms which simple operations which of the key. AES has three different key sizes, which ensures
need more powerful need relatively inexpensive
hardware hardware
different security levels. To the best of our knowledge, it has
Bulk data encryption, well-proved security and it is widely used in data encryption
Key Encryption and encrypting files and and in security measures. AES has low complexity and higher
Use distributing keys, it provides communication paths, it security level [14]. AES core is divided into two paths: Data
Confidentiality provides Confidentiality and
Authentication
Encryption Path and Key Expansion Path. Overall AES has
four significant rounds.
Stream cipher: Trivium,
Chacha, WG-8, Espresso, 1. Key Expansion: Round keys are derived from the cipher
Grain 128 key. This step has three rounds itself, Rotate, S-Box,
Block Ciphers: AES, DES,
Examples RSA, DSA, ECC 3DES, Blowfish, Twofish,
and Rcon (Fig. 3).
Curupira, PRESENT, 2. Initial Round:
KATAN. TEA, Humming Add Round Key: Each byte of the state is combined
Bird, RECTANGLE, with a block of the round key using bitwise XOR.
SIMON
3. Rounds:
a. Sub Bytes: A non-linear substitution step where each
Though the block ciphers have low latency, these are the byte is replaced with another according to a lookup
most researched and modified solutions for IoT Security [8]. table.
There are different kinds of Block Ciphers such as Advanced b. Shift Rows: A transportation step where the last three
Encryption Standard (AES), Data Encryption Standard (DES), rows of the state are shifted cyclically a certain
3DES, Blowfish, Twofish. Different approaches have been number of steps.
taken by researchers to make these block ciphers lightweight c. Mix Columns: A mixing operation which operates on
and IoT suitable. A few other lightweight block ciphers which the columns of the state, combining the four bytes in
are being researched are Curupira, PRESENT, KATAN, TEA, each column and Add Round Key.
Humming Bird, RECTANGLE, SIMON. Table II shows a 4. Final Round: All three rounds except Mix Columns. [15]
basic comparison among some common block ciphers
[8][9][10][11].
Different cryptographic standardization efforts consider
both Software and Hardware security aspect. A comparison
among hardware and software implementations of few
lightweight block ciphers was done by [12]. Software and
Hardware security solutions have different metrics. Software
metrics include cycles, memory, cycle per byte, whereas
Hardware metrics include throughput, area, throughout-area
ratio. It is difficult to get a direct comparison amongst these
two. In [12], the authors succeeded to compare by using a
custom lightweight reconfigurable processor. They compared
area, throughput/area ratio amongst AES, SIMON, SPECK,
PRESENT, LED, TWINE, both hardware and software
implementations. SPECK, TWINE and PRESENT performed
well in both hardware and software. A basic comparison
between Hardware and Software security solution is provided
in Table III [13]. Fig. 3. AES – Key Expansion

0477
 TABLE II. PROPERTIES OF DIFFERENT BLOCK CIPHERS rounds. 4 rounds are added as a security margin. This is a
conservative approach [16].
Key Size Block No. of
Block Cipher
(bit) Size (bit) Rounds
Characteristics A. Recent Research Work on AES for IoT
128,
10, 12, Excellent security, Lightweight AES for IoT is a demanding research topic till
AES 192, 128 date. A power efficient AES Core was presented by [14] for
14 Flexible
256
IoT constrained devices implemented in UMC 130 nm
Not very secure but
DES 64 64 16
flexible
technology. A fully Quasi Delay Insensitive (QDI)
asynchronous implementation was presented by [17] for AES
112, algorithm. Multiple organization strategies was presented by
3DES 64 48 Good security, flexible
118
[18] for AES 32-b datapath to achieve a low-cost, high-
Blowfish 32-448 64 16
Excellent security, throughput, low-power and energy design with multiple levels
flexible of security. A novel AES microarchitecture with 32-bit
128, datapath optimized by [19] for low-power and low-energy
Can’t be broken
Twofish 192, 128 16
256
remotely consumption targeting IoT application. A compact and
96, 144, 96, 144, Less space required to
lightweight AES circuit design was proposed by [20] suitable
Curupira 96 for IoT application. Very attractive results were found from
192 192 store S-boxes
Less gate count, less [21][22][23] for AES proposals. Energy efficiency of different
memory, Used for block cipher including AES was explored by [24]. Table IV
PRESENT 80, 128 128 32
encrypting small includes a comparison among different recent (2015-2018)
amount of data AES implementations.
Hardware oriented
block cipher, inefficient
32, 48, software
KATAN 80 256
64 implementation,
consumes too much
energy, low throughput
Security can be
enhanced just by
TEA 128 64 32
increasing the number
of iterations
Suitable for RFID tags
or Wireless Sensor
Humming Bird 256 16 4 Network, Low power
consumption, High
speed
Excellent performance,
SIMON 64~256 32~128 32~2 easy to implement,
flexible
Ultra-lightweight,
TWINE 80,128 64 36
Enough speed
Efficient hardware
implementation, used
LED 64, 128 64, 128 -
for transmission of
RFID tags
Hardware friendly,
RECTANGLE 80 64 25 faster, gives high
throughput

AES has a block size of 128 bits and key sizes of 128,
192 and 256 bits.
• For a 128-bit key 10 rounds are required.
• For a 192-bit key 12 rounds are required.
• For a 256-bit key 14 rounds are required.
Fig. 4 shows block diagram of 10 rounds of AES-128. The
number of rounds is determined by looking at the maximum
number of rounds for which shortcut attacks have been found
and added a considerable security margin. A shortcut attack is
an attack more efficient than exhaustive key search. For AES
with a block length and key length of 128 bits, no shortcut
attacks have been found for reduced versions with more than 6 Fig. 4. 10 rounds of AES – 128 (Block Diagram)

0478
 TABLE III. COMPARISON BETWEEN HARDWARE AND C. Attacks on AES
SOFTWARE SECURITY SOLUTION
Hardware implementation of AES for IoT can attract some
hardware security attacks. It is important to observe the
Hardware Security Solution Software Security Solution
attacks and find solutions. Some recent research works are
Keys are segregated within an Numerous copies of keys live across mentioned below about attacks on AES.
isolated security environment system and backups
Memory access is not secure The effectiveness of the proposed Differential Fault
enough. It can’t facilitate their own Analysis Attacks to AES decryption was proved by [31]. A
Can contain internally managed
memory space, gives more
physical memory, it uses externally wireless interceptive Side Channel Attack technique was
available memory or secondary proposed by [32] to reveal the secret key of the AES-128
memory space protection
memory, where memory protection
is difficult encryption algorithm for IoT application. A relative key
impossible differential attack on 7 round AES 192 was
More data integrity assurance Less data integrity assurance proposed by [33]. As the above mentioned worked on
Software implementations are more different attacks on AES, [34] presented a voltage-scalable
Less susceptible to reverse easily readable by adversaries and full datapath 128-bit AES chip with intrinsic Differential
engineering are therefore more susceptible to Power Analysis resistance that is suitable for IoT applications.
reverse engineering
A counter measure against Correlation Power Analysis attacks
Can mask the fluctuation in power Have a defined pattern in terms of
consumption to prevent Power power consumption, not resistant to was proposed by [35] by using a false key and Wave Dynamic
Analysis attacks Power analysis attacks Differential Logic based XOR gates.
Not dependent on high level Dependent on Operating System
operating system services Security IV. DISCUSSION
Security has been the main area of focus for researchers in
the field of IoT. It is difficult to find one clear approach which
B. Recent Research Work on AES for IoT Focusing Mix- will fit all kinds of application of IoT. Various kinds of devices
Column and S-box are connected in IoT network. Some devices can afford to have
a heavyweight and a high security method, but most of the
A hardware implementation of the AES algorithm has two devices in IoT are resource constrained. They need a security
major challenges: Mix-column round and S-box. Reducing the solution which acts fast. At the same time, it needs to be less
area and the delay of Hardware implementation of AES are complex and versatile. Last but not the least important factor is
the main goals of the researchers. Researchers have been trusted security. By 2020, the ratio will become four connected
working to propose a lightweight AES, which is suitable for devices per person [Business Insider]. We can’t jeopardize our
future by choosing a non-trusted algorithm.
IoT. Researchers have been working on Mix-Column and S-
box till date. We started doing this survey with a goal of finding the best
suitable solution for IoT security. By keeping in mind, the
A novel FPGA implementation of AES was proposed by constrains IoT devices have, we have started our research by
[25] by using high performance Mix-Column and inv-Mix- looking into Lightweight Cryptographic solutions. We have
Column methods, which uses properties of binary calculation. studied research work about Asymmetric and Symmetric Key
Their result shows 12% reduction in area and 20% increase in Cryptographic solution. We need a faster and less complex
speed compared to the original AES design. Another paper, solution for IoT and we concluded Symmetric Cryptographic
[26] also worked on Mix-Column to make it faster and low solutions have these properties.
complex. Their result shows less complexity and reduced
number of gates than other relevant work. Another work was We further researched and studied research work about
stream ciphers and block ciphers, the two most important
done by [27]. They also worked on Mix-Column and they
Symmetric Cryptographic ciphers. Block ciphers being more
have found better result in terms of gate size and number of
versatile than stream ciphers, researchers have come up with
clock cycles. multiple lightweight block ciphers which can be applicable for
A new approach was presented by [28] to the design of a IoT.
low area GF(2^8) finite field inverter with the shortest critical Our next goal was to find the most trusted and researched
path for S-box. S-boxes which are obtained from commutative block cipher. After going through and comparing multiple
chain ring were used by [29]. A new design was proposed by research works, we concluded Advanced Encryption Standard
[30] for the AES combined S-box/inverse S-box and their (AES) is the most trusted and researched block cipher which
design outperforms best designs in research. S-boxes and Mix- can save the world from Internet of Insecure Things. The issue
Column rounds are two major issues for AES to become a with AES is that the original proposal wasn’t meant to be
lightweight and suitable block cipher for IoT. There is no fulfilled the Lightweight requirements of a block cipher.
argument about the security level of AES. The vulnerable IoT
In this paper, we also included a comparison among
network can be saved by a lightweight AES. Researchers have Hardware and Software security solutions and we concluded,
been proposing new architectures, working on Mix-Column that at this moment, we need to find a hardware solution for
and S-boxes to achieve the desired goal. IoT.

0479
 TABLE IV. COMPARISON AMONG DIFFERENT RECENT (2015-2018) AES IMPLEMENTATIONS.

Ref. Year Tech. Data- Frequency Area Area Cycles/ Power (mW) Throughput Energy/B
path (MHz) (kGEs) (mm2) Encryption it (pJ/bit)
[14] ’17 130nm - 50 - - - 10.74 2.601 Gbps -
[17] ’17 130nm - - - 0.64 - 5.47 - -
[18] ’17 28nm 32 bit 10 8.6 - 44 0.02 28 Mbps 0.65
[20] ’18 28nm 8 bit 50 - 0.0028 213 0.045 30.05 Mbps 1.50
[21] ’15 22nm 8 bit 76 1.95 0.0022 336 0.17 29 Mbps 5.6
[22] ’16 40nm 8 bit 122 2.2 0.00429 337 0.1 46.2 Mbps 2.2
[24] ’15 90nm 32 bit 10 5.5 - 44 - 28 Mbps 6.2
[23] ’15 65nm 8 bit 32 4 0.012 160 0.0617 25.6 Mbps 2.3

We set our next goal to gather the research work on [6] R. Djdlqvw, K. Wwdfnv, and I. R. U. Ljkwzhljkw,
Lightweight AES. We came across different works on AES “2016_Protection of ECC computations against side-channel attacks
architecture to make it lightweight. We also concluded that for lightweight implementat,” vol. 3, pp. 5–10, 2016.
[7] T. K. Goyal and V. Sahula, “Lightweight security algorithm for low
Mix Column and S-box are two important parts of AES which power IoT devices,” 2016 Int. Conf. Adv. Comput. Commun.
are responsible for its complexity. We also surveyed research Informatics, ICACCI 2016, pp. 1725–1729, 2016.
work that have worked on these issues. [8] M. A. Philip, “A Survey On Lightweight Ciphers For IoT Devices,”
2017 Int. Conf. Technol. Adv. Power Energy ( TAP Energy), pp. 1–
Finally, we also included the work different attacks on 4, 2017.
AES. This survey followed comprehensively a path of possible [9] S. Surendran, A. Nassef, and B. D. Beheshti, “A survey of
security solutions and according to our research we concluded cryptographic algorithms for IoT devices,” 2018 IEEE Long Isl.
lightweight AES can be a suitable security solution for Syst. Appl. Technol. Conf. LISAT 2018, pp. 1–8, 2018.
[10] R. Sharma and S. Pansare, “Analysis of symmetric key
constrained IoT devices. cryptographic algorithms,” Int. Res. J. Eng. Technol., vol. 4, no. 2,
pp. 1628–1630, 2017.
V. CONCLUSION AND FUTURE RESEARCH [11] M. A. Bahnasawi et al., “ASIC-oriented comparative review of
hardware security algorithms for internet of things applications,”
In this survey, we discussed comprehensively a flow of Proc. Int. Conf. Microelectron. ICM, pp. 285–288, 2017.
lightweight security solutions for Internet of Things. We [12] W. Diehl, F. Farahmand, P. Yalla, J. P. Kaps, and K. Gaj,
surveyed research work on Asymmetric cryptographic “Comparison of hardware and software implementations of selected
lightweight block ciphers,” 2017 27th Int. Conf. F. Program. Log.
algorithms and Symmetric cryptographic algorithms (Stream Appl. FPL 2017, 2017.
Ciphers and Block Ciphers) for IoT. We also surveyed very [13] H. Bar-El, “Security implications of hardware vs. software
recent research work (2015-2018) on AES for IoT in terms of cryptographic modules,” Discret. White Pap., pp. 1–3, 2002.
architecture, Mix-Column/S-box modify strategy and attacks. [14] S. Agwa, E. Yahya, and Y. Ismail, “Power efficient AES core for
According to our study we conclude, lightweight AES can be a IoT constrained devices implemented in 130nm CMOS,” Proc. -
very good security solution for constrained IoT devices. IEEE Int. Symp. Circuits Syst., pp. 2–5, 2017.
[15] M. A. Habib, M. Ahmad, S. Jabbar, S. H. Ahmed, and J. J. P. C.
AES block cipher is the most researched and trusted block Rodrigues, “Speeding Up the Internet of Things: LEAIoT: A
Lightweight Encryption Algorithm Toward Low-Latency
cipher. Researchers are still working on making AES
Communication for the Internet of Things,” IEEE Consum.
lightweight and suitable for IoT. For our future work, we will Electron. Mag., vol. 7, no. 6, pp. 31–37, 2018.
work on AES architecture with a goal of proposing a [16] J. Daemen and R. Vincent, The Design of Rijndael: AES - The
lightweight solution for IoT. Advanced Encryption Standard. Berlin, Heidelberg: Springer Berlin
Heidelberg, 2002. pp.41.
[17] N. El-Meligy, M. Amin, E. Yahya, and Y. Ismail, “130nm Low
REFERENCES power asynchronous AES core,” Proc. - IEEE Int. Symp. Circuits
[1] J. Wurm, K. Hoang, O. Arias, A. R. Sadeghi, and Y. Jin, “Security Syst., pp. 7–10, 2017.
analysis on consumer and industrial IoT devices,” Proc. Asia South [18] D. H. Bui, D. Puschini, S. Bacles-Min, E. Beigne, and X. T. Tran,
Pacific Des. Autom. Conf. ASP-DAC, vol. 25–28–Janu, pp. 519– “AES Datapath Optimization Strategies for Low-Power Low-
524, 2016. Energy Multisecurity-Level Internet-of-Things Applications,” IEEE
[2] C. A. Lara-Nino, A. Diaz-Perez, and M. Morales-Sandoval, Trans. Very Large Scale Integr. Syst., vol. 25, no. 12, pp. 3281–
“Elliptic Curve Lightweight Cryptography: a Survey,” IEEE Access, 3290, 2017.
vol. PP, no. c, pp. 1–1, 2018. [19] D. H. Bui, D. Puschini, S. Bacles-Min, E. Beigne, and X. T. Tran,
[3] S. Chandra, S. Paira, S. S. Alam, and G. Sanyal, “A comparative “Ultra low-power and low-energy 32-bit datapath AES architecture
survey of symmetric and asymmetric key cryptography,” 2014 Int. for IoT applications,” IEEE Jt. Conf. - Int. Conf. IC Des. Technol.
Conf. Electron. Commun. Comput. Eng. ICECCE 2014, pp. 83–93, ICICDT 2016 Solid State Syst. Symp. 4S 2016, 2016.
2014. [20] M. Lu, A. Fan, J. Xu, and W. Shan, “A Compact, Lightweight and
[4] O. P. Pinol, S. Raza, J. Eriksson, and T. Voigt, “BSD-based elliptic Low-Cost 8-Bit Datapath AES Circuit for IoT Applications in 28nm
curve cryptography for the open Internet of Things,” 2015 7th Int. CMOS,” 2018 17th IEEE Int. Conf. Trust. Secur. Priv. Comput.
Conf. New Technol. Mobil. Secur. - Proc. NTMS 2015 Conf. Work., Commun. 12th IEEE Int. Conf. Big Data Sci. Eng., pp. 1464–1469,
2015. 2018.
[5] I. Chatzigiannakis, A. Pyrgelis, P. G. Spirakis, and Y. C. Stamatiou, [21] T. Cmos et al., “Hardware Accelerator With Area-Optimized,” vol.
“Elliptic curve based zero knowledge proofs and their applicability 50, no. 4, pp. 1048–1058, 2015.
on resource constrained devices,” Proc. - 8th IEEE Int. Conf. Mob. [22] Y. Zhang, K. Yang, M. Saligane, D. Blaauw, and D. Sylvester, “A
Ad-hoc Sens. Syst. MASS 2011, pp. 715–720, 2011. compact 446 Gbps/W AES accelerator for mobile SoC and IoT in

0480
 40nm,” IEEE Symp. VLSI Circuits, Dig. Tech. Pap., vol. 2016– 2018.
Septe, pp. 2015–2016, 2016. [30] A. Reyhani-masoleh, M. Taha, and D. Ashmawy, “New Area
[23] W. Zhao, Y. Ha, and M. Alioto, “AES architectures for minimum- Record for the AES Combined S-box / Inverse S-box,” pp. 141–
energy operation and silicon demonstration in 65nm with lowest 148, 2018.
energy per encryption,” Proc. - IEEE Int. Symp. Circuits Syst., vol. [31] L. Zhu, Y. Wang, and R. Li, “Efficient differential fault analysis
2015–July, pp. 2349–2352, 2015. attacks to AES decryption for low cost sensors in IoTs,” Proc. -
[24] S. Banik, A. Bogdanov, and F. Regazzoni, “Exploring Energy IEEE Int. Symp. Circuits Syst., vol. 2016–July, no. 61173036, pp.
Efficiency of Lightweight Block Ciphers,” pp. 178–194, 2016. 554–557, 2016.
[25] S. Arrag, A. Hamdoun, A. Tragha, and S. E. Khamlich, “Design and [32] A. A. Pammu, K. S. Chong, W. G. Ho, and B. H. Gwee,
Implementation A different Architectures of mixcolumn in FPGA.” “Interceptive side channel attack on AES-128 wireless
[26] H. Li and Z. Friggstad, “An efficient architecture for the AES mix communications for IoT applications,” 2016 IEEE Asia Pacific
columns operation,” Proc. - IEEE Int. Symp. Circuits Syst., no. 3, Conf. Circuits Syst. APCCAS 2016, pp. 650–653, 2017.
pp. 4637–4640, 2005. [33] K. B. Jithendra, “New Results in Related Key Impossible
[27] P. Parikh and S. Narkhede, “High performance implementation of Differential Cryptanalysis on Reduced Round AES-192,” 2018 Int.
mixing of column and inv mixing of column for AES on FPGA,” Conf. Adv. Commun. Comput. Technol., pp. 1–5, 2018.
2016 Int. Conf. Comput. Power, Energy, Inf. Commun. ICCPEIC [34] S. Lu, Z. Zhang, and M. Papaefthymiou, “Resistance for IoT
2016, pp. 174–179, 2016. Devices,” vol. 2, no. 2142, pp. 65–68, 2017.
[28] M. M. Wong, M. L. D. Wong, C. Zhang, and I. Hijazin, “Compact [35] Y. Weize and S. Kose, “A Lightweight Masked AES
and short critical path finite field inverter for cryptographic S-box,” Implementation for Securing IoT Against CPA Attacks,” IEEE
Int. Conf. Digit. Signal Process. DSP, vol. 2015–Septe, pp. 775– Trans. Circuits Syst. I Regul. Pap., vol. 64, no. 11, pp. 2934–2944,
779, 2015. 2017.
[29] T. Shah, “Serpent Algorithm : An improvement by 4 × 4 S - box
from finite Chain ring,” 2018 Int. Conf. Appl. Eng. Math., pp. 1–6,

0481
View publication stats