Performance Evaluation Of Various Cryptographic Authentication Methods On Iot
Board
Mihir Mehta1, Kajal Patel2
1Research Scholar, Gujarat Technological University, Ahmedabad
mihir240491@gmail.com
2 Associate Professor, VGEC-Chandkheda, Ahmedabad
kspldce@gmail.com
Article History: Received: 11 January 2021; Revised: 12 February 2021; Accepted: 27 March 2021; Published
online: 23 May 2021
Abstract— Physical devices are connected to the Internet of Things architecture. They include collection of
data, transmission of data and also to store a data. If there is no security algorithm deployed in IoT infrastructure, it can leads to greater security risks. IoT consists of resources which have limitation in terms of computational power and also storage capacity. Existing cryptography algorithms such as DES, AES and RSA can be deployed for providing Security to IoT applications. However, before deploying them on IOT boards; their performance should be examined. IoT prefers lightweight solutions. Preferred Solution should be fast and also it should occupy less storage area. Means Time complexity and Space complexity should be lower for preferred solution. In this paper, we have evaluated the performance of various cryptography algorithms on Raspberry Pi 4 board. We have measured Time Complexity, Space Complexity and Key Setup time for different above stated algorithms.
Keywords - IOT, DES, AES, RSA, Performance attributes
1. INTRODUCTION
The art and science of securing data by changing the contents into unreadable form by applying various algorithms can be defined as Cryptography. It mainly involves two techniques for providing security to data: Substitution and Permutation. Substitution involves replacing alphabets/number of original data message by any other alphabet/number. While Permutation involves rearranging alphabet/number positions presents in original data message. There are two types of cryptography algorithms: (1) Symmetric Cryptography (2) Asymmetric cryptography. Any of above cryptography algorithm base is logic of encryption and key value. In Symmetric cryptography, same key is used at sender side for the encryption of message and that same key is used at receiver side for decryption of the message. In Asymmetric cryptography, pair of key used for encryption-decryption purpose. There is a pair of Public and Private key for each use. If message is encrypted with public key of receiver at the sender side, it will be decrypted with the receivers’ private key at another destination side.
Following key points are involved in cryptography. (1) Plain Text Message which is in readable form.
(2) Encryption algorithm which includes actual logic for providing security to data (3)Key value which will be Input for any Encryption algorithm
(4) Decryption algorithm. Generally it is same as Encryption algorithm. But it runs in reverse manner. (5) Cipher text which is secure data message in unreadable form.
Figure 1: Cryptography Process Overview
Internet of things provides opportunity of directly connection to the Internet to different things. It offers various applications into different domains such as Smart Home, Smart Health care, Smart
City, Smart Manufacturing and Smart Farming [1]. Public convenience can be enhanced by introducing automation with the help of IOT applications. The main components of IOT are: Sensors, Aggregator, Transmission channel, External Utility and Decision Trigger. The various security algorithms Data Encryption Standard (DES), Advanced Encryption Standard (AES) and Rivest Shamir Adlemen (RSA) are implemented in Python and their performance is evaluated on IOT board Raspberry Pi 4.
1.1 Raspberry Pi
Raspberry Pi is a small palm sized computer that can be plugged with monitor or TV. Raspberry Pi 4 is the latest model in its family. Specifications of this model is as follows: (1) 64 bit Quad Core ARM v8 Processor (2) 2Gb, 4Gb or 8Gb SDRAM (3) 2 USB 3.0 Ports and 2 USB 2.0 Ports (4) Standard 40 Pins GPIO (5) 2 Micro HDMI Ports (6) Micro SD Card slot (7) Operating Temperature: 0 to 50 degree C [10,11].
This model provides faster speed, higher performance and also memory in comparison with previous all Raspberry Pi Models. It operates on 5 Volts power supply via USB-C Connector or GPIO Header. It is estimated that Raspberry Pi 4 will remain in active production cycle till 2026. Diagrammatical representation of Raspberry Pi 4 is as below:
Figure 2: Raspberry Pi 4 Model [10] The main components are as below [10]:
(1) GPIO Pins (2) Ethernet Ports (3) USB Port (4) USB Port (5) HDMI Port (6) Micro USB Power (7) Micro SD Card
ARM CPU/GPU: CPU handles all the computations – taking Inputs, doing calculations and for producing output. GPU handles graphical output.
GPIO: General purpose Input Output Pins. GPIO allows to connect various electronic components such as LED, Sensors to the Raspberry Pi.
USB Ports: They provide connection of Mouse, Key board and USB drive to the Raspberry Pi.
Ethernet Port: Raspberry Pi can be connected to the network with the help of cable or wireless LAN. Ethernet port provides this functionality.
SD Card Slot: We can put SD Card here in this slot. SD card contains Operating system and other files for storage purpose.
Micro USB Power connector: This can be used to supply power to the Raspberry Pi.
2. CRYPTOGRAPHY CIPHERS METHODOLOGY 2.1 DES
Data Encryption Standard is a block cipher [5]. It operates on a block of data having size 64 bits [6]. Plain text message is divided into multiple blocks. Each block size should be 64 bits. If last block has less than 64 bits data content, than padding is applied to fill up the data block to required length. 64 bit plain text block is than applied to DES algorithm. Initially, 64 bit key value is selected for encryption purpose. After that, every 8th bit from key is going to be discarded. So, effective key
length is 56 bit for DES algorithm. The same algorithm and key are used for encryption purpose at the sender side and for decryption purpose at the receiver side. At the output, 64 bit cipher text will be achieved.
Figure 3: DES Work Flow [7] Overall work flow for DES algorithm is as follows:
(1) 64 bit plain text block is applied to an Initial Permutation function.
(2) The Initial Permutation will be done on applied block. It will replace the positions of original plain text bits.
(3) Initial Permuted text will be divided into two parts: (1) Left Plain Text (2) Right Plain Text block.
(4) Each part LPT and RPT will go through 16 rounds of encryption process. Each round performs following activities: (a) Key Transformation (b) Expansion Permutation (c) S-Box Substitution (d) P-Box Permutation (e) XOR and Swap.
(5) After the 16th round; LPT and RPT will be combined and Final Permutation will be performed on the combined block.
(6) The result will be 64 bit cipher text.
In Initial Permutation stage, transposition process is happens. Means bit positions in the plain text block is going to change. Example; 1st bit content of plain text block is replaced with the content of
58th bit of plain text block. IP activity is done before the 1st round. After IP activity, permutated text
is divided into two equal parts, each having 32 bits length: LPT and RPT. 16 rounds are performed after that on these two parts. During each round as per discussed (a) Key Transformation (b) Expansion Permutation (c) S-Box Substitution (d) P-Box Permutation (e) XOR and Swap, steps are applied. In Key Transformation step, different 48 bit round key is generated for each round. In
Expansion Permutation step, 32 bit RPT is expanded to 48 bit by using the concept of substitution and transposition. After that during S-Box substitution step, result derived from X-OR operation of 48 bit round key and 48 bit expanded RPT is applied to S-Box. At the output of this stage, 32 bit text block is achieved. The output 32 bit block of S-Box is permuted by the use of P-Box. The result of this stage is X-ORed with 32bit LPT. And result of this XOR operation becomes next round RPT. And previous round 32 bit RPT becomes next round 32 bit LPT. In this fashion, 16 rounds will be performed. After that, at last Final permutation is performed and 64 bit Cipher text can be achieved. We have implemented DES algorithm in Python and embedded it on Raspberry Pi 4 board. Output of DES algorithm when we run it on Raspberry Pi is as below:
Figure 4: DES Algorithm Pseudo Code Output
2.2 AES
Advanced Encryption Standard is a block cipher. It supports the plain text block of 128 bit size. Key size can be 128 bit, 192 bit or 256 bit for AES. The key size decides the numbers of rounds to be performed on plain text block. The numbers of rounds can be 10, 12 or 14 depending on the length of key which will be used during encryption process [8]. It is very much popular and well known cipher currently [8]. It is approximately six times faster than triple-des algorithm. It is based on “Substitution-Permutation Network”. AES performs all of described operations on bytes rather than bit. So, 128 bits plain text block can be treated as 16 bytes. These 16 bytes are also arranged in 4*4 matrix form- 4 rows and 4 columns.
Table 1: Number of rounds and key size Plain Text
Size
Key Size Numbers of Rounds
128 bit 128 bit 10
128 bit 192 bit 12
128 bit 256 bit 14
The structure of AES is as follows:
The process of encryption of plain text block for AES is as follows:
(1) Bytes Substitution: 16 input bytes are substituted in this step by looking up a fixed S-Box.
(2) Shift Rows: Entries from each of the row of matrix will be circularly shifted left. The number of rotation depends on row no. Example: 0th row will not be shifted, 1st row will be shifted by 1 position
in circular left manner.
(3) Mix Columns: Each column of 4*4 Input matrix is transformed using mathematical function. Result will be new 4*4 matrix which will consist 16 different entries from original matrix element
entries.
(4) Add Round Key: 16 bytes of the matrix are now XORed with 16 bytes (128 bit) key value. If we are at the final round of encryption; result will be cipher text. Otherwise, on the output of this stage, next round will be performed.
Figure 5: AES Algorithm Process
The process of decryption in AES is similar to the process of encryption. However, above all four processes will be performed on reverse order on the cipher text block. We have implemented AES algorithm in Python and embedded it on Raspberry Pi 4 board. Output of AES algorithm when we run it on Raspberry Pi is as below:
Figure 6: AES Algorithm Pseudo Code Output
2.3 RSA
RSA is asymmetric algorithm which consists of pair of keys Public key and Private Key [12]. Generated this pair of keys is based on prime numbers in RSA algorithm. The steps involved in this algorithm is as below:
(1) Select two prime numbers of enough large length- X and Y. (2) Compute multiplication of X and Y. Let’s say it as Q.
(3) Choose the public key M such that it should not a factor of (X-1) and (Y-1). (4) Choose the private key N such that (N*M) mod (X-1) (Y-1) = 1.
(6) Decryption of the Cipher Text, Plain Text = Cipher Text N mod Q.
We have implemented RSA algorithm in Python and embedded it on Raspberry Pi 4 board. Output of RSA algorithm when we run it on Raspberry Pi is as below:
Figure 7: RSA Algorithm Pseudo Code Output
3. PERFORMANCE EVALUATION OF CIPHERS
We have executed some of well-known cryptography algorithms- DES, AES and RSA on Raspberry Pi 4 Model. For Implementation purpose, we have used Python framework and then code is uploaded to IoT board. We have measured various parameters for these algorithms. Measured Parameters are: (1) Time Complexity (2) Space Complexity (3) Key Setup Time.
(1) Time Complexity: Total required amount of time to run on Arm cortex processor by specific algorithm. It is measured in Milliseconds.
(2) Space Complexity: Total required memory for storing code on Arm cortex processor for specific algorithm. It is measured in Kilo Bits- KB.
(3) Key Setup Time: It signifies required amount of time for generating keys through key management system for specific algorithm. It is measured in Millisecond.
Table 2: Key Setup Time Measurement
Algorithm Name Key Length Key Setup Time (Millisecond)
DES 64 bit 1.65
AES 128 bit 3
Figure 8: Graph Measuring Key Setup time Table 3: Total Execution Time measurement Algorithm Name Total Time (Milliseconds)
DES 4.55 AES 4.22 RSA 1235 1.65 3 6.74 0 1 2 3 4 5 6 7 8 Setup (MilliSeconds) Series1 Series2 Series3
4.55 4.22 4 4.1 4.2 4.3 4.4 4.5 4.6 DES AES DES AES
Figure 9: Graph measuring total execution time Table 4: Space Complexity measurement Algorithm Name Memory (Kilobits)
DES 16596.992
AES 17039.36
RSA 16433.152
Figure 10: Graph measuring Space complexity
4. CONCLUSION
IoT is growing technology now a days. Various applications based on IoT are going to use in different domains of society. As, we all know; in IoT different objects are connected to the Internet. Internet is open to all means that it also raises the risk for launching different cyber-attacks. So, to provide security cryptography algorithms are very much needed. IOT is resource constrained network, it has limitation in terms of resources such as computing resources, storage resources and also power. IoT device authentication offers security against various well known cyber threats such as Identity Spoofing, MITM and Replay attack. As it verifies identity of device before granting access to network resources. Currently, Cryptographic ciphers- DES, AES and RSA are popular for obtaining
1235 0 200 400 600 800 1000 1200 1400 RSA RSA 16596.992 17039.36 16433.152 16000 16200 16400 16600 16800 17000 17200 Memory (kb)
authentication service in the network. Among them, we should select cipher which is optimal and consumes lesser system resources. So, we have evaluated the performance of various cryptography algorithms on Raspberry Pi 4 IoT board. We have considered attributes- Key Set up time, Total execution time and Space complexity for selecting appropriate candidate cipher. Based on results, we can say that symmetric cryptography algorithms are more suitable for IOT network as they require lesser resources in comparison with asymmetric cryptography algorithms.
5. REFERENCES
[1] Jeffry Voas, Bill Agresti “A Closer Look at the IOT “things” “ published by IEEE Computer
Society, Vol. 20, Issue 30, Page No. 11-15, May 2018.
[2] Tarak Nandy, Norjihan Abdul Ghani and Sananda Bhattacharya,” Review on Security of Internet of Things Authentication Mechanism” published in IEEE Access, Vol. 7, Page No.
151054- 151089, 2019.
[3] Chang-le Zhong, Zhen Zhu and Ren-gen Huang ‘‘Study on the IOT Architecture and Access Technology” presented at IEEE 16th International Symposium on Distributed Computing and
Applications to Business, Engineering and Science, 2017
[4] Sudip Maitra, Dylan Richards et al. “Performance Evaluation of IoT Encryption Algorithms: Memory, Timing, and Energy” published in IEEE Sensors Applications Symposium, 2019.
[5] Nuzhat Khan, Nazmus Sakib et al. “Performance analysis of security algorithms for IoT devices” published in IEEE Region 10 Humanitarian Technology Conference, Dhaka, Bangladesh,
2017.
[6] Geovandaro C., Rehan C.A. Alves et al. “Performance Evaluation of Cryptographic Algorithms over IoT Platforms and Operating Systems” published in Security and Communication Network,
Hindwai, Vol. 2017.
[7] Jimil Patel, Prerak Shah et al. “A Performance Study on Cryptographic Algorithms for IoT Devices” published in Proceedings of the Tenth ACM Conference on Cryptographic algorithms for
IOT Devices, March, 2020.
[8] Yue Li, Yanqin Cao “Performance evaluation and analysis of lightweight symmetric encryption algorithms for internet of things” published in International Journal of Reasoning based Intelligent
Systems, Inderscience, Vol.8, 2016.
[9] Daniel A.F. Saraiva, Valderi Reis et al. “PRISEC: Comparison of Symmetric Key Algorithms for IOT Devices”, published in Sensors, 2019, 19, 4312.
[10] https://www.raspberrypi.org/products/raspberry-pi-4-model-b/specifications. [11]https://www.raspberrypi.org/documentation/installation/installing-images [12] R. Tripathi and S. Agrawal, "Comparative Study of
Symmetric and Asymmetric Cryptography Techniques", published in International Journal of
Advance Foundation and Research in Computer, vol. 1, no. 6, pp. 68-76, 2014
[13] P. Nandhini and Dr.V. Vanitha, "A Study of Lightweight Cryptographic Algorithms for IoT",
published in International Journal of Innovations & Advancement in Computer Science, vol. 6, no. 1,pp.26-35,2017
