CHAPTER 1- INTRODUCTION

1.1 Introduction

In today’s world most of the communication is done using electronic data. IoT
(Internet of Things) has become most popular domain in the world. By using IoT, any device
connected to the internet can be controlled. With IoT, there will be rapid growth in the
number of connected devices. The interconnected devices can better arrange your life and be
more productive, safer, smarter and informed than ever before. Security is one of the major
concerns of experts who believe virtually endless connected devices and information sharing
can severely compromise one’s security. Security is one of the most important concepts in
data security as the data to be uploaded should be made secure to protect data from malicious
attacks. Many algorithms are used to secure the data. As more and more devices start to
connect the need will force technocrats to come up with most advanced concepts and
methods to ensure growth of this technology. The techniques of making the data secure
comes under cryptography. It is expected that by 2020 IoT will consist of almost 50 billion
objects and an estimated value of $19 trillion.

IoT is defined as controlling things located at any part of the world via internet. There
are many devices connected to the internet. From building and home automation to
wearables, the IoT touches every facet of our lives. It makes developing applications easier
with hardware, software and support to get anything connected within the IoT. IoT
applications span a wide range of domains some of them are:

 Home Automation
 Smart Cities
 Smart Parking
 Medical
 Manufacturing
 Smart Agriculture
 Surveillance Cameras
 Wearable Electronics
 Environment
 Automobiles

With IoT board one can upload data to the cloud. It has features like Ethernet, wifi etc. There
are number of IoT boards such as Intel Galileo, Raspberry Pi etc.

1
FEATURES OF IOT BOARD

 A 32 bit microcontroller board based on Intel quark SOCX1000 application processor.

 It has memory of 256 MB.
 It has 14 input/output digital pins.
 It has 6 analog pins
 It works on Linux Operating System and is compatible with Arduino IDE (Integrated
Development Environment).
 It supports Ethernet, USB device connectors and optional SD card.

1.2 Purpose

In today’s world most of the communication is done using electronic media. Data
Security plays a vital role in such communication. IoT has become more popular, therefore
there is need to protect the data from malicious attacks. IoT Security involves securing the
data and uploading the data to cloud. Using AES-128 (Advanced Encryption Algorithm)
algorithm we encrypt the data.

Figure 1: Block Diagram of IoT Security

2
 CHAPTER 2 –CRYPTOGRAPHY
2.1 Definitions
 Cryptography
It is the science of secret codes, enabling the confidentiality of
communication through an insecure channel. It uses cryptographic
system to transform a plaintext into a ciphertext, using most of the time
a key. It has Encryption and Decryption algorithms to do so.
 Ciphertext
This is the scrambled message produced as output. It depends on the
plaintext and the secret key. For a given message, two different keys
will produce two different ciphertexts.
 Encryption
Encryption is the process of converting data, in plain text format into a
meaningless cipher text by means of suitable algorithm. The algorithm
takes secret key and plain text as input and produces cipher text.
 Decryption
Decryption is the converting meaningless cipher text into the original
information using decryption algorithms. The decryption algorithm is
inverse of encryption algorithm. This takes key and cipher text as input
and produces original plain text.
 Plain text
This is the original intelligible message or data that is fed into the
algorithm as input.
 Encryption algorithm
The encryption algorithm performs various substitutions and
transformations on the plaintext.
 Decryption algorithm
This is essentially the encryption algorithm run in reverse. It takes the
ciphertext and the secret key and produces the original plaintext.
 Secret key
The secret key is also input to the encryption algorithm. The key is a
value independent of the plaintext and of the algorithm. The algorithm
will produce a different output depending on the specific key being
used at the time.
 Symmetric Key
Symmetric cryptography uses the same secret key to encrypt and
decrypt the data. It requires that the secret key be known by the party
encrypting the data and the party decrypting the data.

3
There are two requirements for secure use of conventional encryption:

1. We need a strong encryption algorithm. At a minimum, we would like the algorithm

to be such that an opponent who knows the algorithm and has access to one or more
ciphertexts would be unable to decipher the ciphertext or figure out the key.
2. Sender and receiver must have obtained copies of the secret key in a secure fashion
and must keep the key secure. If someone can discover the key and knows the
algorithm, all communication using the key is readable.

4
 CHAPTER 3 –ADVANCED ENCRYPTION STANDARD

3.1 Overview
Advanced Encryption Standard (AES) is a symmetric key cryptography and it is an
iterated block cipher with a fixed block size of 128 bit and a variable key length i.e. it may be
128, 192 or 256 bits. The different transformations operate on the intermediate results, called
state. The state is a rectangular array of bytes and since the block size is 128 bits, which is 16
bytes, the rectangular array is of dimensions 4x4.AES uses a variable number of rounds,
which are fixed: A key of size 128 has 10 rounds. A key of size 192 has 12 rounds. A key of
size 256 has 14 rounds. An algorithm starts with a random number, in which the key and data
encrypted with it are scrambled through four mathematical operation processes. The key that
is used to encrypt the number must also be used to decrypt it. For encryption, each round has
four operations:

1. Sub Bytes
2. Shift Rows
3. Mix Columns
4. Add Round Key

For decryption it use inverse of this function:

1. Inverse S-Box
2. Inverse Shift rows
3. Inverse Mix column
4. Inverse Add round key

3.2 Overall Process of AES Algorithm

1. AES doesn’t use a Fiestal structure but processes the entire data block as a single
matrix during each round using substitutions and permutations.
2. The key that is provided as input is expanded into array of forty-four 32-bit words,
four distinct words (128 bits) serve as a round key for each round.
3. Four different stages are used, one of permutation and three of substitution:
 Substitute bytes: Uses an S-box to perform a byte-by-byte substitution of the
block.
 Shift Rows: A simple permutation that is performed row by row.
 Mix Columns: A substitution that alters each byte in a column as a function of
all bytes in the column.
 Add Round Key: A simple bitwise XOR of the current block with a portion of
the expanded key
4. The structure is quite simple. For both encryption and decryption, the cipher begins
with an Add Round Key stage, followed by nine rounds that each includes all four
stages, followed by a tenth round of three stages.
5
5. Only the Add Round Key stage makes use of the key. For this reason, the cipher
begins and ends with an Add Round Key stage. Any other stage, applied at the
beginning or end, is reversible without knowledge of the key and so would add no
security.
6. The Add Round Key stage by itself would not be formidable. The other three stages
together by themselves would provide no security because they do not use the key.
We can view the cipher as alternating operations of XOR encryption (Add Round
Key) of a block followed by scrambling of the block and followed by XOR
encryption. This scheme is both efficient and highly secure.
7. Each stage is easy reversible. For the Substitute byte, Shift Rows and mix Columns
stages, an inverse function is used in the decryption algorithm. For the Add Round
Key stage, the inverse is achieved by XORing the same round key to the block.
8. The decryption algorithm makes use of expanded key in reverse order. However, the
decryption algorithm is not identical to the encryption algorithm.
9. Once it is established that all four stages are reversible, it is easy to verify that
decryption does recover the plain text.
10. The final round of both encryption and decryption consists of only three stages. Mix
Column stage is not included.

Figure 2: AES Structure

6
Substitute Byte or S-box

Each element in the plain text data is replaced by another element present in the S-
box. S-box is a 16x16 matrix with each element of 8 bits. Each element is a hexadecimal
number. Each element in the plain text is replaced by an element in the S-box in such a way
that the first 4 bits refer to the row and the next four bits refer to the column.

Figure 3: S-box Representation

Shift Rows

The input to this step is the output of Substitute byte step. This step applies to the
rows of the matrix. The first row remains unchanged. The second row gets left shifted by l
cyclically. The third row gets left shifted by 2 cyclically and the fourth row gets left shifted
by 3 cyclically.

Figure 4: Shift Rows

7
Mix Columns

The input to this step is a 4x4 row shifted matrix. This is an important step. It
involves matrix multiplication with a polynomial GF (2 x + + x + x + l). Using
this polynomial we can have a matrix c(x) which is a 4x4 matrix of 8 bits elements. The
matrix c(x) usually used is shown in Fig.

Figure 5: c(x) matrix

Multiplication by OxOl makes no difference in the value. Thus, the value would
remain the same. Multiplication by OxO2 means shifting the data towards left by l bit. If the
original data (data before shift) had a high bit at MSB (Most Significant Bit) then the shifted
data needs to be XORed with Oxlb. Multiplication by OxO3 means shifting the data towards
left by l bit and having a XOR with the original data i.e. the data before shifting. If the
original data (data before shift) had a high bit at MSB (Most Significant Bit) then the shifted
data needs to be XORed with Oxlb.

Example - data Ox87. After multiplication by OxO3, the value would be Ox92.

Ox87 lOOO Olll. After left shift by l bit and XOR with Ox87 we have Ox89. (lOOO Olll
XOR OOOO lllO lOOO lOOl)

Since the MSB in original data Ox87 is high, we need to XOR it with Oxlb. Thus, the result
is Ox92 (lOOO lOOl XOR OOOl lOll).

Add Round Key

This is the final step involved in the algorithm. The input to this step is the Mix
Column matrix. There are keys derived for each round from the original key. Having a XOR
operation of Mix Column matrix with keys generated for corresponding round gives the
output for the current round. The output of this round would be an input to the next round.
The output of this step after 1O rounds provides the encrypted data. The key for each round is
derived from the original key using Rijndael’s key schedule.Mix Column step is skipped for
the 10th round.

8
3.3 INVERSE AES-128 ALGORITHM

The input to the inverse algorithm is the encrypted data and the output is plain text or original
data. The inverse AES-128 algorithm involves the following steps -

Inverse Substitute bytes or Inverse S-box

It works the same as that of Substitute bytes but instead has an inverse S-Box. This
step provides an output 4x4 matrix with each element of 8 bits. The inverse S-box usually
used is shown in Fig. 6.

Figure 6: Inverse S-box

Inverse Shift Rows:

This step applies to rows. The first row is kept the same. The second row is shifted
towards 1 by right cyclically. The third row is shifted rightwards by 2 cyclically. The fourth
row is cyclically right shifted by 3.

Inverse Mix Columns:

The step is similar to Mix Column changes and is shown in Fig. 7.

Figure 7: Inverse Mix Column

Multiplication by OxO9-

This can be done by splitting O9 as 2*4 +1. So it is multiplication by 2 four times and XOR
with the original data.

Multiplication by OxOb-

This can be done by splitting Ob as 2*5 +1. It would be multiplication by 2 five times. The
result is XORed with original data.

9
Multiplication by OxOd-

We split Od as 2*6 +1. A XOR of original data multiplied by 2 six times with the original
gives the result.

Multiplication by OxOe-

We split Oe as 2*7. The result would be a XOR of original data multiplied by 2 seven times.

Inverse Add Round Key

Inverse keys are generated for each round using the original key. A XOR of keys for
the corresponding round with the inverse mix column matrix gives an output. This output is
an input to the next round.

10
 CHAPTER 4 –APPLICATIONS
4.1 Bird Hit Probability

Using a camera we capture the images of the birds. Using image processing we locate
the birds position in space. The location includes x, y and z co-ordinates. This x, y and z co-
ordinates is the main data. This acts as plain text. Using the AES-128 algorithm we encrypt
the data and upload it to the cloud.

Figure 8: Uploading encrypted data to Cloud

At the other end, data is retrieved and original data is obtained back using the AES-128
decryption algorithm, as shown in Fig. 9.

Figure 9: Data retrieval from Cloud using inverse AES

During the travel of airplanes, birds flying in the air may collide with the airplane leading to
damages. It may not only hurt the bird but also makes the flight unstable risking the lives of
the travelers. We can avoid this by employing Bird Hit Probability. The decrypted data can
be used by the pilot to deviate the plane slightly depending on the position of the bird.

Figure 10: Image when bird is detected

4.2 Limitations

In Bird Hit Probability, since the movement of birds is not stationary, capturing the image,
processing it, encrypting it and uploading it to the cloud would consume time.

11
 CHAPTER 5 – CONCLUSION
5.1 Conclusion

 The data encryption and decryption is done for 128 bits.

 To make the data more secure, we can use AES-192 or AES- 256 bits.

5.2 Future scope of improvement

As a part of future scope, we can make the IoT board, a black box which would receive the
plain text as input and gives encrypted output which can be used for many IoT Applications.
By making this, even common men can secure the data.

12
REFERENCES

13