Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios

A Comprehensive Survey on the Implementations, Attacks, and Countermeasures of the Current NIST Lightweight Cryptography Standard

This survey is the first work on the current standard for lightweight cryptography, standardized in 2023. Lightweight cryptography plays a vital role in securing resource-constrained embedded systems such as deeply-embedded systems (implantable and wearable medical devices, smart fabrics, smart homes, and the like), radio frequency identification (RFID) tags, sensor networks, and privacy-constrained usage models. National Institute of Standards and Technology (NIST) initiated a standardization process for lightweight cryptography and after a relatively-long multi-year effort, eventually, in Feb. 2023, the competition ended with ASCON as the winner. This lightweight cryptographic standard will be used in deeply-embedded architectures to provide security through confidentiality and integrity/authentication (the dual of the legacy AES-GCM block cipher which is the NIST standard for symmetric key cryptography). ASCON's lightweight design utilizes a 320-bit permutation which is bit-sliced into five 64-bit register words, providing 128-bit level security. This work summarizes the different implementations of ASCON on field-programmable gate array (FPGA) and ASIC hardware platforms on the basis of area, power, throughput, energy, and efficiency overheads. The presented work also reviews various differential and side-channel analysis attacks (SCAs) performed across variants of ASCON cipher suite in terms of algebraic, cube/cube-like, forgery, fault injection, and power analysis attacks as well as the countermeasures for these attacks. We also provide our insights and visions throughout this survey to provide new future directions in different domains. This survey is the first one in its kind and a step forward towards scrutinizing the advantages and future directions of the NIST lightweight cryptography standard introduced in 2023

Robust Color Image Encryption Scheme Based on RSA via DCT by Using an Advanced Logic Design Approach

تتزايد أهمية أمن المعلومات في تخزين البيانات ونقلها. من جانب اخر يتم استخدام الصور في العديد من الإجراءات. لذلك ، يعد منع الوصول غير المصرح به إلى بيانات الصورة أمرًا بالغ الأهمية من خلال تشفير الصور لاجل حماية البيانات الحساسة او الخصوصية. تتنوع طرق وخوارزميات إخفاء الصور أو تشفيرها من طرق المجال المكاني البسيطة إلى طرق مجال التردد والذي يعتبر الأكثر تعقيدًا وموثوقية. في هذا البحث ، نقترح نظام تشفير جديد يعتمد على منهجية تهجين مولد المفتاح العشوائي من خلال الاستفادة من خصائص DCT لتوليد مجموعة غير محددة من المفاتيح العشوائية والاستفادة من معاملات المنطقة منخفضة التردد بعد مرحلة DCT لتمريرها إلى نظام فرعي يتكون من مجموعة RLG للحصول على المفاتيح السرية التي يتم تمريرها إلى RSA لتنتهي بتشفير الصورة. تشير النتائج إلى أن الطريقة المقترحة لها القدرة على تولد مجموعة كبيرة جدًا من المفاتيح السرية شديدة التعقيد والآمنة التي يمكن استخدامها لاحقًا في مرحلة التشفير. علاوة على ذلك ، سيتغير عدد وتعقيد تلك المفاتيح في كل مرة يتم فيها تغيير الصورة، وهذا يمثل مساهمة الطريقة المقترحة. ولم نلاحظ اي ضياع للوقت أثناء عمليات التشفير وفك التشفير لاستخدامنا RLG ، مما يدل على أن النظام المقترح قام بعمل جيد في صنع مفاتيح مختلفة من نفس الصورة. ويختلف في قوة المفتاح من صورة إلى أخرى حسب طبيعة الصورة الملونة.Information security in data storage and transmission is increasingly important. On the other hand, images are used in many procedures. Therefore, preventing unauthorized access to image data is crucial by encrypting images to protect sensitive data or privacy. The methods and algorithms for masking or encoding images vary from simple spatial-domain methods to frequency-domain methods, which are the most complex and reliable. In this paper, a new cryptographic system based on the random key generator hybridization methodology by taking advantage of the properties of Discrete Cosine Transform (DCT) to generate an indefinite set of random keys and taking advantage of the low-frequency region coefficients after the DCT stage to pass them to a subsystem consisting of an Reversible Logic Gate (RLG) group to obtain the secret keys that are passed to Rivest Shamir Adleman (RSA) to finish encrypting the image. The results indicate that the proposed method has the ability to generate a very large set of highly complex and secure secret keys that can be used later in the encryption stage. Moreover, the number and complexity of those keys will change each time the image is changed, and this represents the contribution of the proposed method. They experienced no time loss throughout the encryption and decryption processes when using RLG, which indicates that the proposed system did a good job in making different keys from the same image. And it differs in the strength of the key from one image to another, depending on the nature of the color imge

PRISEC: Comparison of Symmetric Key Algorithms for IoT Devices

With the growing number of heterogeneous resource-constrained devices connected to the Internet, it becomes increasingly challenging to secure the privacy and protection of data. Strong but efficient cryptography solutions must be employed to deal with this problem, along with methods to standardize secure communications between these devices. The PRISEC module of the UbiPri middleware has this goal. In this work, we present the performance of the AES (Advanced Encryption Standard), RC6 (Rivest Cipher 6), Twofish, SPECK128, LEA, and ChaCha20-Poly1305 algorithms in Internet of Things (IoT) devices, measuring their execution times, throughput, and power consumption, with the main goal of determining which symmetric key ciphers are best to be applied in PRISEC. We verify that ChaCha20-Poly1305 is a very good option for resource constrained devices, along with the lightweight block ciphers SPECK128 and LEA.info:eu-repo/semantics/publishedVersio

Electromagnetic Side-Channel Resilience against Lightweight Cryptography

Side-channel attacks are an unpredictable risk factor in cryptography. Therefore, observations of leakages through physical parameters, i.e., power and electromagnetic (EM) radiation, etc., of digital devices are essential to minimise vulnerabilities associated with cryptographic functions. Compared to costs in the past, performing side-channel attacks using inexpensive test equipment is becoming a reality. Internet-of-Things (IoT) devices are resource-constrained, and lightweight cryptography is a novel approach in progress towards IoT security. Thus, it would provide sufficient data and privacy protection in such a constrained ecosystem. Therefore, cryptanalysis of physical leakages regarding these emerging ciphers is crucial. EM side-channel attacks seem to cause a significant impact on digital forensics nowadays. Within existing literature, power analysis seems to have considerable attention in research whereas other phenomena, such as EM, should continue to be appropriately evaluated in playing a role in forensic analysis.The emphasis of this thesis is on lightweight cryptanalysis. The preliminary investigations showed no Correlation EManalysis (CEMA) of PRESENT lightweight algorithm. The PRESENT is a block cipher that promises to be adequate for IoT devices, and is expected to be used commercially in the future. In an effort to fill in this research gap, this work examines the capabilities of a correlation EM side-channel attack against the PRESENT. For that, Substitution box (S-box) of the PRESENT was targeted for its 1st round with the use of a minimum number of EM waveforms compared to other work in literature, which was 256. The attack indicates the possibility of retrieving 8 bytes of the secret key out of 10 bytes. The experimental process started from a Simple EMA (SEMA) and gradually enhanced up to a CEMA. The thesis presents the methodology of the attack modelling and the observations followed by a critical analysis. Also, a technical review of the IoT technology and a comprehensive literature review on lightweight cryptology are included

Bitstream Modification of Trivium

In this paper we present a bitstream modification attack on the Trivium cipher, an international standard under ISO/IEC 29192-3. By changing the content of three LUTs in the bitstream, we reduce the non-linear state updating function of Trivium to a linear one. This makes it possible to recover the key from 288 keystream bits using at most $2^{19.41}$ operations. We also propose a countermeasure against bitstream modification attacks which obfuscates the bitstream using dummy and camouflaged LUTs which look legitimate to the attacker. We present an algorithm for injecting dummy LUTs directly into the bitstream without causing any performance or power penalty