Analysis of Lightweight Cryptographic Algorithms on IoT Hardware Platforms

Highly constrained devices that are interconnected and interact to complete a task are being used in a diverse range of new fields. The Internet of Things (IoT), cyber-physical systems, distributed control systems, vehicular systems, wireless sensor networks, tele-medicine, and smart grid are a few examples of these fields. In any of these contexts, security and privacy might be essential aspects. Research on secure communication in Internet of Things (IoT) networks is a highly contested topic. One method for ensuring secure data transmission is cryptography. Since IoT devices have limited resources, such as power, memory, and batteries, IoT networks have boosted the term “lightweight cryptography”. Algorithms for lightweight cryptography are designed to efficiently protect data while using minimal resources. In this research work, we evaluate and benchmark lightweight symmetric ciphers for resource-constrained devices. The evaluation is performed using two widely used platform: Arduino and Raspberry PI. In the first part, we implement 39 block ciphers on an ATMEGA328p micro-controller and analyze them in terms of speed, cost, and energy efficiency during encryption and decryption for different block and key sizes. In the second part, the 2nd round NIST candidates (80 stream and block cipher algorithms) were added to the first part ciphers in a comprehensive analysis for equivalent block and key sizes in terms of latency and energy efficiency.


I. INTRODUCTION
The Internet of Things (IoT) security is a strongly contested research topic. IoT is a type of network paradigm that uses sensor and Internet technology to transform everyday items into smart devices [1]. Such devices give people the ability to be connected any time, any where, using any connectivity to benefit from wide spectrum of services [2]. So digitization is not an option anymore, where it is involved in our daily life activities including smart homes, smart cities, wearables, e-health, etc [3]. The IoT end-devices are often operating in vulnerable environments, which leads to several security challenges that should be taken into consideration [4]. To overcome such challenges, various researchers have developed different cryptographic algorithms that can be used to secure IoT applications in order to ensure data protection and data privacy. But traditional cryptographic algorithms are not suitable to be implemented in the resource-constrained devices used in such application. The concept Lightweight Cryptographic (LWC) schemes arose to reflect the need of cryptographic algorithms that provide security with the use of efficient amount of resources [5]. This resource usage is determined by the key size, the number of rounds, the block size, the memory usage (ROM and RAM), the structure, and execution time. The objective of lightweight algorithms creation is to strike a balance in several aspects such as performance, low resource demand, and cryptographic algorithm strength and stability [6]. Various LWC algorithms (stream or block ciphers, hash functions) such as TWINE, PRESENT, SIMON and SPECK, QARMA were proposed as alternatives to traditional cryptographic algorithms (e.g., AES, RSA, SHA3). In spite of the increasing demand in this research area, few research works presented the benchmarking and comparison of well-known LWC algorithms between different hardware platforms of constrained devices. Moreover, no article had presented yet involved software implementation with analysis and comparison of any lightweight cryptography on Raspberry-Pi compared to others. The objective of this research work is to provide a comprehensive benchmarking of well-known lightweight cryptographic algorithms. These benchmarking results are obtained through a software implementation of the selected algorithms, implemented on the micro-controller ATMEGA328P-Arduino (UNO) and the Raspberry PI. To the best of our knowledge and based on the literature review, this work is considered the first to evaluate the performances of lightweight cryptographic schemes; 119 different schemes were evaluated. The rest of this paper is structured as follows: section II provides a literature review about the work done related to the implementation of LWC using different hardware platforms. Section III details the software and hardware setup done, the measuring metrics used, and the methodology applied to evaluate the communication and computation cost of implementing such schemes. Section IV presents the results of the experimentation, and section V analyzes and discusses the results achieved. Finally, section VI concludes the paper.

II. BACKGROUND
Research and development of lightweight cryptography for use on resource-constrained IoT devices have advanced quickly over the past decade. The main goal is to create and use simple cryptographic algorithms that may be applied to such applications while providing the appropriate levels of security. With a focus on LED [7], Piccolo [8], and PRESENT [9], authors in [10] investigated various software implementations of lightweight ciphers for x86 processors. First, they examined a table-based implementations and then offered a theoretical model to forecast how different potential trade-offs will behave in relation to the processor cache delay profile. The authors in [11] studied the lightweight properties of HIGHT block cipher and offer the optimized implementations of both software and hardware for IoT platforms, such as resource-constrained devices (8-bit AVR and 32-bit ARM Cortex-M3) and Application-Specific Integrated Circuits. The authors in [12] implemented six ciphers -AES, SI-MON, SPECK, PRESENT, LED, and TWINE in hardware with Register Transfer Level (RTL) design [13] and in software with a specially designed re-configurable processor. They presented a direct comparison of area, throughput, power, energy, and throughput-to-area (TP/A) ratio. Both hardware and software versions were implemented in identical Xilinx Kintex-7 FPGAs. SIMON is a lightweight block cipher designed for hardware implementation. Implementing, optimizing, and modeling SIMON cipher design for resource-constrained devices with a focus on energy and power were the goals of the research done by authors in [14]. Scalar and pipelines design implementations FPGA technology were the two types that were explored in this research [15]. The hardware implementation of the block cipher RECTAN-GLE with various data-paths was the focus of the authors in [16]. They have devised, constructed, and assessed the five most effective RECTANGLE [17] cipher data-paths for various data bus sizes. The same implementation conditions were used for all of these data paths when they were implemented on various FPGA platforms, and the results were compared across all performance metrics. The ideal architecture for an application can be chosen based on the device and desired performance metrics. In [18], the authors used the Artix-7, Spartan-6, and Cyclone-V FPGAs to implement the six NIST LWC Round 2 candidate ciphers (SpoC, GIFT-COFB, COMET-AES, COMET-CHAM, Ascon, and Schwaemm and Esch). Among all the schemes, it was clear that SpoC had the lowest area and power consumption, while Ascon had the highest throughputto-area (TPA) ratio. Authors in [19] implemented KLEIN-80, TWINE-80, Piccolo-80, SPECK (64, 96), and SIMON (64, 96) lightweight block ciphers on the Atmega128 processor in the AVR studio 5.1 simulation environment. The evaluation's findings indicate that the SPECK(64,96) cipher was the most energy-efficient and is suitable for wireless sensor networks. While the implementation of the TWINE-80 was the best appropriate with regard to memory utilization. Almost all cited works were interested in the implementation of specific LWC schemes, while in this work we did a software implementation of almost 119 different schemes and compared their performance using two different hardware  platforms.

A. Algorithms used for Evaluation
Lightweight Cryptography of various structures, key sizes, and block sizes have been chosen. A wide range of differences in key size, block size, and rounds were realized as essential for analysis goals. Because of that, the cited algorithms of C language found with these specifications were reached to 39 different ciphers of 13 families shown in Table I. Furthermore, a package of 80 algorithms of 32 families presented in NIST round 2 competition [20] have been included in an extended study.

B. Compilation
This study was based on C language implementation as low-language to reach an adequate elimination of any software barrier between algorithms implementation and execution. Hence, the study uses MinGW as a container of GNU compiler collection (GCC) and its libraries. It is used in this study in the Linux operating system of the Raspberry Pi platform. Arduino IDE was used for compilation and execution for the Arduino platform.

C. Measuring Concepts and Metrics
Measurement for Lightweight Cryptography study have been gathered depending on related works and other similar research studies that analyzed and compared Lightweight Cryptography ciphers. These measuring concepts and their metrics are summarized in Table II Below is the briefing and the equations used in 1) Arduino IDE is used during the uploading phase of C codes onto Arduino Board to measure: • ROM occupation: by observing "program storage space" where the Arduino sketch is stored. • RAM occupation: by observing the unused space for local variables, then the used space would indicate the "global variable" of dynamic memory that is the SRAM (static random-access memory), which is where the sketch creates and manipulates variables when it runs. 2) Encryption and Decryption speed Throughput are measured in bytes/s in both platforms through programming loops and equation 1.
Ps = is the size of text in ENC or DEC in bits. τ = is the time taken during one ENC or DEC.
3) Key schedule speed Throughput concerning key expansion with and equation 2.
Ks τ (bytes/s) Ks = is the size of text in expansion in bits. Here comes the notion of using cycle per block as a comprehensive measure of comparison between them. 2) Repeating the experiments: For numerous distinctive reasons, it can be decently troublesome to obtain measuring results like time and speed accurately in a single iteration of coding. Frequently, internal clocks that the software or executed program can read, have some degree of asynchronous precision from the core processor clock. More essentially, there is regularly a critical overhead included in such measuring results, such as the cost of context switches and sometimes timing overhead. That is, finding measurement of algorithms in this context should avoid procedure call overhead. One method is to run the Algorithm many times like loops in coding then, averaging the total time to acquire the best indication of overall performance results. Furthermore, the repetition of encryption or decryption process would smooth out random effects like IRQ (Interrupt request) signal due to external activity by adjusting the loop to an experimental number that attained. On that account, the formulas of speed throughput of ENC and DEC followed by Key schedule formulas would be refined as:

4) ENC and DEC speed
Nl = is number of loops.
3) Programming Libraries: We have implemented the needed formulas in one programming library named metrics.h for both platforms. The metrics.h library contains the implementation of Equations: 1', 2', 3, 4, and 5 for exclusive grouping results of the Algorithms in one hand pack. In addition, changing the number of loops would be very easy using such a method for simplicity in work and other tasks.

IV. RESULTS
This section presents the main benchmarking observations. For each metric, the best ten and the worst five performing algorithms are selected in a quick and brief overview. The focus will be on the following measurements:  A Score Table is presented in this section for some measuring metrics. The scores (or cards) are given to each Algorithm in each of the selected measures: ROM, ENC speed (throughput and Latency), and ENC Energy (throughput and Latency). The Algorithm with the least sum of all scores would be considered as the best. For the first list of algorithms presented in TableI, figures 3a and 3b clearly shows that LEA-128-128, OMET-64-CHAM-64-128, and Hight-64-128 are the best in UNO. While Speck-48-72, Speck-64-128, and XTEA-64-128 are the best in PI. Regarding the final list presented in Table??,figures 3c and 3d clearly show that Schwaemm-256-128, GIFT-COFB-128-128, and Schwaemm-128-128 are the best UNO. While Xoodyak-128-128, , and TinyJAMBU-128-32-128 are the best in PI. Nnumber of Algorithms that are below 100% in RR VI. CONCLUSION In conclusion, Lightweight cryptography is a challenging research domain through the last few years. In this work, a set of 119 ciphers had been evaluated and bench-marked using widely used platforms: Arduino and Raspberry PI. LEA-128-128, COMET-64-CHAM-64-128, Hight-64-128, Speck-48-72, Speck-64-128, and XTEA-64-128 were the most promising among the 119 compared Algorithms in power, speed, and ROM measurements. Furthermore, Schwaemm-256-128, GIFT-COFB-128-128, Schwaemm-128-128, Xoodyak-128-128, , and TinyJAMBU-128-32-128 are the best performing ciphers among the NIST Finalists [20].