In the era of the heterogeneous IoT environment around us, where data transmission continues to happen every second, protecting these data is a daunting task; however, with proper cryptography, these security challenges can be alleviated. Cryptography algorithms are commonly used in applications where security is critical, such as bank services, military services, ATM cards, computer passwords, online money transactions, and e-commerce; they are also used in wireless devices [toubal2020fpga]. AES crypto-algorithm is the most commonly accepted and used crypto-algorithm for providing security to IoT devices [arab2019image]. It is the most appropriate lightweight crypto primitives that help IoT devices to transfer images securely over the present heterogeneous IoT environment [dhanda2020lightweight]. On the Virtex-6 FPGA board, the AES algorithm for image encryption is implemented using Xilinx System Generator (XSG) inbuilt boxes [arshad2014fpga]. Since multimedia applications affect many facets of our lives, a hardware implementation of AES-based real-time video encryption is presented [kotel2014fpga], where the video encryption is tested and shown on a DVI monitor. In crypto-module hardware implementations, side-channel attacks are a significant concern. Therefore, in , the security of the AES algorithm has been improved by obfuscating the specification, which was then used in the hardware-software co-design of the AES-128 for image processing applications. Modified AES is implemented on FPGA for medical image encryption and decryption [hafsa2021fpga]. The implementation is also compared with the recent image cryptosystems, and it is claimed that their performance is more robust and efficient. Recently, a new concept of building security primitives from solar cells and sensors is also reported in , which also could be integrated with crypto-algorithms to enhance the data protection in Cyber-Physical Systems. Previously, we proposed Hardware Software Co-Simulation of AES-128 based data encryption using Xilinx ISE 14.2 and Matlab 2011a on spartan-6 FPGA board for both Grey and Colored images [degada2020integrated].
The significant contributions of this article are summarized as follows:
Hardware-Software Co-Design framework of AES-128 bit algorithm is presented. The AES algorithm is first written in VHDL and then implemented using XSG (integration of Xilinx Vivado 2016.2 and MATLAB 2015b blocks) on Zedboard (XC7Z0201CLG484C) and Kintex-Ultra scale KCU105 evaluation platform.
The proposed framework is implemented for two modes of AES crypto-algorithm, i.e., ECB and CTR. Further, to implement these two modes, loop unrolled, and FSM-based optimization architectures are used.
Co-design framework has been analyzed using resource utilization summary and throughput. Further, these results are compared to other state-of-the-art existing works. It is observed that the proposed CTR mode AES-128 gives significant improvement with fewer resource utilization and better efficiency.
Security analysis is done for lung cancer CT scan images through Histogram, correlation, Information Entropy, Key Sensitivity Test and Differential Attack analysis. It shows that the proposed Co-design implementation is resistant to statistical and differential attacks.
Ii Implementation of Aes-128 Bit Algorithm Using Xsg
This work implements a hardware-software co-design for secure image processing by exploring different modes and architectures of the AES-128 crypto-algorithm. Implementation of AES-128 algorithm is done for two modes i.e. ECB and CTR mode. To optimize the whole design loop unrolled and FSM based architectures are implemented for each mode of AES-128. Algorithms are optimized for gaining higher security with lesser resource utilization and better efficiency. Proposed platform design is emulated on Zedboard (XC7Z0201CLG484C) and Kintex-Ultra scale KCU105 evaluation platform.
AES-128 algorithm is implemented first at the RTL level using VHDL. Hardware-Software co-simulation is performed for grey images. To execute the co-simulation of the AES-128 crypto-module, the first Simulink model is built and then it is integrated with the XSG, Xilinx Vivado 2016.2, and MATLAB 2015b. The experiment is performed on a HOST PC having the following specifications: Intel corei7 processor, 64-bit operating system, and 16 GB RAM.
Ii-a Hardware Co-Simulation of AES-128 bit algorithm for Grey Images:
The co-simulation model for the grey image of size pixels for Zedboard (XC7Z0201CLG484C) FPGA board using XSG is shown in Figure 2. In this Simulink model, Zedboardhwcosim is the netlist generated for the FPGA board. A black box named Bit conversion having a VHDL code of converting the 8-bit output of gateway into 128 bit, as we need 128-bit block length and key length for the AES algorithm. The encryption black box having the VHDL coding of AES encryption gives the outcome as an encrypted image. The Decryption black box having the VHDL coding of AES decryption gives the result as a decrypted image shown on the video viewer block.
Iii Results and Analysis
Results are analyzed in the following ways: A) VHDL implementation of AES-128 with ECB and CTR mode of operation using loop unrolled and FSM architecture on Zedboard and Kintex-Ultra scale KCU105 Evaluation Platform. Implementation results are compared with similar existing work in terms of area, power, and throughput. B) Successfully encrypted and decrypted grey and colored images and examined the statistical and differential attacks.
Iii-a Resource Utilization and Throughput
Table I shows the implemented architectures’ resource utilization summary for AES-128 with ECB and CTR mode of operation implemented on Zedboard and Kintex ultra-scale platform. The table shows that AES-FSM and AES-CTR architecture utilize optimum LUTs and FFs within 20% of the available resources compared to loop unrolled AES. Throughput (T) is calculated as follows for the implemented AES-128.
The maximum frequency for AES-ECB loop unrolled, FSM, and AES CTR is 119.35MHz, 211.8MHz, and 175.35MHz for ZedBoard FPGA. The corresponding throughput for all the architecture is 1.91Gbps, 3.39Gbps, and 2.04Gbps, respectively, as shown in Table II.In contrast, the maximum frequency comes out to be AES-ECB loop unrolled, FSM, and AES CTR are 345MHz, 245.62MHz, and 222.22MHz for Kintex Ultrascale, respectively. And the corresponding throughput for all the architecture is 5.52Gbps, 2.35Gbps, and 2.58Gbps, respectively.It can also be seen from the table that FSM based architecture of ECB mode is taking only 4058 LUTs and 0.248 W power consumption, which is much lower than the area reported by ,[soliman2016efficient],[bentoutou2020improved]. Similarly, throughput and efficiency is improved significantly with respect to the work reported by  and [bentoutou2020improved], where as in [soliman2016efficient] it is not reported. From the table, we can conclude that AES-ECB FSM architecture exhibits high throughput with minimum resource utilization. But, AES-ECB mode is not suitable for encrypting the image data in high-security applications; therefore, we prefer AES-CTR with optimized pipeline architecture.
|ZedBoard (XC7Z0201CLG484C)||Kintex Ultrascale KCU105 Evaluation Platform|
|Resources||Available||Utilization (%)||Utilization (%)||Utilization (%)||Available||Utilization (%)||Utilization (%)||Utilization (%)|
|Reference||Device||Area (LUTs)||Power (W)||Throughput (Gbps)||Efficiency (Mbps)|
|Loop Unrolled ECB||ZedBoard||16681||1.058||1.91||0.12|
|Loop Unrolled ECB||Kintex Ultrascale||16795||1.214||5.52||0.33|
|FSM ECB||Kintex Ultrascale||4058||0.493||2.35||0.58|
|AES CTR||Kintex Ultrascale||8160||3.876||2.58||0.31|
Iii-B Experimental Results for Grey Images
The mentioned design is an integral part of the XSG based design. Figure 3 shows the encryption and decryption for a grey image by performing the hardware-software co-simulation using XSG. In this image, it can be seen clearly that the encrypted image has patches which means that the encrypted image has the content of the original image. These results are produced with the AES-128 implementation of ECB mode. CTR mode promises several advantages over the ECB mode type of implementation [kane2020security] and it is preferred in high security applications. We also have implemented AES-128 CTR mode and found better results . AES-128 CTR mode is applied to the case study of biomedical images, which is discussed in the next section.
Iv CASE STUDY: HARDWARE SOFTWARE CO-SIMULATION FOR BIOMEDICAL IMAGES (CT Scan Image of Lung Cancer)
For transferring the secure images through medical edge devices in the IoT environment, the above described Hardware-Software co-design is implemented. For this, the authors have chosen CT scan images of lung cancer [dataset], to demonstrate the implemented design results. The following subsections present the co-simulation results and security analysis in terms of the histogram, correlation, and Information Entropy analysis of the CT scan image for secure image processing purposes.
For performing the secure Hardware Software Co-simulation of Lung Cancer Image, the same model is used as shown in Figure 2. Figure 4 (a) shows the original, encrypted image using ECB & CTR mode of operation and decrypted images after performing the hardware-software co-simulation using XSG. From the figure, we can conclude that the ability to perform encryption using ECB is very poor, therefore, unpreferable. On the other hand, AES-CTR encryption results are very good for biomedical images.
Iv-a Security Analysis for the Results of Lung Cancer CT Scan Image:
This section highlights the security analysis done for the Lung Cancer CT Scan image regarding statistical attacks and key sensitivity analysis.
Iv-A1 Histogram Analysis
The histogram represents the frequency of occurrence of all gray levels in the image. It describes the distribution of individual pixel values in an image. The histogram analysis of the Lung cancer image, encrypted image using ECB mode, and CTR mode of operation in AES, and the decrypted image is shown in Figure 4 (b). It can be seen that a histogram of the encrypted medical image using AES-CTR is uniform and flat enough to resist statistical attacks (some noise like image data). Therefore, it does not leak any information about the input image.
Iv-A2 Correlation Coefficient Analysis
In the input image data, there is a strong correlation between adjacent pixels. The correlation distribution of two adjacent pixels in the input image and the encrypted images using both modes of operation is depicted in Figure 4(c). The figure shows that neighboring pixels in the input image are overly correlated, while neighboring pixels in the encrypted image do not correlate. Correlation coefficient results are shown in Table III. It can be seen from the figure and table that the AES-CTR algorithm is not leaking any information about the relationship between the input image and encrypted image, and there is no chance for statistical analysis on medical image processing.
Iv-A3 Information Entropy Analysis
Information entropy analysis demonstrates the randomness of an information source. It is defined to express the degree of uncertainties in the system. The entropy H(x) of a message source x can be calculated as:
The encrypted image’s entropy with 256 (0-255) grey levels should preferably be 8 for a stable cryptosystem. From Table III, we can see that it is 7.6781 for AES-ECB encrypted image and 7.99645 (approximately equal to 8) for AES-CTR encrypted image, which indicates that our AES-CTR system making arduous for attackers to predict pixel values. It is stable enough against entropy attacks.
Iv-A4 Exhaustive Key Search
The AES algorithm’s keyspace is , where k is the number of bits used for the key. We used AES with a 128-bit key size, which means the keyspace is large enough to withstand any brute-force attack. An intruder will have to perform the exhaustive key search , or times, which is virtually impossible to succeed.
Iv-A5 Key Sensitivity Test
The key sensitivity analysis guarantees the cryptographic algorithm’s protection. When it comes to key changes, a good crypto algorithm should be extremely sensitive. The CT scan image is encrypted with three different keys to verify this encryption process, i.e., the right key, the same key with a 1-bit difference, and the discrepancy between these two keys. The outcome of using these three different keys, the ciphered images, are presented in Figure 5(b), (c), (d). The decrypted images obtained by applying the right key and 1-bit modified key are shown in Figures 5(e) and 5(f). We can see from these images that the modified key prevents retrieval of the clear image. We have also analyzed the resistance measure of differential attacks by calculating the Number of Pixel Change Rate (NPCR) and Unified Average Changing Intensity (UACI). The NPCR and UACI score obtained to gauge the sensitivity to change in key and their effect in encrypted images are 99.45% (0.9945) and 33.274% (0.33274), respectively. Therefore it can be concluded that the implemented design is highly sensitive to key changes.
In this article, Hardware-Software Co-Simulation of AES-128 crypto-module is performed using XSG. AES-128 crypto-module is designed using two optimization architectures, i.e., loop unrolled architecture and FSM-based architecture with two modes: ECB and CTR. It is found that FSM-based architecture for CTR mode gives better performance with high throughput than similar existing implementations. The same approach is also applied to biomedical lung cancer image applications. Security analysis is also performed in terms of the histogram, Correlation coefficient, Information Entropy, and keyspace analysis. Differential attack analysis using key sensitivity test and NPCR & UACI scores is also performed to prove the robustness of our work.
About the Authors
Kusum Lata is an Associate Professor with the Department of ECE, The LNMIIT, Jaipur, INDIA. Contact her at email@example.com.
Surbhi Chhabra is currently pursuing her Ph.D. in ECE, The LNMIIT, Jaipur, INDIA. Contact her at firstname.lastname@example.org.
Sandeep Saini is an Assistant Professor with the Department of ECE, The LNMIIT, Jaipur, INDIA. Contact him at email@example.com.