Light-Weight Present Block Cipher Model for IoT Security on FPGA

The Internet of Things (IoT) plays an essential role in connecting a small number of billion devices with people for diverse applications. The security and privacy with authentication are challenging work for IoT devices. A lightweight block cipher is designed and modeled with IoT security for real-time scenarios to overcome the above challenges. The light-weight PRESENT module with the integration of encryption (E)-decryption (D) is modeled and implemented on FPGA. The PRESENT module has 64-bit data input with 80/128/256-bit symmetric keys for IoT security. The PRESENT module performs16/32/64 round operations for state register and key updation. The design mainly uses Substitution-permutation (SP) network for state updation. The permutation layer is used to create more diffusion and confusion in the state for unauthorized access. The results and analysis of the PRESENT-80/128/256 are designed using VerilogHDL with Xilinx Environment and implemented on Artix-7 FPGA. The PRESENT-80/128/256 module is compared with similar recent works with performance improvements. Similarly, the proposed work is compared with different light-weight algorithms with improvements for better security in IoT devices. The proposed PRESENT-256 module with 64-rounds on Artix-7 FPGA utilizes less than 2% Chip area (Slices and LUTs), works at 412.4 MHz frequency, and consumes 192 mW total power and 0.58 Mbps/slice of hardware efficiency.


Introduction
The IoT is used to connect social networks, allowing devices and people to interact with information sharing. At present, around 8.4 billion devices are interconnected globally, and by 2022 it is expected to be around 20 billion. The usage of IoT applications is increasing day by day, and people are making use of them effectively worldwide. The IoT is one of the futures markets to expand the digital economy to the next level [1]. The IoT industry expects economic growth in terms of revenue from billions in 2018 to trillions by 2024. There is a considerable difference and tremendous changes in past, present, and future IoT architectures. The past IoT architecture contains many devices and is connected individually to the cloud system. The cloud system provides data processing, storage, and other interconnection services to the devices individually. The present IoT architecture has different device groups, and all are connected Motivation: The security incorporation for IoT-based devices is essential to secure the received data information with privacy. Incorporating security and privacy features in IoT-based devices is challenging for several reasons [16]. Firstly, the IoT device's processor is limited and can't perform multiple tasks   Sensing layer Side-channel attacks, eavesdropping booting vulnerabilities, false data injections, node capture attacks, sleep deprivation attacks, code injection attacks Network layer Common attacks, data transmit attacks, dos/ddos attacks, routing, access attacks, unlawful attacks, phishing attacks Middle-ware layer Men in-middle attack, signature attack, flooding attack (cloud), sql injection, cloud malware injection attacks Application layer Reprogram attacks, service interruption attacks, access control attacks, ddos attacks, code injection attacks, data theft attacks within the limited timeline. Secondly, IoT devices are battery-operated, and it isn't easy to produce the lowpower while incorporating security algorithms. Third, the security algorithm's implementation cost should be low to extend the other device's incorporation. Lastly, the advanced security algorithms usage in an IoT environment is suitable and affects the computational performance and increases the hardware complexity. The lightweight algorithms are introduced to resolve the above problems. The lightweight cipher algorithms provide better security with low cost and excellent system performance in a short duration. The lightweight block ciphers are suitable and provide security for low-end IoT devices in realtime applications without affecting unauthorized user's data.
Contributions: In this manuscript, an efficient PRESENT-80/128/256 lightweight cryptographic modules for encryption and decryption are presented with low Latency and High Throughput. The contribution of the proposed work is highlighted as follows: The existing PRESENT ciphers are working with 32 round operations with key. The proposed PRESENT cipher architecture is modified and configurable to work with 16/32/64 round operations individually with the key module. The proposed work introduces a 256-bit key in PRESENT cipher to strengthen the security features. The PRESENT-80/128/256 with different 16/32/64 rounds are works parallel with the key updation mechanism to improve the latency parameter and provide high throughput and hardware efficiency. The proposed PRESENT-80/128/256 work is synthesized individually and compares the performance parameters with existing PRESENT and lightweight ciphers with better improvements.
The manuscript is organized as follows: Section 2 presents the review of existing lightweight block ciphers, including recent PRESENT algorithms and their limitations. Section 3 describes the hardware architecture of PRESENT-80/128/256 encryption and decryption modules with proper key updation. Section 4 highlights the Results and comparative analysis of the proposed work. Finally, it concludes the overall work with improvements in Section 5 with future work.

Related Work
This section elaborates on the different cipher algorithms and recent PRESENT light-weight algorithms for different applications using different environments and highlights the limitations of these works. Mohd et al. [17] present the comparative discussion of the light-weight block ciphers for the lower-constrained devices. The list of light-weight algorithms with key size, block size, the number of rounds used, and the structure type is tabulated in detail. The implementation of ciphers with software and hardware platforms is discussed in detail with its performance metrics. The performance of hardware-based ciphers is compared with area, power, throughput, and energy factors. The open research issues like performance modeling, security metrics, software coding style, and hardware trojan are discussed. Edwar et al. [18] discuss the PRESENT algorithm and its performance evaluation on the FPGA platform. The hardware architecture of PRESENT with data path units is presented. It was designed PRESENT cipher (Both 80bit and 128-bit Keys) using 64-bit-data size with 32-standard rounds. The proposed work is extended to 256-bit key with flexible 16/32/64-rounds with 64-bit-data size to improve the security aspects. The 256bit key with 64-bit rounds in PRESENT cipher is complex combination for unauthorized users.
The work evaluates and compares the performance parameters like Latency, Throughput, CMOS process, and Area with existing approaches. Azari et al. [19] explain the PRESENT cipher model on the FPGA platform using 80-bit and 128-bit key mechanisms. The mathematical expression of the block cipher is analyzed in detail with architecture. The simulation waveforms of the 80-bit and 128-bit key mechanisms are discussed, along with resource comparison.
Thorat et al. [20] present the new hybrid cryptosystem with light-weight features for the IoT infrastructure. The hybrid approach includes the s-box of the PRESENT is integrated with permutation instruction-based PREMS cipher. The work is analyzed both in software and hardware environment with the realization of the performance metrics. Chom Thungon et al. [21] discuss the comparative analysis of both the AES and PRESENT Block ciphers for personal area network-based IoT applications. The performance comparison of hardware characteristics with different devices and memory consumption are discussed. The work concludes that the PRESENT cipher gives better performance in memory consumption than the AES cipher. Aragona et al. [22] discuss the PRESENT and other light-weight ciphers (PRINT and RECTANGLE) in detail with mathematical proofs. Pei et al. [23] explain the lightweight block ciphers usage and its performance, security trade-off in the Industrial Wireless sensor network (WSN). The Industrial WSN for factory automation is discussed using light-weight block ciphers (KLEIN, L-block cipher, PRESENT, Piccolo, HIGHT). The memory usage and throughput factors are discussed for all the light-weight block ciphers in the Industrial WSN system. Jangra et al. [24] explains the implementation of the PRESENT and CLEFIA light-weight block ciphers in python and analyzes the performance metrics. The metrics like throughput, resource utilization, and security strength are discussed for both the ciphers. The PRESENT cipher gives less memory utilization and less throughput than the CLEFIA cipher. Rashidi [25] discuss the light-weight ciphers like LED, SIMON, and PRESENT modules with flexible hardware architectures. The work results are implemented on the ASIC platform with 180 nm CMOS Technology and are compared with existing similar works with constraints improvements. Jenny et al. [26] present the compact S-Box of block ciphers like LED, GIFT, and PRESENT for low-constrained applications. The S-Box designs are optimized using Karnaugh mapping to reduce the gate count values for these three block ciphers. Jang et al. [27] discuss the symmetric key cryptographic algorithms like PRESENT and GIFT with quantum computations. The reversible logic gates-based architecture is constructed for both the PRESENT and GIFT ciphers. The quantum resources like the number of gates used and circuit paths are discussed and compared with similar works.
Most of the PRESENT algorithms are conventional with iterative approaches and RAM or LUT-based key scheduling from these review analyses. These approaches consume more Chip areas and affect the system performance, and not suitable for IoT devices.

Proposed Work
The light-weight PRESENT encryption and decryption modules for 80/128/256-bit keys are presented in this section. The proposed PRESENT block cipher is well suited for IoT security in real-time scenarios.

PRESENT-80/128/256 Encryption Module
The PRESENT-80/128/256 encryption module is represented in Fig. 2. It mainly includes 64-bit plain text, Substitution-permutation (SP) network with a 16/32/64-rounds state updation, along with an 80/128/ 256-bit key updation unit. The SP network mainly contains 16 Substitution Boxes (S_box_Func) and Permutation Layer (PLayer). Initially, the Key load (kld) is activated, the 80/128/256-bit key is stored in the key register. When the key load is zero and load (ld) is activated, the state transition starts, the input 64-bit Plain-text is stored temporarily in the state register for the initial round. Suppose the load signal becomes zero for the next 16/32/64-rounds of operations. The state register data is XOR with 64-bit key register data as a round key and generates the SP Network 64-bit input. The MSB bits of 64-bit is considered for round key input out of 80/128/256-bit key register output. The SP network of 64-bit input divides the 4-bit Data individually 16 times and generates 16 S-boxes. The main aim of this work is to design a Light weight PRESENT-80/128/256 cryptographic modules for encryption and decryption with low Latency and High Throughput. The lightweight cipher algorithms provide better security with low cost and excellent system performance in a short duration. The PRESENT lightweight block ciphers are suitable and provide security for low-end IoT devices in real-time applications without affecting unauthorized user's data. The Contribution section provides the main objective of the proposed work.
The key register (KR i ) provides the 64-bit key KR i ¼ k i 63 . . . k i 0 for 0 ≤ i ≤ 15/31/63. The state register receives the KR i with current State_Reg (sr 63 …sr 0 ) and performs the XOR operation using the below Eq. (1) till 0 ≤ j ≤ 63.
The State_Reg values are updated in Sbox_Func and perform the S-BOX operation of PRESENT-80/ 128/256, and it is tabulated in Tab   The SP inputs are replaced with S-box table data and generate 16 individual S-BOX outputs. Each S-BOX input and outputs are 4-bits. The Sbox_Func currently has 64-bit Data (sr 63 …sr 0 ) and decomposes it into sixteen 4-bit blocks (b 15 …b 0 ). Where b i = sr 4*i+3 || sr 4*i+2 || sr 4*i+1 || sr 4*i for 0 ≤ i ≤ 63. The Sbox_Func [b i ] similarly updates the Sbox values and inputs them to the permutation layer. The permutation layer (PLayer) receives the 64-bit S-BOX outputs and creates more confusion and diffusion using the Permutation table [28]. The P-table data replaces the S-BOX data for the next 16/32/64-rounds and updates to the state register. Thus, after successive 16/32/64-rounds of clock cycles, the state register generates 64-bit ciphertext as PRESENT-80/128/256 cipher output. The Key updation unit updates the round key 16/32/64-times parallel, generates the updated 80/128/256-bit key data, and inputs it to the decryption module for reverse key updation. The detailed key updation for encryption and decryption for PRESENT-80/128/256-bit are described with hardware modeling in the next section.
In this work, the complete work is carried on FPGA with implementation. The Power reports are generated using Xilinx X-power analyzer. In FPGA, the total power is divided into two parts: Quiescent (Static) and dynamic power. The Quiescent (Static) power utilization is obtained based on device (irrespective of the designs). Where, the dynamic power utilization is obtained based on the design operation (In this work-PRESENT-80/128/256). The static power is utilization for the Artix-7 FPGA is fixed 0.083 W. This static power includes leakage power of the device and not depends on design. Rest of the dynamic power varies from the 0.103-0.109 W as the clock frequencies increases. The proposed work, reduces chip resources (Slices. LUTs) to improves the dynamic power. The time complexity in FPGA implementation is considering based on the execution time (Latency) in terms of Clock cycles. The latency (clock cycles) used for the Proposed PRESENT is mentioned in Tab. 6.

PRESENT-80/128/256 Encryption Module
Like the encryption module, the decryption module receives 64-bit ciphertext as an input and an 80/128/ 256-bit updated key as the input key. The detailed hardware architecture of PRESENT-80/128/ 256 decryption is represented in Fig. 3. It is an entirely reverse process of encryption and few changes in the SP-Network.  The replacement of S-BOX, PLayer, and key updation module with Inv_Sbox_Func, Inv_PLayer [28], and inverse key updation unit, respectively. The Inverse Inv_Sbox_Func is tabulated in Tab. 3 and used in Inverse SP-network.

Key Updation Modules for PRESENT-80/128/256
The key updation and inverse key updation architecture units are represented in Figs. 4a and 4b for PRESENT-80 encryption and decryption. For PRESENT-80, the key register (KR i ) stores 80-bit Data temporarily for 64-bit round key operation KR i = k 63 k 62 …k 1 k 0 and starts updating. Consider the KR i for PRESENT-80 module in Eq. (2) as follows: The 80-bit register key (KR i ) in Eq. (2) is mainly used to update the MSB portion of the first 64-bit key out of the 80-bit key for round operations in the Encryption process. Later perform the shifts left (<<) operations 19 times and further process the key updation using a round counter. The concatenation of the first 15-bits [14:0] keeps the same followed by the next 5-bits [19:15]

Results and Analysis
The PRESENT-80/128/256 light-weight block ciphers for IoT security are designed using Verilog-HDL on the Xilinx Platform and implemented on the Artix-7 FPGA device for prototyping purposes. The simulation is carried out using the Modelsim 6.5f simulator. The PRESENT-80/128/256 modules of hardware constraints and comparative analysis with similar and different existing approaches are tabulated in this section.
The complete integration of encryption and decryption PRESENT-80/128/256 modules Performance results on Artix-7 FPGA are tabulated in Tab. 4. The Table contains area, frequency, total power utilization, and hardware efficiency with different key sizes and rounds for PRESENT-80/128/ 256 Modules. For example, the area utilization is <2%, and operating frequencies are also better on Artix-7 for PRESENT-80/128/256 modules with different rounds. The PRESENT-80/128/256 consumes less total power with the range 0.186-0.192 W. Therefore, the power utilization is relatively more minor, and we can easily use these PRESENT modules for IoT devices for authentication purposes. The Throughput (Mbps) and efficiencies like Throughput/Slice (Mbps/slice) and Throughput/LUTs (Mbps/LUT) are also tabulated. The PRESENT-80/128/256 Module's Chip area (Slices and LUTs) and frequency utilization on Artix-7 is graphically represented in Fig. 5.
The total power consumption of PRESENT-80/128/256 module with different clock frequencies on Artix-7 FPGA is represented in Fig. 6. The total power (W) mainly includes quiescent (Static) and dynamic power. The total power is generated using the Xpower analyzer tool on Xilinx Environment. The dynamic power varies with the PRESENT-80/128/256 design module. The static power is constant and does not depend on the design module, and depends on the selected device (Artix-7 FPGA). The static power for the PRESENT-80/128/256 is an average of 0.083 W, and dynamic power varies based on design modules. As the device clock frequencies increase, the total power of the PRESENT-80/128/256 is also increased.  The performance analysis of the proposed PRESENT-80/128/256 with different lightweight-block ciphers for 32-rounds is represented in Fig. 7 and tabulated in Tab. 5 with improvements.  The different lightweight block ciphers include Tiny XTEA [9], LED [10], SPECK [12,13], SIMON [13], Hummingbird [11], are implemented on low-end Spartan-3 FPGA devices. The proposed work is compared with existing light-weight block ciphers with improved throughput (Mbps) and efficiency (kbps/slice) in the greater margin. These light-weight block ciphers consume more Latency for execution and affect overall performance in terms of Throughput and Efficiency.
The analysis of PRESENT-80/128 ciphers with similar recent PRESENT cipher modules are compared with different FPGA families like Spartan-6, Virtex-4, Virtex-5, Artix-7 are tabulated in Tab. 6 with improvements.  (Continued) The light-weight efficient, low-latency, High Throughput PRESENT-80/128/256 integrated Encryption, and Decryption modules are designed and implemented on FPGA for prototyping. The PRESENT80/128/ 256 Encryption and Decryption modules have their state updation and key updation units. The proposed work performs 16/32/64 rounds of state and key updation operations to create more confusion and diffusion to the attackers. The PRESENT-80/128/256 uses parallel operation for data and key updation, which consumes less execution time with better Latency. The PRESENT-80/128/256 is well suited to low-end IoT devices for security incorporation because of low Latency and High Throughput. The results are analyzed and compared with recent PRESENT models with improved chip area, Latency, Throughput, and efficiency on different FPGA devices. The PRESENT-80/128 is also compared with different light-weight algorithms with improved hardware constraints. The PRESENT-80/128 works with a throughput of 821.58 Mbps for 32-rounds on Artix-7 FPGA. In the future, Optimize the power performance by using the ASIC platform and also analyze the real-time power usage in IoT applications. In addition to that, analyze the critical attacks using PRESENT cipher on IoT infrastructure and its application to realize the security aspects.
Funding Statement: The authors received no specific funding for this study.

Conflicts of Interest:
The authors declare that they have no conflicts of interest to report regarding the present study.