Improved Image Security in Internet of Thing (IOT) Using Multiple Key AES

Image is an important digital information that used in many internet of things (IoT) applications such as transport, healthcare, agriculture, military, vehicles and wildlife. etc. Also, any image has very important characteristic such as large size, strong correlation and huge redundancy, therefore, encrypting it by using single key Advanced Encryption Standard (AES) through IoT communication technologies makes it vulnerable to many threats, thus, the pixels that have the same values will be encrypted to another pixels that have same values when they use the same key. The contribution of this work is to increase the security of transferred image. This paper proposed multiple key AES algorithm (MECCAES) to improve the security of the transmitted image through IoT. This approach is evaluated via applying it on RGB bmp images and analyzing the results using standard metrics such as entropy, histogram, correlation, Peak Signal-to-Noise Ratio (PSNR) and Mean Square Error (MES) metrics. Also, the time for encryption and decryption for the proposed MECCAES is the same time consumed by original single key AES is 12 second(the used image size is 12.1MB therefore time is long). The performance experiments show that this scheme achieves confidentiality also it encourages to use effectively in a wide IoTs fields to secure transmitted image.


Introduction :
The IoT involves diverse link layer technologies and an enormous collection of devices (1). The number of IoT applications is growing. The applications comprise smart home, smart city, smart agriculture, utilities, healthcare monitoring, and animal farming, smart water, security and emergencies, industrial control, smart transportation, environment monitoring (2). It tackles the highly sensitive information about people and companies, which must not be revealed to those unauthorized persons and attackers.
Security is a very important issue that could confront the IoT development and providing security for IoT technology is a great real challenge. As the IoT technology has a wide spread scope, there are many variables areas of research that focuses on security challenges. Security requirements in the IoT environment are confidentiality, integrity, authentication, authorization, access control, and availability.
One of the most important methods to provide data security, especially to protect end-to-end data sent over networks is Cryptography. Cryptography is the system in which text or any type of data is converted from readable data to unreadable (encrypted) data that can only be decrypted by someone who has the decryption key therefore, the purpose of the encryption is to ensure that the privacy of the data is not allowed to tamper with or view it, because it is either confidential or private and very important. Symmetric (the key used to encrypt and decrypt is the same) and asymmetric (the key used to encrypt is differed from the key used to decrypt) are basic types in cryptography and lightweight appear as modern type which is focused on the lower end devices.
A few lightweight security mechanisms currently in use are based on number of security techniques and cryptographic algorithms. They include hash functions like access control, XOR encryption, lightweight public-key cryptographic schemes based on ECC(Elliptic Curve Cryptography) (3) and symmetric AES 128 algorithm (that used as default in Wireless Fidelity (Wi-Fi), Worldwide Interoperability for Microwave Access X (WiMAX) and Bluetooth(4)(5) .
Elliptic Curve Cryptography (ECC) is the more secure public key cryptography algorithm because it uses fully exponential computations to solve the problems. It is used to generate smaller, faster, and more efficient cryptographic keys. ECC generates the keys through the properties of an elliptic curve equation instead of the conventional generation method as a result of very large initial numbers. Because ECC helps create equivalent security with less power to use the computer and use battery resources.
The Advanced Encryption Standard (AES) is one of the most symmetric block cipher algorithm that is used commonly in ciphering. When encrypting data by AES algorithm it is very difficult for hackers to get the original data. There are three key sizes allowed for the AES algorithm: 128, 192, and 256 bit; but the block size of the message allowed is fixed which is 128 bit Security in transmission of the digital images has its importance in the present image communications due to the increasing use of image throughout the industrial process, transport, healthcare like Connected MRI(Magnetic Resonance Imaging) scanner (6), industrial (7) agriculture(8), military, vehicles and wildlife .. etc. It is necessary to protect the confidentiality of image data from unauthorized access, therefore image security is a critical issue and that is obvious from researchers who tried in many papers to enhance image security by use different encryption schemes. The previous studies that attempted to enhance image security by using symmetric single key AES are many. Alireza etal. suggested chaos system to generate key rounds and make modifications on standard AES (9). Also, Ahmed et.al suggested mixing of a shifting technique and AES scheme (10), and Jha suggested image encryption approach corresponding to AES and 2-D logistic map (11). All (9)(10)(11) attempted to enhance the weakness of single key standard AES by increasing the randomness of key or make some modifications on original AES. On other hand, Mohsen and khizrai used multiple keys schemes (12) (13) to increase security level. The contribution of this work is to increase the security of transferred image by combining the good randomness of key with using AES multiple keys.
This study tries to enhance the security of transmitted image through IOT which is secured by using AES 128 single key. The proposed MECC -AES (Multiple key Elliptic Curve Cryptography) achieves high levels of security and integrity according to statistical metrics such as Entropy, PSNR, MSE and correlation. The Proposed Scheme: The main objectives of this work are improving the security and the accuracy of the transmitted image through IOT. The work suggested a multiple key symmetric scheme. At the first use MECC technique to generate multiple secret keys which is used with AES for improving the security and accuracy of image of IOT.

MECC Technique
The proposed MECC (14) technique can generate N keys by using multiple ECC public keys. The proposed MECC is two sets key generator. In this model, a different number of initial sequences and different ECC public keys are used, two initial random key seeds r0 and s0 are used to generate two sets of keys: r1, r2 ... rn; s1, s2 ... sn, where the sets are generated according to the Equations (1 and 2).
Then, the xor function equation (3) is used to obtain the final keys, which are used in the encryption and decryption process.
TCK1and TCK2: are trust center public keys which are different keys. The trust center must satisfy the values of r0 and s0 in the sender and receiver sides.

MECC -AES Scheme
The MECC -AES technique is suggested to improve the strength of the security system that is available when using keys generated by the MECC technique. The MECC -AES technique consists of a MECC technique that generates secret keys and the AES algorithm which uses these secret keys in the encryption and decryption operations .In order to encrypt the plain image by the MECC -AES technique after separating the plain image into three matrix of R,G,B colors, each matrix must be divided into the same number of n blocks, as demonstrated in Equation (4). If the number of secret keys equals the number of image blocks then encrypting each block directly with the corresponding key. But if the number of keys is less than the number of blocks. Then these blocks are distributed into groups. The number of these groups is equal to the number of secret keys. All blocks belonging to the same group i are encrypted by the secret key Keyi. The encryption operation using AES algorithm is demonstrated in Equation (5). The decryption operation is in reverse way.

Result and Discussion:
Based on the algorithms discussed in the previous section, an encryption quality is evaluated by using Sun image shown in Fig.3 Fig.4 shows the ciphered images that belongs to the original RGB Sun image. When an image has equal probabilities, the entropy will be calculated to 8 which is an ideal result. If the entropy is less than eight (8) this means there is a certain degree of predictability (17) For a cryptosystem to resist the entropy attacks. Table 1 for Sun image illustrates how the entropy is increased when number of keys is increased. The entropy values in each ciphered image is increased and be more close to ideal value(8) which mean highly randomness. As a result all entropy values are better than entropy for ciphered image with one key.

PSNR & MSE
PSNR is abbreviation to Peak Signal-to-Noise Ratio that reveals the encryption quality and displays the changes in the pixel values between the plain image and the ciphered image (18). The result of PSNR is a single number in decibels (dB) and if this number is smaller than 30dB that mean the encrypted image is dissimilar to the original. Where f(i,j) represent the original pixel (i, j), while F(i, j) is the ciphered pixel, and M × N refer to the picture size. MSE as part of equation 6, provides a quantitative score to describe the degree of similarity between two signals (19). Table 2 show the values of PSNR is highly below 30dB and that prove the encrypted image is highly secure and MSE values is very high and far from 0 with significant value. Therefore PSNR and MSE proved that the ciphered image is completely different from original one. At the same time the values of PSNR & MSE are Inf and 0 successively prove that the deciphered image is identical to the original image ,by which this scheme is lossless way.

Histogram
Histogram is one of the significant statistical characteristics that illustrates how many times the pixel intensity value occurs inside an image. A respectable encryption scheme provides a uniform histogram of ciphered image contrasting to the original image histogram. (20) The below Fig.5 shows the histogram of original and ciphered images. Histogram of ciphered image in contrast to the original image histogram is uniform in RGB channels and when number of keys is increased histogram is more uniform and this proves the encryption with multiple keys increases defense toward statistical attacks. Highly correlation inherently is guaranteed in plain image data between pixels (close to one) in horizontal, vertical or diagonal directions. The encryption aim is to destroy the strong correlation between neighboring pixels of the ciphered image (near to zero). It is strongly related if |rxy |> 0.8, otherwise weakly related if |rxy |< 0.3. In image, the correlation coefficient between each pair of pixels uses equation (9) to be calculated as follow: Where cov(x:y), D(x) and D(y) are covariance and variances of variable x and y respectively. E(x) and E(y) are the expected values of the variables x and y. Where N is the whole pels of an image, N=rows × cols, x is a vector of length N and xi is the intensity values of original image (20,21). Tables 3,4,5 and Figs. 6,7,8 show correlation between pixel pairs adjacent. Original Sun image show strong correlation while encrypted images show low correlation in three directions horizontal, vertical and diagonal for selected 3000 pixel pairs in a random way. The low values of correlation nearly to zero and less than 0.3 between pixels in ciphered image proved the power of MECC-AES scheme.

Conclusion:
It is concluded that the standard encryption method which has been proposed to enhance image security and integrity which uses multiple keys proved that security is increased throughout using entropy, MSE, PSNR and correlation. Also it is concluded that the accuracy of transmitted image increases by using this approach which is lossless thus the decrypted image is the identical to the original image. At the end, the suggested MECC_AES will be perfect and appropriate to be used for securing image in a widespread range of visual applications in IoT.
As mentioned above, the limitation of this work is that it will be used in IoT technologies that use or have the ability to use AES algorithm for security, thus, there are IoT technologies that need lightweight security scheme. The future work is