Lightweight Cryptography for Network-on-Chip Data Encryption

System-on-chip (SoC) is the main processor for most recent applications such as the Internet of things (IoT). SoCs are composed of multiple blocks that communicate with each other through an integrated router. Data routing from a block to another poses many challenges. &e network-on-chip (NoC) was used for the transmission of data from a source to a destination with high reliability, high speed, low power consumption, and low hardware occupation. An NoC is composed of a router, network links (NL), and network interface (NI). &e main component of the NoC, the NI, is composed of an input/output FIFO, a finite state machine (FSM), pack, and depack modules. Data transmission from a block to another poses a security problem such as secret information extraction. In this paper, we proposed a data encryption framework for NoC based on a light encryption device (LED) algorithm.&emain advantages of the proposed algorithm are to reduce the implementation area and to achieve high speed while reducing the power consumption. &e proposed encryption framework was simulated Verilog/VHDL on the Xilinx ISE and implemented on the Xilinx Virtex 5 XC5VFX200T. &e obtained results have shown that the proposed framework has a smaller area and higher speed compared to existing works. &e proposed algorithm has reduced the NI implementation area and enhanced the network performance in terms of speed and security.


Introduction
e recent advances in technology have resulted in increasing the number of intellectual property (IP) cores in the same integrated chip. Most SoCs have integrated many cores such as memory units, general-purpose processors, digital signal processors (DSP), and graphics processing units (GPU). Integrating such a big number of cores has raised the problem of data routing for the communication between the IP cores. Besides, the complexity of the chip architecture and the huge number of integrated IPs and connecting those IPs through direct connections elevate the electromagnetic interference which causes more electrical noise. To make the SoC more reliable, a shared bus connection was used to reduce connection wires. Network-onchip (NoC) [1] has been a solution to ensure communication between IPs without any overlap.
e NoC was designed to establish data transmission effectively. It is composed of three main components which are the router, the network interface (NI), and the control fine state machine (FSM). e router is a set of switches used to control the data destination. e NI is used to receive and send data. e FSM is used to control the router and the NI. e NoC solution was very scalable and ensure date communication without any performance degradation of the SoC. However, the use of the NoC introduces security issues such as data extraction, hijacking, and denial server attacks. Data encryption was proposed as a solution for this problem.
Most SoCs contain confident information that must be accessed only by authorized operators. Securing the transmission of that information is a serious action to maintain scalability. Cryptography algorithms were proposed for data inscription. e Advanced Encryption Standard (AES) algorithm [2] was the most used for NoC data encryption [3]. But the AES needs a large implementation area and a lot of computation effort to encrypt the data. us, this may increase the implementation area of the SoC and power consumption of the system. Most SoCs such as IoT devices are characterized by a limited implementation area and power. To avoid those hindrances, we proposed the use of lightweight cryptography algorithms. e main motivation of this work was the limited resources of SoCs that require custom solutions to ensure high reliability. Hardware implementation of NI can enhance the overall performance and reduce the power consumption of the chip which is considered an important constraint in mobile devices. Motivated by the mentioned, we propose a solution based on lightweight cryptography and a custom design.
Lightweight cryptography algorithms [4] are a new set of encryption algorithms designed for real-time processing featured with a small implementation area in addition to very low power consumption.
ose algorithms are considered a perfect solution for data encryption in NoCs. Also, the low power consumption of those algorithms allows them to resist physical attacks. In this work, we proposed the use of the light encryption device (LED) algorithm [5] for NoC data encryption. e LED algorithm is a lightweight cryptography algorithm from the substitution-permutation network (SPN) family. It has two versions, the first one with a key length of 128 bits (LED128) and the second one with a key length of 64 bits (LED64). For LED128, the number of encryption or decryption rounds is 48, and for LED64, it is 32 rounds. In this work, we selected the LED64 for NoC data encryption due to its fast processing and lower implementation area. To make use of the LED64 algorithm in the NoC, the NI was redesigned. e NoC sends data in packages of 32 bits where 16 bits are reserved for the destination address and the other 16 bits are the information to send. Since the LED64 takes an input of 64 bits, we proposed an encoder that transforms the 16 bits to 64 bits for the encryption and a decoder that transforms the 64 bits to 16 bits in the receiver decryption process.
ese additional encoder and decoder modules have further improved the security level against information extraction.
Furthermore, the NI was improved with a bigger input/ output FIFO to speed up the processing and eliminate the data waiting. e proposed NI has five input/output FIFOs each with 32 bits of length. e proposed NI has been designed to reduce the implementation area and to enhance the operating frequency and the network bandwidth. e proposed lightweight cryptography algorithm has a low implementation area and a fast processing speed which allows achieving real-time processing even on low-performance devices such as IoT devices, unlike AES-based solutions that need high-performance computers to achieve real processing and require huge implementation area on hardware.
e novelty of the proposed solution comes from the use of custom-made input/output FIFO that allows the process of data faster and smoother without any delays. Besides, the lightweight cryptography algorithm plays an important role in enhancing the overall performance by reducing the implementation area and accelerating the processing time to achieve real-time processing. e proposed solution was synthesized on the Xilinx Virtex 5 XC5VFX200T using the Xilinx ISE with VHDL. e proposed NI with the LED64 has only occupied 1420 LUT slices which is 1% of the available slices. e implementation area in terms of LUT-FF pairs was only 660 which does not present a big difference compared to the NI without the encryption algorithm. A maximum frequency of 358 Mhz was achieved. Compared to existing solutions, the proposed NI has a lower implementation area and higher operating frequency with a big margin. e main contributions of this paper are the following: (i) Proposing an NI for NoC with high performance and security level (ii) Proposing a lightweight encryption algorithm for NoC based on the LED64 algorithm (iii) Proposing a bigger input/output FIFO to avoid data waiting and accelerate the processing time (iv) Synthetizing the proposed solution on the Xilinx Virtex 5 XC5VFX200T (v) High performance achieved with a small footprint and high processing speed (vi) Guaranteeing the use of the proposed NI with limited resources devices. e rest of the paper is organized as follows: section 2 was reserved for presenting and discussing existing works on NoC data encryption. e proposed approach was presented and detailed in section 3. In section 4, experimental results were demonstrated and discussed. Conclusions are presented in section 5.

Related Works
Recent advances in communications have raised many security concerns. Mainly, Internet of things (IoT) devices are weak targets for hackers due to their limited computation resources that prevent the implementation of powerful encryption algorithms. Most IoT devices are based on SoCs where their data must be confidential. Data encryption in NoCs has been widely studied and many solutions have been proposed to achieve a high-security level. Besides, many IoT authentification protocol has been proposed to address the security concerns of data transfer trough servers and clouds.
Oliveira et al. [6] proposed NoC data encryption based on the combination of the AES algorithm and a firewall. e proposed firewall was used as an interconnection between the router, the AES block cipher, and the Processing Elements. It was integrated between the NI and the router to control the communications. e firewall was placed outside of the NI to avoid any modifications in the original architecture. It was used to decide on the sent or received if it will be encrypted/decrypted or not. e data encryption module was based on the AES algorithm. e plain text was loaded using two 64-bit blocks at consecutive clock cycles. en both keys are injected to start the encryption process. e encryption or decryption process takes 13 clock cycles to generate the final output. e proposed approach requires a total area of 18116 slices. e achieved results proved that the proposed solution requires a huge implementation area which makes it not suitable for embedded SoCs.
An NoC encryption solution based on the AES was proposed in [7]. To reduce the implementation area of the proposed AES, a custom C-S-box was proposed. e new C-S-box has been designed using optimized MI units and four transistors XOR gates. To speed up the processing speed a retiming technique was applied. e retiming technique ails to place registers at each stage of the AES, and then the registers were placed in each round key operation. is technique allows fetching and decoding available data while fetching the next data value. Besides, while the available data are in the execution step, the next data are in the decoding phase and the new data are fetched similarly. Due to adding registers at different places, the proposed approach has reached high speed but suffers from high resource utilization and hog power consumption. e proposed solution cannot be considered for the implementation of limited power devices.
Charles and Mishra [8] proposed to secure data routing in NoC using incremental cryptography [9]. Incremental cryptography has significant improvement over traditional cryptography. It can be used to encrypt documents and videos faster by considering changed values and maintains already encrypted values. Such properties allow to speed up the processing time and achieve a better security level. e hummingbird-2 [10] was used as an encryption algorithm. is algorithm has a block size of 16 bits and a key length of 128-bits. Based on the proposed incremental cryptography technique, data sent by the NoC are compared to the data sent previously using XOR gate. e data were divided into different and similar blocks: different blocks are encrypted and similar blocks are maintained. e proposed solution has enhanced the encryption speed but raised the implementation area.
Tewari et al. [11] proposed a lightweight data encryption protocol to secure radio frequency identification (RFID) communication. e proposed protocol was based on bitwise XOR operation and right shifting and rotation. is protocol was designed to ensure authentification between the server and the RFID tag. e proposed method was ultralight and respects real-time constraints but it was too weak against a variety of attacks and cannot ensure authentification.
A data transfer encryption method was proposed in [12]. e proposed method was designed based on four-image encryption coupled with quaternion Fresnel transform, chaos, and computer-generated hologram. e four images were represented by quaternion algebra and then processed using quaternion Fresnel transform. After that, the processed data were encrypted using Fresnel transform with two virtual independent random phase masks. e proposed method was efficient for image encryption but computationally extensive which makes it unuseful for practice applications.
A smart city authorization method [13] based on blockchain authentification was proposed to grant secured access. e proposed method was developed based on the FIWARE platform. Blockchain technology was proposed to eliminate secure data replica with distributed system problems. e proposed method was computationally extensive and mainly useful for cloud computing and servers.
Li et al. [14] proposed the use of cooperative neural networks (CNN) for image watermarking generation scenarios for smart city applications. First, the gray watermark image was processed. en, the processed image was embedded as a watermark signal through the block Discrete Cosine Transform. Finally, CNN was used to detect and extract the watermark. Such a method cannot be used with limited resources devices.
A secure environment for big data sharing confidentiality through 6G wireless connectivity was proposed in [15]. e proposed method relies on a combination of powerful algorithms to manage a predefined scenario. e proposed method was proposed for use in high-performance cloud servers.
Al-Qerem et al. [16] proposed a concurrency control protocol for fog and cloud computing and IoT communication.
e proposed protocol aims to reduce the communication between the IoT device and the cloud through processing data at the fog node locally. Intensive computations have been performed to evaluate the performances of existing protocols.
Most of the proposed encryption methods for NoC have focused on the security level without considering either the encryption speed of the implementation area. In this work, we proposed a NI design that allows the processing of data faster alongside a lightweight encryption algorithm to ensure data security. More details on the proposed approach will be provided in the next section.

Proposed Approach
In this section, we provide a detailed description of the proposed NI and discussed the impact of the use of the lightweight cryptography algorithm on the performance of the NoC.
e NoC is an emerging technology that ensures communication between different IPs in SoCs without any overlap and allows the use of shred bus to reduce communication wires. e typical architecture of the NoC is presented in Figure 1. e NoC is composed of three main parts which are the routers, the network link (physical links), and the network interface (NI). e most important part is the NI which organizes the communication and allows to send and receive data from the IP core. e proposed NI is suitable for SoCs with a large number of IPs. It can be used for secure and nonsecure IPs. For secure IPs, a lightweight cryptography algorithm was added. e design of the NI has been enhanced with a larger input/ output FIFO to eliminate waiting when sending or receiving data. e proposed input/output FIFO is composed of 5 registers; each has a 32-bits length. e proposed NI is presented in Figure 2.
To secure the communication between IPs, an encryption method is based on the LED algorithm. LED is a lightweight encryption algorithm with a low implementation area that makes it suitable for limited computation resources data such as IoT. It was used for data encryption to achieve a low implementation of the NoC and to guarantee real-time processing.

Security and Communication Networks 3
e LED is an encryption algorithm from the S-PN family. It has two versions based on the key length. e first is LED64 with a key length of 64-bits and the second version is the LED128 with a key length of 128 bits. For LED64, the total number of rounds is 32 and for the LES128, the total number of rounds is 48. In this work, the LED64 was used for data encryption/decryption. For further use, the LED refers to the LED64 version. e LED algorithm is composed of four main functions which are AddConstants, S-Box, ShiftRows, and MixColumns.
e AddConstants function aims to perform Xor between the plain text and a constant matrix. To build the matrix, the size of the key was represented by 8 bytes from Ks 7 to Ks 0 . To make the first column of the matrix, a Xor function was performed between the key bytes and their position. For the second column, six-round constant bits (RC 5 to RC 0 ) were initialized by zero and then updated for each round by a one-bit left shifting and RC 0 takes the result of the Xor between RC 5 , RC 4 , and one. e constant matrix is presented by 1.
e S-Box function takes 16 bits as input and transformed them to another value based on a substitution table. Table 1 represents the substitution tale of the S-Box of the LED algorithm. e ShiftRows function rotated the input to right. e values of the first, second, and third rows are shifted to the right and the last row is rotated to the first row.
e MixColumns function is a multiplication of the input data by a diffusion matrix MDS. e MDS is represented by 2.

MDS
e LED block chipper takes an input block with the same size of the key length (64 bits). After 32 rounds, the input plaintext is transformed into a ciphertext. e encryption process of the LED algorithm is defined by the pseudocode in Algorithm 1. e LED algorithm starts by generating subkeys from the secret key then performs and a round key function through a Xor between the state and the subkeys. is process is repeated after each step. Figure 3 illustrated the encryption process of the LED block cipher. e LED algorithm was selected for data encryption thanks to its security level, low implementation area, and low power consumption. As mentioned earlier, the LED takes an input data and key with a length of 64 bits but the NoC generates data packages of 32 bits where 16 bits represent the destination address and 16 bits represent the information. So, only 16 bits are available for encryption. To fix this issue, we proposed a decoder that transforms 16-bit input to 64-bit output. At the decryption process, an encoder was used to transform the 64 bits into 16 bits. e proposed solution has enhanced the security level against data retrieval. In case of an attack, if the data was retrieved, the information cannot be interpreted since it has been represented on 64 bits where only 16 bits have the information. e proposed encoder/ decoder has allowed for the integration of the encryption algorithm without any modification on NI architecture. After encryption, the ciphertext was concatenated with the 16 bits of the destination address and sent to the router. e proposed NI with the LED block cipher is presented in Figure 4.
In summary, we proposed an NI for NoC with an encryption algorithm to ensure data security. e proposed NI was designed to be suitable for any NoC with a bigger input/ output FIFO composed of five registers where each is of 32bit size. e use of bigger FIFO allows to speed up the processing time while eliminating data waiting. Besides, we implemented a data encryption algorithm based on the LED block cipher. e LED is a lightweight encryption algorithm with a low implementation size and fast processing speed. An encoder/decoder method was added to the NI to convert 16-bit data to 64-bit data and the inverse to allow its encryption by the LED since it takes 64-bit input and output.
is addition has enhanced the security level against data retrievals.

Experiments and Results
e proposed NI design with encryption algorithm was synthesized on the Xilinx Virtex 5 XC5VFX200T using the Xilinx ISE with VHDL. First, we start by building the NI without the encryption algorithm to determine its implementation area and for comparison purposes against existing works. Figure 5 presents the implementation results of the NI without encryption.
As shown in Figure 5, the proposed NI has a low implementation area with a total of 51% utilization in terms of LUT-FF pairs. In terms of slice register and slice LUTs, the utilization was considered negligible. A maximum frequency of 358 MHz was achieved. To prove the efficiency of the proposed design, a comparative study was conducted with state-of-the-art works that use the same implementation device, the Xilinx Virtex 5 XC5VFX200T. Table 2 presents a comparison with existing works.
As shown in Table 2, the proposed NI design has the lowest LUT-FF pairs that refer to the implementation area.
Even when using more registers, the proposed design still requires less area than existing designs.
To secure the data transfer between IPs, the LED block cipher was deployed. An encryption process was implemented at the data generation stage and a decryption process was implemented at the data receiving stage. Figure 6 presents the encryption implementation area. e LED encryption process requires a very small implementation area with only 81 LUT-FF pairs. e achieved results proved the light size of the LED block cipher which makes it suitable for use in limited resources devices. A maximum frequency of 252.816 MHz allows for running in real time.
At the data receiving stage, the decryption process was implemented. Figure 7 presents the achieved results for the decryption process. e LED decryption process requires only 86 LUT-FF pairs which are approximately equal to the encryption process. A maximum frequency of 225.73 MHz was achieved.
Compared to the AES [7] that requires more than 1300 LUT-FF pairs and works at a maximum frequency of 155 MHz, the LED block cipher is much better and more efficient especially for limited resources devices such as IoT devices.
To ensure data security, the LED was combined with the proposed NI design. e achieved results are presented in   design has a small difference in implementation area compared to the nonsecure design thanks to the small area of the LED block cipher.
To prove the efficiency of the proposed NI design, we compared the achieved implementation results with existing

Plaintext
Step SK 1 Step Step   Security and Communication Networks works that use the Xilinx Virtex 5 XC5VFX200 T device. Table 3 presents a comparison of the proposed secure NI design with existing works. As shown in Table 3, the proposed secure NI design presents a much lower implementation area compared to existing works based on the AES block cipher. e proposed NI requires 660 LUT-FF pairs while the AES-based NI requires 38342 LUT-FF pairs. e reported results proved the proposed NI is more efficient than those based on the AES and more suitable for IoT devices. e proposed NI design has been built for general use with any NoC. First, it is characterized with larger input/output FIFO composed of 5 registers; each is 32 bits long used to avoid data waiting. is feature allows to speed up the processing time and avoid long processing delays. Second, to secure the communication between IPs, the LED block cipher was implemented. An encoder/decoder method was added to endure data compatibility with the LED block cipher that uses 64-bit input and output. e proposed NI design has achieved much better results in terms of implementation area and frequency compared to existing works.

Conclusions
e emerging technology is pushing SoCs to their limit with a huge number of embedded IPs. NoCs were considered a solution to achieve perfect communication between IPs without any overlap and allow the use of shared bus and reduce connection wires. An NoC is composed of three main components which are the network interface (NI), the network links (NL), and the router. e NI is considered the most important component that organizes data sending and receiving. In this paper, we proposed an NI design with a lightweight block cipher to ensure data security. e proposed NI was designed for use with any NoC. It has a large input/ output FIFO to avoid data waiting. e LED block cipher was used to encrypt data due to its low implementation area, fast processing speed, and high-security level. e reported results show that the proposed NI design outperforms existing works based on the AES block cipher with a wide range in terms of implementation area and working frequency. e proposed design is more suitable for implementation on limited computation resource devices such as IoT.
Data Availability e data are available upon request to the corresponding author.