

# IoT Gateway WITH AES-128 CRYPTOGRAPHY

Miguel Vila (107276)  
Sistemas Integrados para Aplicações Embutidas



# Context ?

- IoT devices transmit sensitive sensor data over networks
- Lightweight, low-latency encryption is essential for constrained devices
- Software-only encryption is slow and exposes timing side-channels

# Problem ?

**How to provide real-time, secure sensor telemetry on resource-constrained  
embedded hardware?**

# Approach ?

- Implement AES-128 encryption as a custom hardware accelerator on FPGA
- Integrate with sensors, networking, and a monitoring application
  - Build a complete end-to-end encrypted IoT gateway

**FIPS 197**

Federal Information Processing Standards Publication

**Advanced Encryption Standard (AES)**

Category: Computer Security

Subcategory: Cryptography

Information Technology Laboratory  
 National Institute of Standards and Technology  
 Gaithersburg, MD 20899-8900

This publication is available free of charge from:  
<https://doi.org/10.6028/NIST.FIPS.197-upd1>

Published November 26, 2001; Updated May 9, 2023



**U.S. Department of Commerce**  
*Donald L. Evans, Secretary*

**Technology Administration**  
*Phillip J. Bond, Under Secretary for Technology*

**National Institute of Standards and Technology**  
*Karen H. Brown, Acting Director*

|                                                                   |           |
|-------------------------------------------------------------------|-----------|
| <b>4 Mathematical Preliminaries</b>                               | <b>8</b>  |
| <b>4.1 Addition in GF(2<sup>8</sup>) . . . . .</b>                | <b>8</b>  |
| <b>4.2 Multiplication in GF(2<sup>8</sup>) . . . . .</b>          | <b>8</b>  |
| <b>4.3 Multiplication of Words by a Fixed Matrix . . . . .</b>    | <b>9</b>  |
| <b>4.4 Multiplicative Inverses in GF(2<sup>8</sup>) . . . . .</b> | <b>10</b> |
| <b>5 Algorithm Specifications</b>                                 | <b>11</b> |
| <b>5.1 CIPHER() . . . . .</b>                                     | <b>12</b> |
| <b>5.1.1 SUBBYTES() . . . . .</b>                                 | <b>13</b> |
| <b>5.1.2 SHIFTROWS() . . . . .</b>                                | <b>14</b> |
| <b>5.1.3 MIXCOLUMNS() . . . . .</b>                               | <b>15</b> |
| <b>5.1.4 ADDROUNDKEY() . . . . .</b>                              | <b>16</b> |
| <b>5.2 KEYEXPANSION() . . . . .</b>                               | <b>17</b> |



| Round Number | Start of Round                                           | After SubBytes                                           | After ShiftRows                                          | After MixColumns                                         | Round Key Value                                          |
|--------------|----------------------------------------------------------|----------------------------------------------------------|----------------------------------------------------------|----------------------------------------------------------|----------------------------------------------------------|
| input        | 32 88 31 e0<br>43 5a 31 37<br>f6 30 98 07<br>a8 8d a2 34 |                                                          |                                                          |                                                          | 2b 28 ab 09<br>7e ae f7 cf<br>15 d2 15 4f<br>16 a6 88 3c |
| 1            | 19 a0 9a e9<br>3d f4 c6 f8<br>e3 e2 8d 48<br>be 2b 2a 08 | d4 e0 b8 1e<br>27 bf b4 41<br>11 98 5d 52<br>ae f1 e5 30 | d4 e0 b8 1e<br>bf b4 41 27<br>5d 52 11 98<br>30 ae f1 e5 | 04 e0 48 28<br>66 cb f8 06<br>81 19 d3 26<br>e5 9a 7a 4c | a0 88 23 2a<br>fa 54 a3 6c<br>fe 2c 39 76<br>17 b1 39 05 |
| 2            | a4 68 6b 02<br>9c 9f 5b 6a<br>7f 35 ea 50<br>f2 2b 43 49 | 49 45 7f 77<br>de db 39 02<br>d2 96 87 53<br>89 f1 1a 3b | 49 45 7f 77<br>db 39 02 de<br>87 53 d2 96<br>3b 89 f1 1a | 58 1b db 1b<br>4d 4b e7 6b<br>ca 5a ca b0<br>f1 ac a8 e5 | f2 7a 59 73<br>c2 96 35 59<br>95 b9 80 f6<br>f2 43 7a 7f |
| 3            | aa 61 82 68<br>8f dd d2 32<br>5f e3 4a 46<br>03 ef d2 9a | ac ef 13 45<br>73 c1 b5 23<br>cf 11 d6 5a<br>7b df b5 b8 | ac ef 13 45<br>c1 b5 23 73<br>d6 5a cf 11<br>b8 7b df b5 | 75 20 53 bb<br>ec 0b c0 25<br>09 63 cf d0<br>93 33 7c dc | 3d 47 1e 6d<br>80 16 23 7a<br>47 fe 7e 88<br>7d 3e 44 3b |





# System Architecture





## Design Timing Summary

| Setup                                | Hold                             | Pulse Width                                       |
|--------------------------------------|----------------------------------|---------------------------------------------------|
| Worst Negative Slack (WNS): 1.024 ns | Worst Hold Slack (WHS): 0.013 ns | Worst Pulse Width Slack (WPWS): 2.750 ns          |
| Total Negative Slack (TNS): 0.000 ns | Total Hold Slack (THS): 0.000 ns | Total Pulse Width Negative Slack (TPWS): 0.000 ns |
| Number of Failing Endpoints: 0       | Number of Failing Endpoints: 0   | Number of Failing Endpoints: 0                    |
| Total Number of Endpoints: 27879     | Total Number of Endpoints: 27764 | Total Number of Endpoints: 9368                   |

All user specified timing constraints are met.

| Utilization |             | Post-Synthesis |               | Post-Implementation |
|-------------|-------------|----------------|---------------|---------------------|
|             |             |                |               | Graph   Table       |
| Resource    | Utilization | Available      | Utilization % |                     |
| LUT         | 8627        | 63400          | 13.61         |                     |
| LUTRAM      | 1010        | 19000          | 5.32          |                     |
| FF          | 10570       | 126800         | 8.34          |                     |
| BRAM        | 53          | 135            | 39.26         |                     |
| IO          | 58          | 210            | 27.62         |                     |
| BUFG        | 10          | 32             | 31.25         |                     |
| MMC         | 1           | 6              | 16.67         |                     |

# Data Flow

FPGA Gateway (192.168.1.10)



# Packet Format

## Byte 0 — Packet type (plaintext)

| Value | Meaning       |
|-------|---------------|
| 0x01  | Sensor report |

## Bytes 1-16 — Encrypted sensor payload

After decryption with the pre-shared key, the 16-byte block has this layout:

| Byte(s) | Field        | Format         | Description                      |
|---------|--------------|----------------|----------------------------------|
| 0       | Sequence     | u8             | Counter (0-255)                  |
| 1-2     | LED state    | Big-endian u16 | Current output state of 16 LEDs  |
| 3-4     | Switch state | Big-endian u16 | Current state of 16 DIP switches |
| 5       | Button state | Bits [4:0]     | Current state of 5 push buttons  |
| 6-7     | Temperature  | Big-endian u16 | ADT7420 raw 13-bit               |
| 8-9     | Accel X      | Big-endian s16 | ADXL362 X-axis 12-bit            |
| 10-11   | Accel Y      | Big-endian s16 | ADXL362 Y-axis                   |
| 12-13   | Accel Z      | Big-endian s16 | ADXL362 Z-axis                   |
| 14-15   | Reserved     | Zero           | Available for future sensors     |

# DEMO

Lets see it in action!



# Final Remarks

