214 The International Arab Journal of Information Technology, Vol. 19, No.

2, March 2022

IoT Security Using AES Encryption Technology

based ESP32 Platform
Mohammad Al-Mashhadani Mohamed Shujaa
Department of Computer Engineering, Department of Computer Engineering,
Middle Technical University (MTU), Iraq Middle Technical University (MTU), Iraq
[email protected] [email protected]

Abstract: The Internet of Things (IoT) is one of the most important modern technologies that have attracted the most
interesting areas of life, whether industrial, academic, or other, in recent years. The main goal is to integrate the physical
world with the digital world through a seamless ecosystem, and this constitutes a new era for the Internet. This technology
provides high commercial value to enterprises as it provides many opportunities in many applications such as energy, health,
and other sectors. However, this technology suffers from many security problems, as it is considered the biggest challenge due
to its complex environment and the limited resources of its devices. There is a lot of research to find successful security
solutions in IoT, in this research, a proposed solution to secure IoT systems using Advanced Encryption Standard (AES)
technology is achieved. Some sensors were linked as an example of the Internet of Things. The data is received by the card
created and developed by Espressif Systems (ESP32) module, where its encrypted then sends to the internet site through an
authorized person to be received from anywhere, and it is also possible to receive it via a published IP which is announced
within the internal network of the ESP32 device module. The decryption part is proposed at last to find out the true values of
the sensors. The proposed approach shows good secured and balanced results at the end.

Keywords: ESP32, IoT Security, secure boot, AES.

Received May 27, 2021; accepted September 9, 2021

https://doi.org/10.34028/iajit/19/2/8

1. Introduction IoT technology can be one of three types:

Internet of Things (IoT), works to provide various  Directed via the Internet which, means that it works
services by linking people on the one hand with as an intermediary program.
sensors IT components and actuators on the other  Object-oriented means that it provides the ability of
hand, these services are widely used. Also, the number sense.
of connected devices in the Internet of Things is
 Semantic vector and this type allow access to
increasing tremendously. Whereas in 2015, nearly 15
knowledge, and this type depends on the working
billion devices were connected, and in 2019 they
principles of a specific application. A mixture of
reached nearly 26 billion, and the number may reach
types or just the independent Internet of Things can
about 75 billion devices by 2025, and the Internet of
be used to build smart applications aimed at solving
things market around the world has doubled since
problems in everyday life [4].
2016, and forecasts estimate. Whereby 2020 it could
reach about $ 457 billion [7]. To ensure IoT security, the following objectives must
With the exponential growth of IoT, there is a be met:
growing problem of security threats. There are some
 Confidentiality: (protecting data from unauthorized
reasons that make devices connected to the Internet of
disclosure).
things vulnerable to these threats and attacks,
 Safety: (ensuring cannot be modified that data if not
including:
obtained prior permission).
 An attacker can have physical access to these  Availability: (ensure access to data as needed).
devices, as most of them operate without human
To ensure confidentiality, encryption algorithms are
intervention.
used. To ensure safety, Message Authentication Code
 Attackers can eavesdrop on these devices because
(MAC) devices and digital signatures are used.
they are linked to wireless networks among
Availability cannot be provided through encryption
themselves.
techniques.
 These devices do not support complex security There are many areas of cybersecurity in the
algorithms due to the nature of their installation, Internet of Things. Cryptography is an important
which depends on a low power level, as well as for technology used to secure data and transactions in the
the low computational capabilities [21].
IoT Security Using AES Encryption Technology based ESP32 Platform 215

Internet of Things. than coding techniques. These solutions are better

For encryption, themost commonly used algorithms suited to face scalability problems as compared to
are Advanced Encryption Standard (AES) for encryption methods, as these solutions operate in a
symmetric encryption, Rivest Shamir Adleman (RSA) decentralized environment [15].
for asymmetric encryption, and for a digital signature
algorithm, the Digital Signature Algorithm (DSA) or
ECDSA (elliptic curve DSA) is used [7].
The AES: is one of the methods used to achieve
privacy and confidentiality of data that is transferred
over various computer networks.
The AES algorithm is one of the most widely used
and symmetric block cipher algorithms used
worldwide. This algorithm includes a special structure
for encryption and decryption of sensitive data. It is
possible to implement AES in software or hardware.
This algorithm is implemented on devices to meet the
speed, security and throughput requirements of
communication systems used in modern applications.
Moreover, it is very difficult for hackers to get the
original data when encrypting with this algorithm. So Figure 1. Two main classes of solutions.
far, there is no evidence that this algorithm is broken.
The AES algorithm has the ability to handle three 1.1.2. Applications and Challenges in the Internet of
different key sizes (128, 192, and 256) bits [2, 12]. Things
AES-128 encryption is implemented on the ESP32
card, as this chip has many advantages as it includes Many applications have improved due to the Internet
Wi-Fi and Bluetooth as well as a 32-bit CPU, a number of things in various fields, such as healthcare, smart
of General Purpose Input/Output (GPIOs), and support cities, smart homes, smart networks, in addition to
for a variety of protocols such as SPI (Serial Peripheral other industrial applications. However, the introduction
Interface), Inter-Integrated Circuit Protocol (I2C), of IoT devices as well as restricted IoT technologies in
Universal Asynchronous Receiver-Transmitter such sensitive applications leads to new privacy and
(UART), and it is designed to support the work of many security challenges. Figures 2 and 3 illustrate
projects Internet of things. some of the applications and challenges [15].

1.1. Internet of Things Solutions and

Applications
1.1.1. Classification of Security Solutions in the
Internet of Things
Since the issue of security is one of the most important
problems that researchers focus on in the topic of the
Internet of things, there are many proposals aimed at
addressing these problems. Solutions can be classified
from an architectural point of view in the Internet of
Things, as shown in Figure 1, into two main classes of Figure 2. IoT challenges.
solutions:
 Classical Approaches: Includes solutions of
cryptographic based technologies specifically
designed for IoT connections or adapted from
wireless sensor networks or Machine to Machine
(M2M) connections. It is worth noting that most of
these solutions work in a centralized environment,
meaning that we have reliable central entities that
can ensure the proper performance of security
services. Cipher tools are divided into symmetric or
asymmetric techniques.
 Emerging new security solutions: This category
includes solutions based on new technologies other Figure 3. IoT application.
216 The International Arab Journal of Information Technology, Vol. 19, No. 2, March 2022

1.2. Advanced Encryption Standard (AES) increasing security and privacy.

1.2.1. Why AES Algorithm?
3. Related Work
 AES algorithm is trusted as a standard by the US
government as well as many institutions.  Kodali and Soratkal [14], proposed a mechanism
 AES is the most widely used, and most popular linking the MQTT (Message Queuing Telemetry
today. Transport) to the ESP8266 chip, and they also relied
on open source code in this system, for remote
 Compared to Triple Data Encryption Standard
monitoring in the smart home application. Also, no
(TripleDES), it is more than six times faster.
safety and protection technology was applied, and
 In terms of cyber security, AES is the most accepted
the proposed system was run on the computer to
encryption standard in the world.
reduce the security risks.
 It is used in messaging applications such as Signal
 Nandhini and Vanitha [16]. He proposed a new,
and Whatsapp, computer platforms such as
lightweight and compact hybrid coding technology
VeraCrypt, and other commonly used technologies.
through the use of Faster Bit Switching instructions
 One key is used for encryption and decryption so with the S-box of PRESENT.
both sender and receiver have the same key.
 Abd Zaid and Hassan [1]. They proposed a modified
 The key sizes are suitable for securing classified algorithm for AES with a lightweight problem, the
data to a satisfactory confidentiality level. mixed column process was combined in this
 Although it is highly efficient in 128-bit format, it proposal with the process of adding around key in
also uses (192 and 256) bit keys to encrypt heavy- one cycle, and they also modified the shift row
duty tasks. process to shift rows and shift columns, and the
 AES can largely be considered impervious to all result was that the number of rounds was reduced to
attacks, except for brute force, which attempts to six Only, this proposed algorithm passed statistical
decrypt messages using all possible combinations of tests at a higher speed than the AES standard, and it
128, 192 or 256-bit encryption [19]. is also applicable to IoT resources.
 Parida et al. [17]. They proposed designing a system
1.2.2. Evaluation Criteria
that monitors (air quality, temperature, and
The criteria used by National Institute of Standards and humidity) in real-time using the Internet of Things
Technology (NIST) are three important criteria, sent by (IoT), and the data received is stored on the Thing
experts to evaluate algorithms, that were the reason for Speak cloud. This data can then be utilized and
introducing the AES algorithm, these criteria are: analyzed in different applications, and the ESP8266
chip was used to transfer data from sensors to the
 Security: This algorithm has a high ability in the
cloud. In this paper, it is noted that there is no focus
matter of data protection, as the main objective of
on the security aspect of the Internet of Things, in
the algorithm was to improve the security problem
addition, that the use of ESP32 is better and more
in the DES algorithm.
efficient than ESP8266.
 The cost: Also, one of the main goals of this
 Hussein and Shuja [11] they suggest encoding and
algorithm was to improve the low performance of
decoding secure messages between nodes via
the DES algorithm Therefore, it has high
MQTT protocols using a one-time board as well as
computational efficiency and uses a very wide range
DNA (Deoxyribose Nucleic Acid) computing
of applications.
techniques. The messages produced by the sending
 Implementation characteristics: NIST has evaluated node are encrypted and the message is decoded and
some important aspects of the algorithms, namely rearranged by the receiving node.
the simplicity, flexibility, and suitability of the
 Khoa et al. [13], they proposed a mechanism to
algorithm to the diversity of applications [2].
improve IoT security efficiency by using the SHA-
256 (Secure Hash Algorithm 256-bit). This
2. Problem Statement mechanism is represented by encrypting the user
Most of the problems and challenges with the Internet name, along with a password and a code, to
of Things are privacy and security. Due to its extreme authenticate a specific device with a web server, and
complexity and the very large number of beneficiaries a monitoring system has been put in place that
of this technology, as well as the increase in specific allows remote control of IoT devices.
applications, in addition to the fact that the
technologies that work with it are constantly changing. 4. Proposed System
Therefore, it is necessary to find successful and
A group of sensors were connected to represent the IoT
appropriate solutions for the development of this
part, and these sensors (DH11 temperature
technology and at the same time contribute to
andhumidity sensor, ultrasound sensor, and LED
IoT Security Using AES Encryption Technology based ESP32 Platform 217

lights) were linked to the ESP32, the ESP32 chip 4.1.2. ESP32 SoC ( Block Diagram)
receives and encrypts the data, and then this data is
The ESP32 SoC shown in the figure contains:
sent to the special internet page , where this page is
opened securely by a name and a password, the data is  12 Xtensa 32-bit cores (called PRO and APP CPU)
also published on the IP address within the local at 240MHz RTC13 subsystem with ULP.
Internet network linked to the ESP32 chip within the  530 KB SRAM and 448 KB ROM.
same service provider, after receiving the data it can be  FAST RTC SRAM (8 KB) and SLOW RTC SRAM
decrypted byusing the AES application on the Internet (8 KB).
and also as an application on a mobile devices, to  eFuse memory (1 KB).
know the real values of the data received, and in this  Built-in radios: Bluetooth Low power radios,
way it will be difficult to know the real values in the Bluetooth 4.2, and Wi-Fi 802.11 / b / g / e / I.
event that someone can access the information page to  Surround input/output: UART, SPI, Ethernet, I2C,
steal the data, because he will need to know the ADCs, DAC, capacitive Touch sensors, PWM
algorithm used for encryption and also the key used in (Pulse-width modulation), etc.
this method, and in this way security can be strongly  Contains that optional Flash Two built-in chip
achieved and the information is protected, Figure 4 variants included Flash-ESP32-PICO-D4 with
show this design. (4MB) and ESP32-D2WD with (2MB).
 HW Encryption Accelerator with AES,SHA-
256,RSA, and RNG. See Figure 6 [22].

Figure 4. Proposed design.

4.1. ESP32 Module

4.1.1. Overview
ESP32: A combined 2.4GHz Wi-Fi and Bluetooth
Figure 6. Esp32 SoC (Block Diagram).
chip, built with 40nm ultra-low-power
TSMCtechnology. This is to achieve the best 4.1.3. Pin Description
performance in addition to the Radio Frequency (RF)
performance, and is characterized by reliability, There are 39 pins on the ESP32, 34 of which are used
durability, and versatility in a variety of power as GPIO and the rest are for input only. This ESP32
scenarios and applications [6]. ESP32 series chips chip supports 18 channels for 12-bit ADC as well as 2
include ESP32-D0WD-V3, ESP32-D0WDQ6-V3, channels for 8-bit DAC. The IT has 16 channels that
ESP32-D0WD, ESP32-D0WDQ6, ESP32-D2WD, generate a PWM signal and 10 GPIO pins support the
ESP32-S0WD, ESP32-U4WDH, including ESP32- capacitive touch feature. Also, ESP32 has a
D0WD-V3 and ESP32-D0WDQ6 based The ESP32- multiplexing feature, through this feature the
U4WDH is on the ECO V3 chip, See Figure 5 [5]. programmer can configure any GPIO pin for serial
communication or PWM by programming it. (ESP32)
supports (2) I2C interfaces, (3) SPI interfaces, and (3)
UART interfaces, and supports CAN (Controller Area
Network Protocol) [12].
a) UART interface: esp32 contains three pairs of Rx
and Tx pins that support UART interfaces for TTL
(Transistor–transistor logic) connections. These pins
can be dealt with by software, and any GPIO pin
Figure 5. Esp32 WROOM-32S.
218 The International Arab Journal of Information Technology, Vol. 19, No. 2, March 2022

can be used as aUART by programming it. 4.2. IoT Sensors

b) External interrupt: Since the ESP32 has a
multiplexing feature, any GPIO pin can be 4.2.1. DHT11-Humidity and Temperature Sensor
programmed if we want to use it as an interrupt pin. Specification
c) GPIO23(MOSI), GPIO19(MISO), GPIO18(CLK), a) The operating voltage is: 3.5 to 5.5 V.
GPIO5(CS): Can be used for SPI communication. b) The operating current is: 0.3 mA ( measuring) and
Since the ESP32 has (2) setsof SPI's this is the first 60 µA (standby).
d) GPIO13(MOSI), GPIO12(MISO), GPIO14(CLK), c) O/P: serial data.
GPIO15 (CS): Can be used for SPI communication. d) Temperature Range : 0ºC to 50ºC.
This is the second group that the ESP32 from SPI. e) Humidity Range: from 20% to 90%.
e) GPIO21 (SDA- Serial Data Line), GPIO22 (SCL- f) Resolution: (Humidity and Temperature)16-bit.
Serial Clock Line-): ESP32 uses these two pins for g) Accuracy: ( ±1ºC) and (±1% ).
IIC connections through the Wire library.
Figure 8 shows the shape of the sensor, and Table (2)
f) Reset Pin: Used for resetting in the ESP32 chip is
shows the Pin Configuration [9].
the enable pin When LOW it will reset the console.
These posts and pins are shown in Figure 7.

Figure 8. DHT11 sensor.

Table 2. Pin Configuration and identification.

No: Pin Name Description
DHT11 Sensor
1 VCC Power supply 3.5v to 5.5 v
Outputs both Humidity and Temperature through
2 Data
serial Data
3 NC No Connection.
4 Ground It connects with the ground in the circuit
DHT11 Sensor module
1 VCC Power supply 3.5v to 5.5 v
Outputs both Humidity and Temperature through
2 Data
serial Data
3 Ground It connects with the ground in the circuit

4.2.2. HC-SR04 Ultrasonic Sensor specification

a) The operating voltage is: +5v.
Figure 7. Pins descriptions. b) Theoretical measuring to distance: from (2cm) to
(450 cm).
4.1.4. ESP32 VS ESP8266
c) Practical measuring to distance: from 2cm to 80cm.
The ESP32 chip has some advantages that make it d) Accuracy: 3mm.
superior to the previous version (ESP8266) as shown e) Measuring angle covered: <15º.
in the Table (1), [18]: f) The operating current is: <15mA.
g) The operating frequency is:40 Hz.
Table 1. Comparison between Esp 32 and Esp 8266.
No. Attribute Esp 8266 Esp 32 Figure 9 shows the shape of the sensor and Table (3)
1
Voltage/Current
3.3V/ 10uA ~ 170mA
3.3V / 10uA ~ shows the Pin Configuration [10].
consumption 260mA
Xtensa® Dual-Core
Processor/ Processor Xtensa® Single-Core 32-bit 32-bit LX6 600
2
speed L106/ 80-160MHz DMIPS / Dual
160MHz
3 GPIO 17 36
4 SRAM 160kB 512kB
Hardware / Software
5 0/8 channels 1/16 channels
PWM
6 A / D converter 1x10bit 7x12bit
7 Max TCP 5 16
8 Support 802.11 b/g/n/d/e/i/k/r 11b / g / n / e / i
SPI / I2C / I2S /
9 2/1/2/2/0 4/2/2/3/0
UART / CAN
10 Bluetooth --- Bluetooth 4.2 Figure 9. HC-SRO4 ultrasonic sensor.
11 MAC interface --- 1
IoT Security Using AES Encryption Technology based ESP32 Platform 219

Table 3. Ultrasonic sensor pin configuration. depends on the length of the key [23].
No Pin Name Description
1 VCC Power supply + 5 v 4.3.2. Description of the AES Algorithm
A trigger pin is an i/p pin that has to be kept
2 trigger high for 10µs for initialize measurement by 1. Key Expansions- Round keys are derived from the
sending as a wave.
The echo pin is an o/p pin. This pin also goes
cipher key using the Rijndael key table. AES
high for some of the time that will be the same requires a separate 128-bit round key block for each
3 Echo
as the time taken for the wave to return back to round plus one more. Figure (10) illustrates how this
sensor.
algorithm work
4 Ground It connects with the ground in the circuit
2. Round Primary: Add Round Key-Each byte of the
state is combined with a round key block using
4.3. Advanced Encryption Standard (AES) bitwise xor.
Cryptography 3. Both the encryption and decryption processes
4.3.1. (AES) Specifications require a number of rounds, the number of rounds
depends on the length of the key used in encryption
AES Algorithm: It is a symmetric key block cipher and decryption, in the research paper we used a key
technology used for encryption/decryption. This length (128 bits) so this algorithm needs 10 rounds
technology uses 128, 192, and 256-bit encryption keys to perform the encryption or decryption process, and
to encrypt/decrypt 128-bit data blocks. In this paper, in each round of them Four operations are
we used a 128-bit key length for performed, except for the last round in which three
encryption/decryption. Using a 128-bit encryption key operations are performed as described below.
in this algorithm provides high security because an
encryption key of this length is difficult to crack. As a) Rounds: (1-Sub Bytes, 2-Shift Rows,3-Mix
the estimated time required to break this key is years. Columns, 4-Add Round Key).
The AES algorithm consists of the original key, b) Final Round (1-Sub Bytes, 2-Shift Rows, Add
metadata, and ten rounds (128 bits). The user gives the Round Key) [23].
original key and raw data randomly. In this algorithm As for the decryption process, the operations that are
there are nine rounds, four operations are performed on executed in each round are:
the data in each of these nine rounds in the two states
of encoding and decoding. a) Rounds: (1-InvSubBytes, 2-InvShift Rows, 3-
In the case of encryption, the operations that are InvMix Column, 4-Add Round Key).
performed are: byte substitution (S-box), ShiftRows, b) Final Round: (1-InvSub Bytes, 2-InvShift Rows, 3-
MixColumns, and add round key. In the tenth (last) Add Round Key)
round, the same operations are performed except for
4.3.3. Substitute
the MixColumns transformation.
In the case of decryption, the previous operations (Sub Bytes and InvSub Bytes) are the first operation in
each run of execution, in which each byte of the state is
replaced by a byte of nonlinear S-box and Inverse-S-
box, to find the replacement value, the intercept must
be used in the table. Sub Bytes and InvSub Bytes are
used to hide the relationship between plain text and
ciphertext [2, 3] see in Figure (11).

Figure 10. Description of the AES algorithm.

Are performed in reverse, the reverse operations are

more complex compared to the same operations in the
encryption. The number of rounds in this algorithm Figure 11. Substitute byte transformation.
220 The International Arab Journal of Information Technology, Vol. 19, No. 2, March 2022

4.3.3.1. Shift Rows 5. Result and Discussion

In this process, the state bytes are periodically shifted Praise be to God, the program was implemented on the
to the left for every row except for the first row of the design shown in Figure 4, noting that only the encoded
state array. One byte in the second row is shifted values or the original and encrypted values can be sent.
circularly to the left. 2 bytes are shifted to the left in The data was received from the sensors via the ESP32
the third row. In the fourth (last) row, the shift is three chip, where the AES 128bit algorithm was used to
bytes to the left [20]. In this process, the size of the encrypt the data and display it on the Serial Monitor in
new state is not changed and remains the same as the the Arduino program, and the data was sent to the
original 16-byte size, but the change is in the location cloud on Thing Speak and Firebase, in addition to
of the bytes, As for the InvShiftRows operation during publishing it on a local IP address through which Web
decryption, it is done in the same way but in the screen display including data values with the ability to
opposite direction. as in Figure (12) [8]. control 2 LEDs.
The results we obtained can be compared with some
related previous works as follows:
For example in [14] the ESP8266 and MQTT for
remote monitoring are integrated into a smart home.
However, no IoT security mechanism has been
implemented. In addition, ESP8266 is less efficient
than ESP32. In [17] the data from sensors is received
by ESP8266 and stored in the cloud, without using IoT
security mechanism. In addition, ESP8266 is less
efficient than ESP32. In [13] a remote home control
Figure 12. Shift Row for encryption and decryption. system was designed and implemented, as an example
of the Internet of Things, where a set of sensors are
4.3.3.2. MixColumn
connected, and information is received through
In (MixColumns and InvMixColumns) the state matrix ESP8266, in addition to using a security mechanism
column is multiplied by a constant matrix C (x), as in (SHA256).
Figure (13), the value of the matrix (B), in both the As for the results we obtained in this paper, they can
encoding and decoding process. is the product of [A] be presented as follows:
and a constant [C (x)], the only difference between the
 Figure 15: representing the serial interface of the
two operations is the value of [C(x)], as in equation (1)
for encryption, and (2) for decryption [8]. Arduino program, shows the sensor data, as well as
its value after encoding, and its value after
decoding, to ensure that the encryption algorithm
works correctly, and also shows the status of the
lights, as well as the IP address of the internal
network.

Figure 13. MixColumn multiplied by C(x).

4.3.3.3. Add Round Key

Works in both encryption and decryption in the same
way. 128 bits are added from the generated key, as in
Figure (14) [8].

Figure 15. Result in serial arduino.

Figure 14. Add Round Key operation adds 128-bit.
 Figure 16, shows the receipt of sensor data from a
IoT Security Using AES Encryption Technology based ESP32 Platform 221

web page that can be accessed from any site in the the sensor data on the mobile device, and it also
world by the person who has access. The data that displays its value after encryption, and the ability to
appears on this page may be limited to encrypted control the illumination of two lights. This interface
data, or other data may be added to it. is accessed via IP.

Figure 16. Data sensors on Firebase web page. Figure 18. Data sensors on mobile.

 Figure 17, shows receipt of data on a website  In Figure 19, we have verified the authenticity of
“Things peak .The validity of the encrypted data the original and encrypted data received through a
was verified by applying the AES algorithm on the special application for the AES algorithm to
Internet as a site that implements this algorithm demonstrate the design idea, which is the receipt of
after entering the data necessary for encryption. data in an encrypted form and then it is entered
through an application with the key used in
encryption to obtain the original values of the data,
to keep it from being stolen. And to ensure the
confidentiality of information.

Figure 19. Crypt and decrypt of sensor data through an online

application.

6. Conclusions
Figure 17. Data sensors on things peak web page.
In this design, a mechanism was implemented that
 Figure 18, shows the receipt of the original value of
222 The International Arab Journal of Information Technology, Vol. 19, No. 2, March 2022

works to enhance and strengthen the security of the no. 1, pp.1035, 2020.
Internet of Things, by using the ESP32 platform to [12] Inamdar A., “ESP32-S2-Security Features,” The
implement the encryption algorithm AES, and the ESP Journal, https://medium.com/the-esp-
design was also implemented on some sensors to Journal/esp32-s2-security-improvements-
represent the IoT part of the smart home or any other 5e5453f98590, Last Visited, 2020.
application. We chose the temperature, humidity, [13] Khoa T., Nhu L., Son H., Trong N., Phuc C.,
distance and control sensor with two lights. Phuong N., Dung N., Nam N., Chau D., and Duc
This design can be applied to protect and secure the D., “Designing Efficient Smart Home
incoming data from the Internet of Things, due to what Management with Iot Smart Lighting: A Case
the ESP32 chip provides from dealing with IoT, as Study,” Wireless Communications and Mobile
well as the strength provided by AES technology in Computing, vol. 2020, pp.1-18, 2020.
protecting and securing the data received or sent. [14] Kodali R. and Soratkal S., “MQTT Based Home
Automation System Using ESP8266,” in
References Proceedings of IEEE Region 10 Humanitarian
Technology Conference, Agra, pp. 1-5, 2016.
[1] Abd Zaid M. and Hassan S., “Modification [15] Kouicem D., Bouabdallah A., and Lakhlef H.,
Advanced Encryption Standard for Design “Internet of Things Security: A Top-Down
Lightweight Algorithms,” Journal of Kufa for Survey,” Computer Networks. vol. 141, pp. 199-
Mathematics and Computer, vol. 6, no. 1, pp. 21- 221, 2018.
27, 2019. [16] Nandhini P. and Vanitha V., “A Study of
[2] Abdullah A., “Advanced Encryption Standard Lightweight Cryptographic Algorithms for IoT,”
(AES) Algorithm to Encrypt and Decrypt Data International Journal of Innovations and
Cryptography and Network Security,” Advancement in Computer Science, vol. 6, no. 1,
Ryptography and Network Security, vol. 16, pp. pp. 26-35, 2017.
1-11, 2017. [17] Parida D., Behera A., Naik J., Pattanaik S., and
[3] Choi I. and Kim J., “Area-Optimized Multi- Nanda R., “Real-time Environment Monitoring
Standard AES-CCM Security Engine for IEEE System Using ESP8266 and Thing Speak on
802.15. 4/802.15,” Journal of Semiconductor Internet of Things Platform” in Proceedings of
Technology and Science, vol.16, no. 3, pp. 293- International Conference on Intelligent
299, 2016. Computing and Control Systems, Madurai, pp.
[4] Chowdhury M., Ferdous M., Biswas K., 225-229, 2019.
Chowdhury N., Muthukkumarasamy V., “A [18] Postulka J., “Programming of ESP32
Survey on Blockchain-Based Platforms for IoT Microcontrollers,” 2020.
Use-Cases,” The Knowledge Engineering [19] Raghavan R., “https://acodez.in/data-encryption-
Review, vol. 35, 2020. Algorithms/,” and
[5] “ESP32 Series Datasheet,” Espressif Systems, https://blog.storagecraft.com/5-common-
Version 3.6, 2021. Encryption-Algorithms/, Last Visited, 2021.
[6] “ESP-IDF Programming Guide,” [20] Selmane N., Guilley S., and Danger J., “Practical
https://docs.espressif.com/projects/esp- Setup Time Violation Attacks on AES,” in
idf/en/latest/esp32/, Last Visited, 2020. Proceedings of 7th European Dependable
[7] Florin R. and Ionut R., “FPGA Based Computing Conference, Kaunas, pp. 91-96, 2008.
Architecture for Securing Iot with Blockchain,” [21] Shanmuganathan H. and Mahendran A.,
in Proceedings of International Conference on “Encryption based on Cellular Automata for
Speech Technology and Human-Computer Wireless Devices in Iot Environment,” The
Dialogue, Timisoara, pp. 1-8, 2019. International Arab Journal of Information
[8] Hamzah H., Ahmad N., and Ruslan S., “The 128- Technology, vol. 18, no. 3, pp. 347-355, 2021.
Bit AES Design by Using FPGA,” Journal of [22] Vacha M., “IoT Device Security on the ESP32
Physics: Conference Series, vol. 1529, no. 2, pp. platform,” Master's Thesis, Czech Technical
022059, 2020. University in Prague Computing and Information
[9] https://components101.com/sensors/dht11- Center, 2020.
temperature-sensor#, Last Visited, 2020. [23] Zhang J., Gao W., Li J., Tian X., and Dang H.,
[10] https://components101.com/sensors/ultrasonic- “High-Speed and High-Security Hybrid AES-ECC
sensor-working-pinout-datasheet, Last Visited, Cryptosystem Based on FPGA,” in Proceedings of
2020. IEEE International Conference on Signal,
[11] Hussein N. and Shujaa M., “DNA Computing Information and Data Processing, Chongqing, pp.
Based Stream Cipher for Internet of Things 1-6, 2019.
Using MQTT Protocol,” International Journal of
Electrical and Computer Engineering, vol. 10,
IoT Security Using AES Encryption Technology based ESP32 Platform 223

Mohammad Al-Mashhadani
graduate student (Master) in Middle
Technical University, Electrical
Engineering Technical College.
Iraq-Baghdad. majoring in
Computer Technology Engineering-
Holds a bachelor’s degree in the
same specialty in (2004).

Mohamed Shujaa Graduate of the

Polytechnic university of Bucharest,
Faculty of Electrical and Computer
Engineering (Computer Division)-
PhD in Neural Network, Polytechnic
university of Bucharest (2003), BSc.
Electrical & Computer Engineering
/Polytechnic University BUC. (1996), Absolvent of O
levels degree from British academic /Nairobi (1978),
Absolvent of A levels degree from British academic
/Nairobi (1988).