Next Article in Journal
A Data Transmission Algorithm Based on Triangle Link Structure Prediction in Opportunistic Social Networks
Previous Article in Journal
Planar-Equirectangular Image Stitching
Previous Article in Special Issue
Fusion Chain: A Decentralized Lightweight Blockchain for IoT Security and Privacy
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Electronics
Volume 10
Issue 9
10.3390/electronics10091127
Review Report
electronics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Design and Hardware Implementation of a Simplified DAG-Based Blockchain and New AES-CBC Algorithm for IoT Security

Electronics 2021, 10(9), 1127; https://doi.org/10.3390/electronics10091127
by Sung-Won Lee and Kwee-Bo Sim *
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Reviewer 3: Anonymous
Electronics 2021, 10(9), 1127; https://doi.org/10.3390/electronics10091127
Submission received: 1 April 2021 / Revised: 5 May 2021 / Accepted: 6 May 2021 / Published: 10 May 2021
(This article belongs to the Special Issue IoT Security and Privacy through the Blockchain)

Round 1

Reviewer 1 Report

The article is interesting and deals with a very current topic. In the first part, the authors present the blockchain structure based on DAG and the AES-CBC algorithm, and then describe the modification proposals in the scope of the DAG structure and the AES-CBC algorithm. This description is the weakest element of the article. The descriptions are very vague and incomprehensible. It is very difficult to understand the essence of the idea and operation of the described mechanism. The last part of the article presents a description of the experiments performed and the results obtained. Reading the description of the experiments slightly brings ideas closer to understanding the authors' ideas, but also has many shortcomings. 
 
I have some insights and comments. To help the reader and to improve
the quality of the manuscript I suggest to modify/consider the
following aspects:

Some figures are too big, especially Figures 1, 6, 9, 14 and 15.

Other insights:
l. 14 - should be "Acyclic"
l. 78 - should be "analysis "
section 3.2.1 - one has to decide whether the known elements (eg AES) should be described how they function or just their capabilities. The content of this section is very poorly described, and a reader who is unfamiliar with it will not be able to understand this subject. Additionally, the Figure 2 does not explain anything. It is not written what role the S-box and P-box play.
l.134-135 - For people who know CBC mode, this sentence does not add anything new, but for people who do not know CBC this sentence is completely incomprehensible.
l. 141 - DAG structure should probably be here 
l.160 - what does "is to be transmitted as "zero"" mean? 
l.170 - it is not understood why "through verification by up to nine clients". Is this the assumption of the presented method? 
l.171-186 - the paragraphs are completely incomprehensible. What is the meaning of the numbers in the row of Table 1? What does "n, E5, A (1,2,3) S6, D1" mean in this table? 
l.196-211 - this paragraph is also difficult to understand 
l.216-219 - why is introduced and why the timeout is set just in 5000 msec?
l.237 - This sentence is unclear. Do "two cipher keys and the initialization vector (IV)" together occupy 128 bits, or does each key separately have 128 bits? What is the relationship of these two 128-bit keys to the 192-bit ke1n, ke2n, and kTn keys? 
l.249-251 - the text is not clear. Too big a mental shortcut. It needs to be described in more detail. 
Figure 7 - how is orange Ke2n different from blue? What does "IV Refresh" mean? 
l.258 - Is the time of the day irrelevant? Or maybe we count the minutes from the beginning of the day, and not from the beginning of the hour? 
fomula (2) - If the same "ken" symbol appears on both sides of the equation, the remainder of the equation must be "1". I guess this formula is not about such an interpretation?
l.262 - which "ken" from formula (2) should be used? It from the right, from the left side of the formula (2) 
Figure 8 - What do the symbols Ki and Ko mean?
Figure 9 - The upper "IV" should be "IV old" and the lower "IV new". Shouldn't Ke0, ... Ke15 be marked as IVe0, ... IVe15 accordingly? 
l.283-290 - This probably does not need to be described, because these are well-known elements.
l.293-299 - Does it assume that all clients are always within range of the server? If so, for example for a WiFi connection, where the real range is about 150-200m, the sense of using the presented method is questionable. However, when we take into account other links, for example LoRa, then there will be a problem how to send messages to all nodes. 
Algorithm 1 - Instead of "Encrtypt_Message" it should be "Encrypt_Message" 
l.355-356 - I guess it should be Figure 12. 
l.360, l.367 - I guess it should be "PIR"
l.362 - "the cipher key was changed". Who is responsible for generating these keys? 
l.367 - The client generates one or several addresses? 
l.369 - "address“ A (4, 2, 8) ”was encrypted, and then the packet was encrypted again". Is the same key used for both encryption? If so, what is the point of that? 
l.355-378 - The word address is used in this part of the text. What is an address? Is 192.168.0.6 or A (4,2,8) or maybe “5, E5, A (9, 7, 1), S15, D1”? You need to name these elements precisely. 
Table 2 - paragraph 1,355-1,360 stated that customers in the 4th address octet have numbers 1-10, and in Table 2 these numbers are different. 
Table 5 - How was the power consumption measured in the experiments? 
l.459 - the title of the section should not be the last line on the page. 

Author Response

First of all, we sincerely thank you for your thoughtful comments to improve our paper.

[Comment]
I have some insights and comments. To help the reader and to improve the quality of the manuscript I suggest to modify/consider the following aspects:

[Q1] Some figures are too big, especially Figures 1, 6, 9, 14 and 15.
[A1] Figures 1, 6, 9, 14, and 15 were adjusted to appropriate sizes.

[Q2] l. 14 - should be "Acyclic“
[A2] "acyclic" in line 14 was corrected into "Acyclic."

[Q3] l. 78 - should be "analysis “
[A3] “Analysis” in line 80 was corrected into “analysis.”

[Q4] section 3.2.1 - one has to decide whether the known elements (eg AES) should be described how they function or just their capabilities. The content of this section is very poorly described, and a reader who is unfamiliar with it will not be able to understand this subject. Additionally, the Figure 2 does not explain anything. It is not written what role the S-box and P-box play.
[A4] According to the reviewer’s comment, the content of section 3.2.1 was wholly changed in the revision manuscript as follows.
[Correction of the manuscript]
The AES algorithm was established by the National Institute of Standards and Technology and is the first algorithm that has been approved for use in Top Secret by the US National Security Agency [24]. The AES algorithm is a symmetric key algorithm that uses the same key in encryption and decryption processes. A symmetric key algorithm refers to an algorithm that uses the same cipher key for encryption and decryption. The encryption structure is composed of a Substitution Permutation Network Structure (SPN) structure and a Feistel structure. The AES algorithm uses the SPN structure. Figure 2 shows the SPN structure. In Figure 2, S represents the substitution box (S-box), and P represents the Permutation box (P-box). As for the encryption process of the AES algorithm, ciphertexts are generated through many rounds of processes in S-box and P-box. S-box is a basic packet used for encryption, and its function realizes the non-linear substitution of data. The function of the P-box is changing the location of data. The SPN structure has a disadvantage that it must be designed to require an inverse function in the encryption and decryption processes but has an advantage that it can be designed more efficiently than the Feistel structure because encryption and decryption are possible at once without moving bits during the encryption process.

[Q5] l.134-135 - For people who know CBC mode, this sentence does not add anything new, but for people who do not know CBC this sentence is completely incomprehensible.
[A5] According to the reviewer’s comment, the content of Section 3.2.2 was wholly changed in the revision manuscript as follows, and Figure 3 was added.
[Correction of the manuscript]
The block encryption technology has five operating modes: Electronic CodeBook (ECB) mode, Cipher-Block Chaining (CBC) mode, Cipher FeedBack (CFB) mode, Output FeedBack (OFB) mode, and Counter (CTR) mode. The CBC mode is the most secure encryption method among block encryption operating modes and is the most commonly used. Figure 3 is a block diagram that shows the encryption and decryption processes in CBC mode. In the CBC operating mode encryption process, as shown in Figure 3(a), each block performs an XOR operation with the encryption result of the previous block before being encrypted, and in the case of the first block, the initialization vector (IV) is used. The decryption process in the CBC operating mode proceeds in the reverse order of the encryption process, as shown in Figure 3(b). However, since the first block does not have the encryption result of the previous block, the ciphertext and the initialization vector (IV) are XOR operated [25-26]. 

[Q6] l. 141 - DAG structure should probably be here 
[A6] Yes, you are right. Figure 4 (Structure of Simplified DAG-based Blockchain) was put in after the second paragraph of Chapter 4. In addition, the structure of the Simplified DAG-based Blockchain proposed in this paper (Figure 4) was drawn again simply.

[Q7] l.160 - what does "is to be transmitted as "zero"" mean? 
     (This sentence is moved to the line 177 in the revision manuscript.)
[A7] The structure of the Simplified DAG-based Blockchain proposed in this study was implemented so that the client transmits data directly to the server because the effect of the proposed algorithm does not appear much in the case of a system consisting of four or fewer clients. Here, ‘zero’ has no special meaning and was used to mean that events that occurred in a random client (or node) are transmitted directly to the server without passing through other clients. 

[Q8] l.170 - it is not understood why "through verification by up to nine clients". Is this the assumption of the presented method? 
[A8] It is not an assumption. In the algorithm proposed in this paper, even if the number of clients increases, the number of clients of which the packets are verified is limited to 9 at the maximum. If the amount of data occurred in the client increases, overload, network delay, etc., may occur on the system. The value nine was found as the optimal value through many experiments.The sentence in that part has been modified as follows.“Even when the number of clients increases, the number of clients of which the packers are verified for transmission of data is limited to 9.”

[Q9] l.171-186 - the paragraphs are completely incomprehensible. What is the meaning of the numbers in the row of Table 1? What does "n, E5, A (1,2,3) S6, D1" mean in this table?
[A9] The content corresponding to lines 171~186 was wholly changed to lines 188~209 in the revision manuscript as follows, and the expression method in Table 1 was changed.
[Correction of the manuscript]
Table 1 shows the packet structure generated when an event occurs in a client. The packet structure is as follows. In the packet, Number 'n' is the cumulative sum of the values of octet 4, which is the 4th digit of the IP address of the clients where the events occurred, Event Client Address 'a' is the value of the octet 4, which is the 4th digit of the IP address of the client where the event occurred, Random Address 1'b', Random Address 2'c', and Random Address 3 'd' represent the values of the octet 4, which is the 4th digit of the IP addresses of three random clients where events occurred. In addition, Server Address ‘e’ is the value of octet 4, which is the 4th digit of the server's IP address, and Sensor data ‘f’ is the output value of the client (e.g., sensor) where the event occurred. Here, the IP address of the client where the event occurs at random is generated by referring to the addresses in the lookup table already registered in each client.For example, if a=5, b=1, c=4, d=2, e=6, f=11, the initially generated packet structure becomes [5, E5, A (1, 4, 2)., S6, D11]. After that, this packet is transmitted to the client whose IP address’ octet 4 value equals 1. The client that received this packet adds 1, which is the value of octet 4 of the client IP, to the 'n' position of the packet to create a new packet [6, E5, A (1, 4, 2), S6, D11], and transmits the new packet to the client of which the IP address’ octet 4 value equals 4. The client that received this packet adds 4, which is the value of octet 4 of the client IP, to the 'n' position of the packet to creates a new packet [10, E5, A (1, 4, 2), S6, D11], and transmits the new packet to the client of which the IP address’ octet 4 value is 2. The client that received this packet adds 2, which is the value of octet 4 of the client IP, to the 'n' position of the packet to create a new packet [12, E5, A(1, 4, 2), S6, D11] and transmits the new packet to the server.

[Q10] l.196-211 - this paragraph is also difficult to understand
[A10] The content corresponding to lines 196~211 was wholly changed to lines 221~249 in the revision manuscript as follows.
[Correction of the manuscript]
The server verifies the three packets received from the clients.There are two methods to verify the data. The first one is to check n=a+b+c+d in Table 1, and the second one is to compare the Sensor Data ‘f’ in Table 1 in the packets generated by individual clients (for example, sensor) where the event occurred with each other.Figure 5 shows an example of how a client where an event occurred transmits a packet to the server. This figure shows a case where an event occurred in Client 5. Let us assume that the three packets, which this client will transmit to other clients are as follows:packet 1: [5, E5, A (7, 2, 1), S15, D1]packet 2: [5, E5, A (9, 4, 8), S15, D1] packet 3: [5, E5, A (10, 6, 3), S15, D1]These packets were generated because an event occurred in Client 5 (a=5 in this case). Client 5 transmits packet 1 to a client of which the IP address’ octet 4 value is 7, packet 2 to a client of which the IP address’ octet 4 value is 9, and packet 3 to a client the IP address’ octet 4 value is 10. Packet 1 passes through b=7, c=2, d=1, which correspond to the value of octet 4 of the randomly generated client IP so that the Number of the packet transmitted to the server becomes n=a+b+c+d=5+7+2+1=15 and the packet received by the server becomes [15, E5, A (7, 2, 1), S15, D1]. Packet 2 passes through b=9, c=4, d=8, which correspond to the value of octet 4 of the randomly generated client IP so that the Number of the packet transmitted to the server becomes n=a+b+c+d=5+9+4+8=26 and the packet received by the server becomes [26, E5, A (9, 4, 8), S15, D1]. Packet 3 passes through b=10, c=6, d=3, which corresponds to the value of octet 4 of the randomly generated client IP so that the Number of the packet transmitted to the server becomes [24, E5, A (10, 6, 3), S15, D1].Since all the three packets mentioned above have the same front part n=a+b+c+d and have the same sensor data, f=D1, it can be seen that they were transmitted normally.If n=a+b+c+d is not valid in a packet due to hacking or other reasons, or sensor data 'f' does not coincide, the packet is discarded. In addition, if the data in the packet other than octet 4 of the client IP do not match in the packet received by the server, it will mean that the data have not been accurately transmitted. Therefore, this packet is also discarded. 

[Q11] l.216-219 - why is introduced and why the timeout is set just in 5000 msec?
[A11] Concerning this value, it was judged that 5000msec is the most appropriate response delay time from the server through many experiments. The time of 5000msec was set to prevent the system from going down due to overload on the server or the client when the network is delayed or the amount of data to be transmitted is momentarily increased.

[Q12] l.237 - This sentence is unclear. Do "two cipher keys and the initialization vector (IV)" together occupy 128 bits, or does each key separately have 128 bits? What is the relationship of these two 128-bit keys to the 192-bit ke1n, ke2n, and kTn keys? 
[Q12-1] l.237 - This sentence is unclear. Do "two cipher keys and the initialization vector (IV)" together occupy 128 bits, or does each key separately have 128 bits?
[A12-1] This part was incorrectly explained. The content was corrected follows in the line 274-277 of the revision manuscript.
[Correction of the manuscript]
Two cipher keys should be used for encryption and decryption of the proposed algorithm: ken (the current cipher key) and kTn (the cipher key in the immediately previous block). These cipher keys were identically set to 192 bits (24 bytes), and the initialization vector IV was set to 128 bits (16 bytes). 

[Q12-2] What is the relationship of these two 128-bit keys to the 192-bit ke1n, ke2n, and kTn keys? 
[A12-2] Ken is the current cipher key, and KTn is the cipher key in the immediately previous block. These cipher keys were identically set to 192 bits (24 bytes). The Ke1n is the cipher key created in Time Zone, Ke2n is the finally created cipher key, and KTn is the cipher key in the immediately previous block. In the corrected manuscript, the expressions of the cipher keys were changed from “Ke1n” to “ken” and from “K2en” to “K’en” (See Figure 8). 

[Q13] l.249-251 - the text is not clear. Too big a mental shortcut. It needs to be described in more detail. 
[A13] The content pointed out was corrected to the following sentence and moved to line 283 in the revised manuscript.
[Correction of the manuscript]
In Figure 8, the process of changing the ciphertext is as follows.[Step 1] Carry out shift operation of Ken (1) to output Ken (2).[Step 2] Carry out XOR operations of ken (2) output in Step 1 with the value obtained by shifting Ken (1) to the left bit by bit to output K'en(3).[Step 3] Change the new cipher key every minute using K'en(3) and Time Zone for changing encryption.

[Q14] Figure 7 - how is orange Ke2n different from blue? What does "IV Refresh" mean? 
[Q14-1] Figure 7 - how is orange Ke2n different from blue?
[A14-1] In the revised manuscript, the numbering of the Figure has been changed from 7 to 8, and the Figure has also been revised. There is no difference between orange Ke2n and blue Ke2n in the Figure. However, it was judged that it would be better to express the process of generating the cipher n key of Ke in a different color for the visual effect.

[Q14-2] What does "IV Refresh" mean? 
[A14-2] “IV Refresh” is a sort of initialization vector (IV) used in “CBC Operating mode”. The reason for using “IV Refresh” in Figure 8 is in the sense that the value of IV is changed every minute to further enhance security. 

[Q15] l.258 - Is the time of the day irrelevant? Or maybe we count the minutes from the beginning of the day, and not from the beginning of the hour? 
[A15] Yes, you are right. The time of the day is irrelevant because it was not used. Minutes are counted from the beginning of the day. If the day and time are used simultaneously, the cipher key may become too complex so that a long time may be taken in decryption. Minutes were used instead of hours to enhance security by changing the value of the cipher key every minute. 

[Q16] formula (2) - If the same "ken" symbol appears on both sides of the equation, the remainder of the equation must be "1". I guess this formula is not about such an interpretation?
[A16] The meaning of formula (2) is a formula that expresses the process of generating the cipher key Ke. There was an error in the formula, so the formula (2) was corrected in the revised manuscript.
In addition, the following sentence was added to line 299~301 in the revised manuscript.
[Correction of the manuscript]
In formula (2), Ken is the current cipher key, which is 192 bits, and (MM+mm) represents the month and minute, which is 8 bits. These two values ​​are XOR operated to generate a new cipher key, K'en.

[Q17] l.262 - which "ken" from formula (2) should be used? It from the right, from the left side of the formula (2) 
[A17] As for the answer to this comment, please refer to the above answer [A16].

[Q18] Figure 8 - What do the symbols Ki and Ko mean?
[A18] In the revised manuscript, the numbering of the Figure has been changed from 8 to 9. In Figure 9, Ki is the current cipher key and represents the input, and Ko is the new changed cipher key and represents the output.

[Q19] Figure 9 - The upper "IV" should be "IV old" and the lower "IV new". Shouldn't Ke0, ... Ke15 be marked as IVe0, ... IVe15 accordingly? 
[A19] The Figure was corrected according to the comment. In the revised manuscript, the numbering of the Figure has been changed from 9 to 10. In the corrected Figure 10, the upper left IV was expressed as old IV, the lower-left IV was expressed as new IV, and output IVs at the bottom were expressed as IVe0 ~ IVe15. 

[Q20] l.283-290 - This probably does not need to be described, because these are well-known elements.
[A20] I agree with your opinion. However, it is a brief explanation of the specifications of the Raspberry Pi used in the experiment of this study (thesis), so I think it is better to leave it as it is. Please understand our opinion.

[Q21] l.293-299 - Does it assume that all clients are always within range of the server? If so, for example for a WiFi connection, where the real range is about 150-200m, the sense of using the presented method is questionable. However, when we take into account other links, for example LoRa, then there will be a problem how to send messages to all nodes. 
[A21] Thank you for your good comment. As you mentioned, problems may arise when we consider other communication methods (LoRa, etc.). However, since we have conducted the study with the goal of building a system in the environment of Raspberry Pi (Linux), problems may occur with the part you mentioned. We will continue our study on the problems you pointed out.

[Q22] Algorithm 1 - Instead of "Encrtypt_Message" it should be "Encrypt_Message" 
[A22] Thank you. The content you pointed out was corrected.

[Q23] l.355-356 - I guess it should be Figure 12. 
[A23] Thank you. The content you pointed out was corrected. In the revised manuscript, the numbering of the Figure has been changed from 12 to 13.

[Q24] l.360, l.367 - I guess it should be "PIR"
[A24] Thank you. The content you pointed out was corrected.

[Q25] l.362 - "the cipher key was changed". Who is responsible for generating these keys? 
[A25] All clients and server can change the cipher key with an algorithm. In addition, cipher keys of all clients and server use the same time in order to synchronize.

[Q26] l.367 - The client generates one or several addresses? 
[A26] One client can generate up to nine different client IP addresses. If an event occurs on a client, three packets are created, and these packets contain octet 4 data from up to three different clients per packet.

[Q27] l.369 - "address“ A (4, 2, 8) ”was encrypted, and then the packet was encrypted again". Is the same key used for both encryption? If so, what is the point of that? 
[Q27-1] l.369 - "address“ A (4, 2, 8) ”was encrypted, and then the packet was encrypted again". Is the same key used for both encryption?
[A27-1] The answer to the question is as follows. To enhance security, first, the data of “A(4, 2, 8)” is encrypted by performing a left shift operation. After that, the entire packet is encrypted once more. The reason why the packet is encrypted is that the data contained in the packet may be hacked due to a hacker, and the packet should be encrypted once more to enhance security.
[Q27-2] If so, what is the point of that? 
[A27-2] The keys used for the two encryptions are different. If the same encryption key is used, there will be disadvantages that the structure of encryption/decryption will become complex, encryption/decryption will take a long time, and energy consumption will increase.

[Q28] l.355-378 - The word address is used in this part of the text. What is an address? Is 192.168.0.6 or A (4,2,8) or maybe “5, E5, A (9, 7, 1), S15, D1”? You need to name these elements precisely. 
[A28] Thank you for your detailed comments. ‘Address’, ‘packer’, ‘data’, and ‘actet’ were distinguished, and the address was carefully corrected. 

[Q29] Table 2 - paragraph 1,355-1,360 stated that customers in the 4th address octet have numbers 1-10, and in Table 2 these numbers are different. 
[A29] Thank you for your detailed comments. The numbers in the text and the numbers in Table 2 were matched.

[Q30] Table 5 - How was the power consumption measured in the experiments? 
[A30] In order to calculate the power, an oscilloscope and ammeter were used.We measure the voltage using the oscilloscope's trigger function because the voltage rises instantaneously when sending data.The current was measured with an ammeter, and power was calculated by multiplying the measured voltage by the current flowing through the client. At this time, the measured voltage and current are effective values.In our experimental system, one Raspberry Pi board is implemented as a client.

[Q31] l.459 - the title of the section should not be the last line on the page. 
[A31] Well noted. We will be careful when we edit the revised manuscript. Thank you.

Finally, we sincerely thank you for your thoughtful comments to improve our paper.

Reviewer 2 Report

Introduction

In their work, the authors present two solutions to solve a problem. One problem is named to simplify the conventional Directed Acrylic Graph-based blockchain structure. The other problem is not a solution to the problem, but simply a suggested one Advanced Encryption Standard - Cipher Block Chaining algorithm with enhanced security by periodically changing the secret key and initialization vector in the conventional AES-CBC encryption algorithm. The introductory part pays a lot of attention to one-way (hash) algorithms, with the notion that this is not enough to ensure security. However, the problem's theoretical part is not revealed that IoT-type devices have limited resources and capabilities to solve encryption tasks.

The introduction needs to be extended by forgiving the problem of why security needs to be increased, rather than simply stating the fact that it needs to.

 

DAG-based blockchain structure and AES-CBC algorithm

The third part reveals appropriately and reflects the basic principle of blockchain. It was probably necessary to put together a DAG-based structure and focus on the features of using IoT algorithms.

 

Proposed Simplified DAG-based Blockchain Structure

Understandably, you want to ensure security, which is why the Data Verification Method has been chosen. It will be difficult to repeat the experiment if the equipment and its technical parameter are different. This is just a note because so far it is only a principled method.

 

AES-CBC Algorithm and experiments

The use of this algorithm already well known in IoT devices. It is important to note that some of the results include slight variations across experiments with the same parameters when the TCP data is gathered. In the experiment, it's impossible to see measurements over encryption implementations, and there is consistently no variation between experiments. For measurements over encryption/decryption (based on the second experiment) implementations, it would be nice to see the standard deviations between experiments. Only marked the standard deviations through changing the secret key average time taken during encryption and decryption in conventional AES-CBC and proposed AES-CBC bars on these figures. But can hardly most of them be seen due to their small values.

 

Summary

The experiment is performed and can be applied to specific IoT type devices (Pi 3) with a specific processor. This will not apply automatically or globally to all type of IoT devices. Therefore, the experiment has a limitation in its use. Nevertheless, such an experiment is useful as it studies energy efficiency.

This paper's disadvantage is that there is no comparison of the proposed method with other methods of measuring encryption and security. Therefore, the proposal is to supplement the justification for the method's choice without touching on the experiment itself. And in the introduction to justify why the choice of one method or another can increase security in IoT devices.

Author Response

First of all, we sincerely thank you for your thoughtful comments to improve our paper.

Introduction

[Q1] In their work, the authors present two solutions to solve a problem. One problem is named to simplify the conventional Directed Acrylic Graph-based blockchain structure. The other problem is not a solution to the problem, but simply a suggested one Advanced Encryption Standard - Cipher Block Chaining algorithm with enhanced security by periodically changing the secret key and initialization vector in the conventional AES-CBC encryption algorithm. The introductory part pays a lot of attention to one-way (hash) algorithms, with the notion that this is not enough to ensure security. However, the problem's theoretical part is not revealed that IoT-type devices have limited resources and capabilities to solve encryption tasks.
[A1] As pointed out, this paper is a study conducted to enhance the security of low-power, ultra-light IoT systems. Therefore, the DAG-based Blockchain was simplified, and the AES-CBC algorithm was proposed to enhance security. Nevertheless, the security of IoT systems cannot but be vulnerable due to their various limitations. In this paper, a double encryption technique was used to solve this problem. The detailed description of this process can be explained as follows.To enhance security, first, the data is encrypted. After that, the entire packet is encrypted once more. The reason why the packet is encrypted is that the data contained in the packet may be hacked due to a hacker, and the packet should be encrypted once more to enhance security.This is explained in detail in Section 7 of the revised manuscript.

[Q2] The introduction needs to be extended by forgiving the problem of why security needs to be increased, rather than simply stating the fact that it needs to.
[A2] A reference paper on the necessity of security enhancement was added, and the following content was added to line 53~54 in the introduction.
[Correction of the manuscript]
In addition to these reasons, security should be enhanced due to problems such as new malicious codes and denial of service [6].[6] Towards Security Hardening of Scientific Demand-Driven and Pipelined Distributed Computing Systems

DAG-based blockchain structure and AES-CBC algorithm
[Q3] The third part reveals appropriately and reflects the basic principle of blockchain. It was probably necessary to put together a DAG-based structure and focus on the features of using IoT algorithms.
[A3] As the reviewer mentioned, Chapter 3 was the basic content to propose a DAG-based blockchain structure and AES-CBC algorithm suitable for the IoT to explain the existing method. Thank you for your excellent comment.

Proposed Simplified DAG-based Blockchain Structure
[Q4] Understandably, you want to ensure security, which is why the Data Verification Method has been chosen. It will be difficult to repeat the experiment if the equipment and its technical parameter are different. This is just a note because so far it is only a principled method.
[A4] Thank you for your good comment. As you mentioned, if the system is implemented using an embedded board, etc., instead of the Raspberry Pi board used in this study, problems such as difficulties in optimization during encryption and decryption may occur because the program methods are different by the board. However, please understand that we have conducted this study to build an ultra-lightweight and low-power IoT system in the environment of Raspberry Pi (Linux).

AES-CBC Algorithm and experiments

[Q5] The use of this algorithm already well known in IoT devices. It is important to note that some of the results include slight variations across experiments with the same parameters when the TCP data is gathered. In the experiment, it's impossible to see measurements over encryption implementations, and there is consistently no variation between experiments. For measurements over encryption/decryption (based on the second experiment) implementations, it would be nice to see the standard deviations between experiments. Only marked the standard deviations through changing the secret key average time taken during encryption and decryption in conventional AES-CBC and proposed AES-CBC bars on these figures. But can hardly most of them be seen due to their small values.
[A5] We fully agree with the opinions of the reviewer. Nevertheless, the experiment of this study carried out two types of measurement, that is,
(1) Measurement of the time taken for a packet sent from the client where the event occurred to reach the server through other clients (Figure 14)
(2) Measurement of the time taken for encryption and decryption and power consumption to show that the proposed algorithm is excellent compared to the conventional algorithms. Please see Figure 15 and 16 in the revised manuscript.
In addition, according to reviewer’s comments, in the experiment that compared conventional algorithms, the mean values, maximum values, minimum values, and standard deviations were simultaneously displayed for readability. Please see Table 6 and 7 in the revised manuscript.

Summary

[Q6] The experiment is performed and can be applied to specific IoT type devices (Pi 3) with a specific processor. This will not apply automatically or globally to all type of IoT devices. Therefore, the experiment has a limitation in its use. Nevertheless, such an experiment is useful as it studies energy efficiency.
[A6] As mentioned in answer to the previous comment, we think this study has achieved good results because it aims to enhance security in the Raspberry Pi environment and build ultra-light and low-power complementary IoT systems. However, we will continue to research this point in the future because various difficult problems can occur when using embedded boards or other equipment.

[Q7] This paper's disadvantage is that there is no comparison of the proposed method with other methods of measuring encryption and security. Therefore, the proposal is to supplement the justification for the method's choice without touching on the experiment itself. And in the introduction to justify why the choice of one method or another can increase security in IoT devices.
[A7] As the reviewer commented, we regret that we could not compare the proposed algorithm with various other security algorithms. It is often difficult or impossible to compare to other algorithms directly.Therefore, to show the superiority of the proposed algorithm, we compared and analyzed the proposed algorithm with the conventional AES-CBC.We would appreciate the understanding of this.

Finally, we sincerely thank you for your thoughtful comments to improve our paper.

Reviewer 3 Report

The paper analyzes the conventional DAG-based blockchain structure and proposes a new AES-CBC algorithm by periodically changing the secret key and initialization vector. Also, the authors go beyond the theory and provide measuremente results from an IoT system consisting of 10 clients and one server using raspberry pi. More details about the blockchain technology should be provided.
More references to related work using different distributed ledger technologies and use cases should be added, for example:
- Kietzmann, Peter, et al. "A Performance Study of Crypto-Hardware in the Low-end IoT." International Conference on Embedded Wireless Systems and Networks (EWSN). New York, USA: ACM. 2021.
- Aileni, Raluca Maria, et al. "IoMT: a blockchain perspective." Decentralised Internet of Things. Springer, Cham, 2020. 199-215.
- Elsayeh, Muhammad, et al. "CYBERSECURITY ARCHITECTURE FOR THE INTERNET OF MEDICAL THINGS AND CONNECTED DEVICES USING BLOCKCHAIN." Biomedical Engineering: Applications, Basis and Communications (2021): 2150013.

Author Response

First of all, we sincerely thank you for your thoughtful comments to improve our paper.

[Q1] The paper analyzes the conventional DAG-based blockchain structure and proposes a new AES-CBC algorithm by periodically changing the secret key and initialization vector. Also, the authors go beyond the theory and provide measuremente results from an IoT system consisting of 10 clients and one server using raspberry pi. More details about the blockchain technology should be provided.More references to related work using different distributed ledger technologies and use cases should be added, for example:
[A1] We have added 'three references' you recommended to the 'references' of our revised manuscript and added contents to the 'introduction' of the revised manuscript.The content on reference [5] was added to line 53; references [7] and [8] have been added to line 55 of the introduction.

Reference 1: “A Performance Study of Crypto-Hardware in the Low-end IoT”  
 [Abstrct] Comprehensive resource analysis was carried out for basic elements of encryption widely used in various off-the-shelf IoT platforms, and the effects of the performance of encryption hardware were quantified. 

Reference 2 : “IoMT: a blockchain perspective.”
[Abstract] In the medical system, the blockchain is based on a P2P networked computer that can optimize the efficiency of the Internet of Things (IoT) and ensure full connectivity of medical equipment.

Reference 3: “CYBERSECURITY ARCHITECTURE FOR THE INTERNET OF MEDICAL THINGS AND CONNECTED DEVICES USING BLOCKCHAIN” 
[Abstract] Hospitals and medical institutions share data collected using blockchains. After reviewing the innovation behind the blockchain, they propose IoMT-based security architectures that utilize the blockchain to ensure the security of information transmission between related nodes. 

Finally, we sincerely thank you for your thoughtful comments to improve our paper.

Round 2

Reviewer 1 Report

The authors took into account most my reservations about the paper signaled in my previous review and made corrections. 

I also have the following observations: 

Q1. I have the feeling that I was misunderstood in Q.6 in the first review. My point there is that probably in the phrase "Unlike the DEA structure" the abbreviation "DAG" should be used. 

Q2. A new Figure 3 has appeared in the new version of the article. This figure illustrates the problem well, but its content is very similar to the figure available at: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_block_chaining_(CBC), and in the caption not has no news on the source of this drawing. This could be a copyright infringement. You should try to get the right to publish such a drawing. 

Q3. The authors answered many of my questions posed in my first review, but did not provide any answers to these questions in the body of the article. They should treat these questions as questions from potential readers and put an explanation of them in the article. The problem is with the following questions: Q.7, Q.8, Q.11, Q14, Q15, Q.18, Q27, and Q.30. 

Q4. The title of Table 1 should be on the same page as the content of the table. 

Author Response

First of all, we sincerely thank you for your thoughtful comments to improve our paper.

I also have the following observations: 

[Q1] I have the feeling that I was misunderstood in Q.6 in the first review. My point there is that probably in the phrase "Unlike the DEA structure" the abbreviation "DAG" should be used. 

[A1] Yes, you are right. We changed “DEA” to “DAG”. 

[Q2] A new Figure 3 has appeared in the new version of the article. This figure illustrates the problem well, but its content is very similar to the figure available at: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_block_chaining_(CBC), and in the caption not has no news on the source of this drawing. This could be a copyright infringement. You should try to get the right to publish such a drawing. 

[A2] Thank you for your kind comment. To avoid patent infringement, we added [reference 25] to line 140 and the caption of Figure 4 in the revised manuscript as follows.
Figure 3. Block Diagram of Cipher-Block Chaining operating mode (CBC) [25].[Reference 25] William F. Ehrsam.; Carl H. W. Meyer.; John L. Smith.; Walter L. Tuchman. Message verification and transmission error detection by block chaining, US Patent 4074066, 1976.

[Q3] The authors answered many of my questions posed in my first review, but did not provide any answers to these questions in the body of the article. They should treat these questions as questions from potential readers and put an explanation of them in the article. The problem is with the following questions: Q.7, Q.8, Q.11, Q14, Q15, Q.18, Q27, and Q.30. 

[A3-1] In answer to [Q.7], the following sentence is added to line 177~179 in the revised manuscript.
Here, ‘zero’ has no special meaning and was used to mean that events that occurred in a random client are transmitted directly to the server without passing through other clients. 

[A3-2] In answer to [Q.8], the following sentence is added to line 188~193 in the revised manuscript.
In our proposed Simplified DAG-based blockchain structure, even if the number of clients increases, the number of clients of which the packets are verified is limited to 9 at the maximum. The reason is that increasing the amount of data generated by the client can overload the system and cause network delays. The value of 9 has been verified as the optimal value through many experiments.

[A3-3] In answer to [Q.11], the following sentence is modified in lines 258~264 in the revised manuscript.
Figure 6 shows the time out for the client data to be received by the server. The server waits up to 5000 ms (measured from the time the first data were received) for the data to arrive. The reason is to prevent the system from going down due to overload on the server or the client when the network is delayed or the amount of data to be transmitted is momentarily increased. This value was determined to be the most suitable response delay time of 5000msec from the server through many experiments. After that, the data received are discarded, and the data received before the timeout are adopted after verification.

[A3-4-1] In answer to [Q14-1], the words "blue" and "orange" were inserted into the line 292 and 295 of the revised manuscript to distinguish between Ke and K'e.

[A3-4-2] In answer to [Q14-2], the following sentence is added to lines 300~302 in the revised manuscript.
“IV Refresh” in Figure 8 is a sort of initialization vector (IV) used in “CBC Operating mode.” Using “IV Refresh” is in the sense that the value of IV is changed every minute to enhance security further. 

[A3-5] In answer to [Q.15], the following sentence is added to lines 309~313 in the revised manuscript.
In this paper, months and minutes are used to generate cipher keys. If we use months, days, hours, and minutes simultaneously, cipher keys can become too complex and take a long time to decryption. Using minutes instead of hours is to change the cipher key every minute to enhance security.

[A3-6] In answer to [Q.18], the following sentence is added to lines 324~325 in the revised manuscript.
In Figure 9, Ki is the current cipher key and represents the input, and Ko is the new changed cipher key and represents the output.

[A3-7] In answer to [Q.27], the following sentence is added to lines 423~431 in the revised manuscript.
To enhance security, first, the random data of “A(4, 2, 8)” is encrypted by performing a left shift operation. After that, the entire packet [5, E5, A (4, 2, 8), S15, D1] is encrypted once more. The packet is encrypted because the data contained in the packet may be hacked due to a hacker, and the packet should be encrypted once more to enhance security. In this case, the keys used for the two encryptions are different. If the same cipher key is used, there will be disadvantages that the structure of encryption and decryption will become complex, encryption and decryption will take a long time, and energy consumption will increase.

[A3-8] In answer to [Q.30], the following sentence is added to lines 518~523 in the revised manuscript.
In order to calculate the power, an oscilloscope and ammeter were used. We measure the voltage using the oscilloscope's trigger function because the voltage rises instantaneously when sending data. The current was measured with an ammeter, and power was calculated by multiplying the measured voltage by the current flowing through the client. At this time, the measured voltage and current are effective values. In our experimental system, one Raspberry Pi board is implemented as a client.

[Q4] The title of Table 1 should be on the same page as the content of the table. 
[A4] The title of Table 1 and the contents of the table are on the same page 7 of the revised manuscript.

Finally, we sincerely thank you for your thoughtful comments to improve our paper.

Back to TopTop