ENHANCING THE SECURITY OF IOT DATA USING MULTILEVEL ENCRYPTION

: Internet of Things (IoT) plays a vital role in the field of Information Technology, Industries and Healthcare etc. As data in IoT applications will be related to the physical realm, ensuring data security is a primary constraint for many cases. Because in the IoT context not only users, but also authorized objects may access data.Security represents a critical component for enabling the widespread adoption of IoT technologies and applications. Therefore this paper proposes a multilevel encryption technique to enhance the security of the IoT data. In this approach the data sensed from the IoT devices are encrypted in the gateway using Merkle-Hellman encryption and Elliptic Curve Cryptography(ECC) to ensure the security of the data


I. INTRODUCTION
Internet of Things (IoT) is a newer technology in this fastest world. Any physical objects like phone, laptop, refrigerator, printer, air cooler etc. are considered as smart things. "IoT can be defined as a network of uniquely identifiable, accessible, and manageable smart things that are capable of performing communication, computation and ultimate decision making" [1]. "It is aunified part of Future Internet and could be defined as a dynamic global network infrastructure with self-configuring capabilities based on standard and interoperable communication protocols where physical and virtual "things" have identities, physical attributed, use intelligent interfaces, and are seamlessly integrated into the information network" [2]. IoT requires components to enable communication between devices such as wireless connections like Sensors, RFID, Bluetooth, ZigBee,WSN, WLAN, WMAN or Wi-Fi.Sensor data is an essential part ofloT system, and it sharesdata to third parties to avail usefulservices and applications like, locationbasedservices, smart home management and elderly monitoring etc.IoT data properties generate many data management issues such as scalability of data, interoperability, accessing data, data archiving etc. IoT data storage can be local, distributed and centralized. Here, data security is extremely challengingdue to the different data properties. Providing data security to the streaming or sensed data is a major issue in IoT. In order to use device communication effectively, we need to improve the security. Cryptography is an effective way to protect the sensitive information. This paper proposes a multilevel encryption for IoT data using Merkle-Hellman Knapsack cryptosystem and ECC. ECC is well-suited for IoT applications that need long-term security requirements. Also, Elliptic curves offers high level of security andsmaller the key length [3]. Subset problem is created in Merkle Hellman knapsack cryptosystem to encrypt the data. Hence, the computation is very simple and efficient [4].

II. RELATED WORKS
Daisy Premila Bai et al. [9] proposed Elliptic Curve Cryptography based security framework for Internet of Things and Cloud Computing.This model adopted multifactor authentication which worked in seven phases. The proposed model gives data security againstsome of the major security issues such as integrity, confidentiality, privacy and authentication. The proposed framework were implemented and proved that it enhances security. Arghya Rai et al [4] proposed an encryption technique using Merkle-Hellman knapsack cryptosystem and discrete logarithms based on RSA concepts. The basic needs for cryptography were discussed in this paper. Two algorithms were used to encrypt amessage and strengthened the security of the data.Finally the proposed method was proved to be secure with mathematical model. Mailov Arif et al. [10] discussed various cryptographic algorithms used for data encryption. Elliptic Curve Cryptography offers high security for IoT applications. The authors compared many Elliptical curvesand their key lengths and key generation timesfor securing e-ID.ECC algorithm was implemented in Azerbaijan E-ID Card and proved that ECC in e-ID production gave high performance and greater security than RSA algorithm.Laiphrakpam et al. [7] discussed Elliptic curve cryptography algorithm and proposed a new technique to enhance ECC by reducing its computational cost and time. They removed mapping of characters to affine points and replaced by using ASCII values. They proved by implementing the proposed work that gave better security when compared with other algorithms.

III. PROPOSED WORK
In this approach, a multilevel encryption technique (Merkle-Hellman Knapsack cryptosystem with Elliptic Curve Cryptography) is used. The purpose of the proposed technique is to secure the data sensed from the IoT devices. Figure. 3 shows the system model of the proposed approach.Data from the IoT devices will be sent to the gateway using protocols such as CoAP and HTTP across the internet. Once data is received by the gateway, it is prepared for transmission to the server. Before the data being transmitted to the server, they are encrypted using multilevel encryption technique.

A. Elliptic Curve Cryptosystem Overview
Elliptic Curve Cryptography (ECC) is the public key cryptography approach used for data encryption. Neal Koblitz [5] and Victor Miller [6] proposed elliptic curves in 1985 to design public key cryptographic systems. This solves the major issue of public key cryptography by providing high level security with less key length.An Elliptic Curve is a plane curve defined by an equation y 2 = x 3 + ax + b (1) A standard form of elliptic curve E over finite field Fp (p is a large prime number) is computed by using the following equation Then, the procedure involves choosing two non-negative integers a, b which are less than p such that, it satisfies the condition 4a 3 + 27b 2 (mod p) ≠ 0 (3)

1) Operations of ECC 1.1 Point Inverse
If S(x 1 , y 1 ) is a point on an elliptic curve, then its inverse is given by -S(x 1 , y 1 ). The following equation is used to calculate the inverse [7].

Point Addition
Point addition is one of the elliptic curve arithmetic operations [7]. When the two points of a curve P(x 1 , y 1 ) and Q(x 2 , y 2 ) are distinct (P ≠ Q), t hen P+Q is given by the following calculation.

Point Doubling
Point doubling is one of the basic elliptic curve arithmetic operations. When the two points of a curve P(x 1 , y 1 ) and Q(x 1 , y 1 ) overlap (P = Q), 2P is given by the following calculation [7].
General Procedure for ECC is as follows: (i) Both sender and receiver agrees to send publicly-known data items. For this the following steps are followed a) Ralph Merkle and Martin Hellman invented the superincreasing subset problem in the year 1978. It attempts to disguise an easily solved instance of the subset problem called superincreasing subset sum problem, by modular multiplication and a permutation [8]. The nature of superincreasing order is hidden by vector v 1 usingmodular multiplication and a permutation, and then the superincreasing vector is represented by v. The distorted vector forms the encrypted message. The original superincreasing vector forms the private key which is used to decipher the message. (i) Superincreasing Order A super increasing sequence is a sequence (a 1 , a 2 , a 3 ,….a n ) of positive integers with the property that

C. Multilevel Encryption Technique
The proposed multilevel encryption technique performs encryption in two steps.
(i) Firstly, the given plain text is parted by each characters and then convert it into its equivalent binary values. Binary values are then encrypted using Merkle-Hellman encryption scheme.Mainly, it is to generate a subset problem which can be solved fluently. Here,by using modular representation and permutation the super increasing nature can be hidden. The Merkle-Hellman encryption procedure is given below.
(ii) Secondly, these encrypted characters are further encrypted by elliptic curve cryptography (ECC). ECC is utilized to generate the cipher text of the result provided by Merkle-Hellman encryption. The procedure for Elliptic Curve Cryptosystem is given below. With these techniques, the data could be shared securely. Thefollowing section will give the mathematical model of the proposed work.In this proposed approach, the data is secured by applying two different encryption techniques such as Merkle-Hellman knapsack cryptosystem and Elliptic curve Cryptography. With these techniques, the data could Step 1:Choose super increasing sequence of positive integers. where each numbers is greater than the sum of all preceding numbers s = (s 1 , s 2 , s 3 ,…s n ) Step 2: Convert each character of the plain text into binary equivalent represented by b.
Step 3: Choose an integer (a) which is greater than the sum of all numbers in the sequence s and its coprime (r) Step 4: The sequence s and the numbers a and r form the private key of the cryptosystem.
Step 5: All the elements in the sequence sare multiplied with number rand the modulus of the multiple is taken by dividing with the number a.
Step 6:p i = s i * rmod (a), where all the elements in the sequence pare multiplied with the corresponding elements of the binary sequence b and then adding the resulting sum.

Key Generation
Step 1: Both sender and receiver agree with the base point P Step 2: Private key = d, public key Q = d * P

Encryption
Step 1: Select a elliptic curve E p (a, b). E has N points on it Step 2: Plain text has to represent on the curve Step 3: Randomly select 'd' from [1-(n-1)] Step 4: Consider message 'm' has the point 'M' on the curve 'E' Step 5:Two cipher texts will be generated C 1 = d*P, C 2 = M + d*Q be shared securely. The following section will give the mathematical model of the proposed work.

V. CONCLUSION
The objective of the proposed work is to improve the security of the IoT data that are sensed by the IoT devices. This is achieved by the proposed multilevel encryption. The data are encrypted in the gateway before storing it in the cloud server.Encryption of data is performed in two stages.
In the first stage, Merkle-hellman knapsack cryptosystem is used to encrypt the data. In the second stage, the encrypted text acts as an input for ECC. Finally, the obtained cipher text is sent to the cloud server.This approach ensures the security of the data andimproves computation time.