隨著科技的發展，嵌入式系統的應用已不僅限於工業上，逐漸進入人們的日常生 活中，這也開啟了智慧家庭的篇章。物聯網的時代已經來臨，人們的生活中將充滿各式各樣的嵌入式設備，相關應用產品的出現帶來了很大的方便，使我們能夠做到像是僅用聲音就能控制家中的電子產品，或者即使人不在家，依舊能觀看屋內的即時影像 等。但同時，這也衍生出了許多關於隱私安全方面的問題。由於這些設備往往搜集了許多的敏感資訊，一旦外洩後果可能不堪設想，為了保護使用者的隱私，必須在資訊產生後盡快對其進行加密保護。然而嵌入式裝置往往不以高效能運算為特色，如何提升加密運算速度來降低處理時間便成為了一個很重要的議題。在眾多的資料類型中，影像加密屬於較為耗時的類型之一，完成一張影像的加密需要對其所有像素(pixel)之 值進行運算，本論文因而改良 AES-GCM 之多執行緒平行運算架構以加速整個加密過程並應用於此，AES (Advanced Encryption Standard)為使用的加密演算法，GCM (Galois Counter Mode)為搭配之工作模式，以達到驗證資料完整性之功能。在上述的基礎之下， 以 C 語言編寫程式運行於樹莓派(Raspberry Pi) 3B 上進行架構的實現與驗證，實驗結果證明改良之平行架構與其他架構相比，能以較快速的時間完成影像加密流程。

With the development of technology, embedded systems are not just being used in industry but also being used in our daily life. The era of internet of things (IOT) begins, there will be many kinds of embedded devices around us in the future. But at the same time, it leads to several problems related to privacy security. In order to protect the privacy of users, data on embedded devices need to be encrypted as soon as possible when they are generated. While embedded devices tend not to have strong power of computing, how to improve the speed of encryption and to decrease the time needed becomes a key issue. Among all types of data, image encryption is time-consuming since all pixels of the image should be processed in the process. This thesis is going to improve the traditionally multi-threaded parallel computing scheme of AES-GCM and apply it on image encryption. AES (Advanced Encryption Standard) is the cryptographic algorithm and GCM (Galois Counter Mode) is the operation mode which can assure data integrity, both of them were used in this thesis. Under those theories, C language was used to realize image encryption on Raspberry Pi 3B for implementation. The experimental results show that the two improved schemes can decrease the encryption time needed effectively.

[1] FIPS Publication 46-3, “Data Encryption Standard (DES),” U.S. DoC/NIST, 1999.
[2] FIPS Publication 197, “Advanced Encryption Standard (AES),” U.S. DoC/NIST,
2001.
[3] M. Dworkin, “Recommendation for Block Cipher Modes of Operation, Methods and Techniques,” U.S. DoC/NIST, 2001.
[4] M. Dworkin, “Recommendation for block cipher modes of operation: the CCM mode for authentication and confidentiality,” U.S. DoC/NIST, 2004.
[5] M. Dworkin, “Recommendation for Block Cipher Modes of Operation:
Galois/Counter Mode (GCM) and GMAC,” U.S. DoC/NIST, 2007.
[6] O. M. Guillen, D. Schmidt and G. Sigl, “Practical evaluation of code injection in encrypted firmware updates,” 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 325-330, 2016.
[7] T. Krovetz, P. Rogaway, ”The Software Performance of Authenticated-Encryption Modes,” Fast Software Encryption (FSE), 2011.
[8] J. Su, N. Gu, Q. Bai and C. Lin, “Parallel Implementation of AES-GCM with High Throughput and Energy Efficiency,” 2018 International Conference on Networking and Network Applications (NaNA), pp. 251-256, 2018.
[9] A. Malinowski and H. Yu, “Comparison of Embedded System Design for Industrial Applications,” IEEE Transactions on Industrial Informatics, vol. 7, no. 2, pp. 244- 254, 2011.
[10] Z. Lin, J. Liu, J. Lian, Y. Ma, and X. Zhang, “A novel fast image encryption algorithm for embedded systems,” Multimedia Tools and Applications, vol. 78, pp. 6969–6987, 2019.
[11] C.P.L.Gouvêa,andJ.López,“ImplementingGCMonARMv8,”Cryptographers’ Track at the RSA Conference, pp. 167-180, 2015.
[12] J. Daemen and V. Rijmen, “The design of Rijndael: AES-the advanced encryption standard,” Springer, 2002.
[13] K. Chand Gupta and I. Ghosh Ray, “On Constructions of Involutory MDS Matrices,” Progress in Cryptology – AFRICACRYPT 2013, 2013.
[14] G. Procter and C. Carlos, “On Weak Keys and Forgery Attacks Against Polynomial-Based MAC Schemes,” Journal of Cryptology, pp. 769-795, 2015.
[15] “Swiss Verkada Camera Hacker Says Attacks Were ‘Easy, Fun Anarchism’—U.S. Files Charges Over Data Theft”,
https://www.forbes.com/sites/thomasbrewster/2021/03/19/swiss-verdaka-camera- hacker-says-attacks-were-easy-fun-anarchism-us-files-charges-over-data-theft/.
[16] “RaspberryPi3ModelB”,https://www.raspberrypi.com/products/raspberry-pi-3- model-b/.
[17] “MACsecGCM-AESTestVectors”, https://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511- v1.pdf.
[18] “The USC-SIPI Image Database”, https://sipi.usc.edu/database/database.php.
[19] “LEGO Minifigures”, https://www.kaggle.com/datasets/ihelon/lego-minifigures- classification.
[20] A. Rehman, X. F. Liao, R. Ashraf, S. Ullah, and H. W. Wang, “A Color Image Encryption Technique using Exclusive-OR with DNA Complementary Rules based on Chaos Theory and SHA-2,” International Journal for Light and Electron Optics 159, 2018.