In [1]:
# Install pycryptodome for AES encryption
!pip install pycryptodome


Collecting pycryptodome
  Downloading pycryptodome-3.23.0-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (3.4 kB)
Downloading pycryptodome-3.23.0-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.3 MB)
[?25l   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m0.0/2.3 MB[0m [31m?[0m eta [36m-:--:--[0m[2K   [91m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m[91m╸[0m [32m2.3/2.3 MB[0m [31m123.4 MB/s[0m eta [36m0:00:01[0m[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m2.3/2.3 MB[0m [31m56.1 MB/s[0m eta [36m0:00:00[0m
[?25hInstalling collected packages: pycryptodome
Successfully installed pycryptodome-3.23.0


In [6]:

# Part I: IoT Device Data Encryption Simulation

from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
import json
import base64
import random

# Function to pad data because AES requires block size of 16 bytes
def pad(data):
    while len(data) % 16 != 0:
        data += " "
    return data


# Step 1: Generate random sensor values


temperature = random.uniform(20.0, 40.0)
humidity = random.uniform(30.0, 70.0)

sensor_data = {
    "temperature": round(temperature, 2),
    "humidity": round(humidity, 2)
}

print("Original Sensor Data:", sensor_data)

# Convert dict → JSON → bytes
data_json = json.dumps(sensor_data)
data_padded = pad(data_json).encode()


# Step 2: AES Encryption


key = get_random_bytes(16)  # 128-bit AES key
cipher = AES.new(key, AES.MODE_ECB)

encrypted_bytes = cipher.encrypt(data_padded)
encrypted_base64 = base64.b64encode(encrypted_bytes).decode()

print("\nEncrypted Data (Base64):", encrypted_base64)

# -------------------------
# Step 3: Simulate sending to server and decrypting
# -------------------------

cipher_decrypt = AES.new(key, AES.MODE_ECB)
decoded_encrypted_bytes = base64.b64decode(encrypted_base64)

decrypted_json = cipher_decrypt.decrypt(decoded_encrypted_bytes).decode().strip()

print("\nDecrypted Data:", decrypted_json)


Original Sensor Data: {'temperature': 20.38, 'humidity': 39.51}

Encrypted Data (Base64): qKo8Adn7wD41AGORUt8hmdv5JUr/NCn0nXbPgyhyfydUn8UlBxgp/FgEJwnrnuUd

Decrypted Data: {"temperature": 20.38, "humidity": 39.51}


In [7]:

# Part II: IoT Device Security Lifecycle Simulation


import time
from datetime import datetime

# Helper function to print log messages with timestamps
def log(stage, message):
    print(f"[{stage}] {message} - {datetime.now()}")

print("\n--- IoT Device Security Lifecycle Simulation ---\n")


# Stage 1: Threat Modeling

log("Stage 1", "Threat model created (identifying attack paths)")
time.sleep(1)

# Stage 2: Secure Boot Verification

log("Stage 2", "Secure boot verified (firmware signature validated)")
time.sleep(1)


# Stage 3: Secure Key Injection

log("Stage 3", "Keys injected securely (mock values stored)")
time.sleep(1)


# Stage 4: OTA Firmware Update Check

log("Stage 4", "OTA update verified (latest firmware installed)")
time.sleep(1)


# Stage 5: Secure Decommissioning

log("Stage 5", "Device decommissioned (security keys wiped permanently)")



--- IoT Device Security Lifecycle Simulation ---

[Stage 1] Threat model created (identifying attack paths) - 2025-11-28 22:07:08.092527
[Stage 2] Secure boot verified (firmware signature validated) - 2025-11-28 22:07:09.092977
[Stage 3] Keys injected securely (mock values stored) - 2025-11-28 22:07:10.093535
[Stage 4] OTA update verified (latest firmware installed) - 2025-11-28 22:07:11.094080
[Stage 5] Device decommissioned (security keys wiped permanently) - 2025-11-28 22:07:12.094630


In [8]:

# Part III (Optional): Secure Boot Verification


import hashlib

print("\n--- Secure Boot Verification Simulation ---\n")

# Simulated firmware code (string)
firmware_code = "print('Hello IoT Device!')"

# Calculate hash of firmware (pretend this is stored in hardware)
stored_firmware_hash = hashlib.sha256(firmware_code.encode()).hexdigest()

print("Stored Firmware Hash:", stored_firmware_hash)

# Function that verifies firmware integrity before booting
def verify_firmware(code, stored_hash):
    calculated_hash = hashlib.sha256(code.encode()).hexdigest()
    return calculated_hash == stored_hash

# Boot process check
if verify_firmware(firmware_code, stored_firmware_hash):
    print("Secure Boot Passed  — Firmware is Authentic")
else:
    print("Secure Boot FAILED  — Firmware is NOT Authentic")



--- Secure Boot Verification Simulation ---

Stored Firmware Hash: 9f6e2d2927121505fdfffabb1c8a591b7bcfe4d88b031f7913f8a29240c2bb10
Secure Boot Passed  — Firmware is Authentic
