NIST Finalizes 'Lightweight Cryptography' Standard to Protect Small Devices
10 days ago
- #IoT
- #Lightweight Cryptography
- #Cybersecurity
- NIST has finalized a lightweight cryptography standard to protect small networked devices like IoT, RFID tags, and medical implants.
- The standard, titled 'Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST Special Publication 800-232)', is designed for resource-constrained electronics.
- The standard is built around the Ascon family of cryptographic algorithms, selected after a public review process.
- Ascon was developed in 2014 and emerged as a top choice in the 2019 CAESAR competition.
- Four Ascon variants are included, focusing on authenticated encryption (AEAD) and hashing for different use cases.
- ASCON-128 AEAD provides encryption and data authenticity, with resistance to side-channel attacks.
- ASCON-Hash 256 creates short 'fingerprint' hashes to ensure data integrity, useful for software updates and digital signatures.
- ASCON-XOF 128 and ASCON-CXOF 128 allow adjustable hash sizes, saving time and energy for small devices.
- ASCON-CXOF 128 also supports custom labels to prevent hash collisions in multiple devices.
- NIST aims for the standard to be expandable, with potential future additions like a dedicated message authentication code.