Featured Product
This Week in Quality Digest Live

More Videos

Customer Care Features
The Many Challenges of Achieving a Safer, Healthier World of Work
Martin Cottam
OH&S must stay one step ahead to keep workers safe
Do Your Customer Experiences Feature Unicorns?
Innovating Service With Chip Bell
Making customer service memorable
How AI Drives Innovation in Healthcare
Michael Glickman
In the medical realm, AI’s most powerful use is to enhance human capabilities—not replace them
The Time for Digital Transformation Is Now
Rajas Sukthankar
Siemens offers Digital Enterprise Suite for machine builders
Why Manufacturers Are Integrating EHS and Quality
Stephanie Ojeda
What’s driving the shift, and what are the potential benefits?

More Features

Customer Care News
CIMdata Announces E-Book on Digital Thread in Aerospace and Defense
Research commissioned by the Aerospace & Defense PLM Action Group with Eurostep and leading PLM providers
SupplyOne Offers Secondary Packaging Solutions
Meeting new package configuration trends
API Alignment Services Cut Costs
International Paper Co. saves money with Radian Plus laser tracker and vProbe
Instron’s New Melt Index Testers Save Time and Increase Repeatability
Featuring enhanced versatility and performance
ISACA Updates CMMI Model With Three New Domains
Helping organizations improve quality and performance
Captivating Podcast on Manufacturing in the U.S.A. Features Starrett
40-minute podcast explores Starrett’s history and challenges in American manufacturing
Digital Twins Inform Decarbonization Efforts
Digital Twin Consortium’s white paper guides strategies for building owners and stakeholders
3D Guide Removes Frustration From Product Assembly
Yotrio and SunVilla to provide interactive, 3D-enabled assembly via BILT app
NIST Selects ‘Lightweight Cryptography’ to Protect Small Devices
Algorithms protect data created and transmitted by IoT and other small electronics

More News

NIST

Customer Care

NIST Selects ‘Lightweight Cryptography’ to Protect Small Devices

Algorithms protect data created and transmitted by IoT and other small electronics

Published: Tuesday, March 7, 2023 - 13:01

(NIST: Gaithersburg, MD) -- Lightweight electronics, meet the heavyweight champion for information protection. Security experts at the National Institute of Standards and Technology (NIST) have announced a victor in their program to find a worthy defender of data generated by small devices. The winner—a group of cryptographic algorithms called Ascon—will be published as NIST’s lightweight cryptography standard later in 2023.

The chosen algorithms are designed to protect information created and transmitted by the internet of things (IoT), including its myriad tiny sensors and actuators. The algorithms are also designed for other miniature technologies such as implanted medical devices, stress detectors inside roads and bridges, and keyless entry fobs for vehicles. Devices like these need “lightweight cryptography”—protection that uses the limited amount of electronic resources they possess. According to NIST computer scientist Kerry McKay, the newly selected algorithms should be appropriate for most forms of tiny tech.

“The world is moving toward using small devices for lots of tasks ranging from sensing to identification to machine control, and because these small devices have limited resources, they need security that has a compact implementation,” she says. “These algorithms should cover most devices that have these sorts of resource constraints.”

To determine the strongest and most efficient lightweight algorithms, NIST held a development program that took several years, first communicating with industry and other organizations to understand their needs and then requesting potential solutions from the world’s cryptography community in 2018. After receiving 57 submissions, McKay and mathematician Meltem Sönmez Turan managed a multiround public review process in which cryptographers examined and attempted to find weaknesses in the candidates, eventually whittling them down to 10 finalists before selecting the winner.

“We considered a number of criteria to be important,” McKay says. “The ability to provide security was paramount, but we also had to consider factors such as a candidate algorithm’s performance and flexibility in terms of speed, size, and energy use. In the end we made a selection that was a good all-around choice.”

Ascon was developed in 2014 by a team of cryptographers from Graz University of Technology, Infineon Technologies, Lamarr Security Research, and Radboud University. It was selected in 2019 as the primary choice for lightweight authenticated encryption in the final portfolio of the CAESAR competition, a sign that Ascon had withstood years of examination by cryptographers—a characteristic the NIST team also valued, McKay says.

There are currently seven members of the Ascon family, some or all of which may become part of NIST’s published lightweight cryptography standard. As a family, the variants give a range of functionality that will offer designers options for different tasks. Two of these tasks, McKay says, are among the most important in lightweight cryptography: authenticated encryption with associated data (AEAD) and hashing.

AEAD protects the confidentiality of a message, but it also allows extra information—such as the header of a message, or a device’s IP address—to be included without being encrypted. The algorithm ensures that all of the protected data are authentic and havn’t changed in transit. AEAD can be used in vehicle-to-vehicle communications, and it also can help prevent counterfeiting of messages exchanged with the radio frequency identification (RFID) tags that often help track packages in warehouses.

Hashing creates a short digital fingerprint of a message that allows a recipient to determine whether the message has changed. In lightweight cryptography, hashing might be used to check whether a software update is appropriate or has downloaded correctly.

Currently, the most efficient NIST-approved technique for AEAD is the Advanced Encryption Standard (defined in FIPS 197) used with the Galois/Counter Mode (SP 800-38D). For hashing, SHA-256 (defined in FIPS 180-4) is widely used. McKay said that these standards remain in effect for general use.

“The goal of this project isn’t to replace AES or our hash standards,” she says. “NIST still recommends their use on devices that don’t have the resource constraints that these new algorithms address. There are native instructions in many processors, which support fast, high-throughput implementations. In addition, these algorithms are included in many protocols and should continue to be supported for interoperability purposes.”

Neither are the new algorithms intended to be used for post-quantum encryption, another current concern of the cryptography community that NIST is working to address using a similar public review process for potential algorithms. 

“One of the Ascon variants offers a measure of resistance to the sort of attack a powerful quantum computer might mount,” McKay says. “However, that’s not the main goal here. Post-quantum encryption is primarily important for long-term secrets that need to be protected for years. Generally, lightweight cryptography is important for more ephemeral secrets.”

The specification of Ascon includes multiple variants, and the finalized standard might not include all of them. The NIST team plans to work with Ascon’s designers and the cryptography community to finalize the details of standardization. Additional information may be found on NIST’s project website.

First published Feb. 7, 2023, on NIST News.

Discuss

About The Author

NIST’s picture

NIST

Founded in 1901, the National Institute of Standards and Technology (NIST) is a nonregulatory federal agency within the U.S. Department of Commerce. Headquartered in Gaithersburg, Maryland, NIST’s mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.