Search This Blog

Powered by Blogger.

Blog Archive

Labels

US NIST Uncovers Winning Encryption Algorithm for IoT Data Protection

Two of ASCON's native features highlighted in NIST's announcement are AEAD (Authenticated Encryption with Associated Data) and hashing.
The National Institute of Standards and Technology (NIST) has declared that ASCON has won the "lightweight cryptography" programme, which seeks the best algorithm to protect small IoT (Internet of Things) devices with limited hardware resources. Small IoT devices are becoming progressively popular and ubiquitous, being used in wearable technology, "smart home" applications, and so on. 

However, they are still utilized to store and handle sensitive personal information such as health records, financial information, etc. Having stated that, implementing a standard for data encryption is critical in securing people's data. However, the weak chips inside these devices necessitate the utilization of an algorithm capable of providing robust encryption while using very little computational power.

Kerry McKay, a computer scientist at NIST stated, "The world is moving toward using small devices for lots of tasks ranging from sensing to identification to machine control, and because these small devices have limited resources, they need security that has a compact implementation. These algorithms should cover most devices that have these sorts of resource constraints."

ASCON was chosen as the best of 57 proposals submitted to NIST after several rounds of security analysis by leading cryptographers, implementation and benchmarking results, and workshop feedback. The entire programme lasted four years and began in 2019.

As per NIST, all ten finalists demonstrated exceptional performance that exceeded the set standards without raising security concerns, making the final selection extremely difficult. ASCON was eventually chosen as the winner due to its flexibility, seven-family support, energy efficiency, speed on slow hardware, and low overhead for short messages.

The algorithm had also withstood the test of time, having been formed in 2014 by a team of cryptographers from Graz University of Technology, Infineon Technologies, Lamarr Security Research, and Radboud University, and winning the CAESAR cryptographic competition's "lightweight encryption" category in 2019.

AEAD (Authenticated Encryption with Associated Data) and hashing are two of ASCON's native features highlighted in NIST's announcement. AEAD is an encryption mode that combines symmetric encryption and MAC (message authentication code) to prevent unauthorized access or tampering with transmitted or stored data.

Hashing is a data integrity verification mechanism that generates a string of characters (hash) from distinct inputs, allowing two data exchange points to verify that the encrypted message has not been tampered with. NIST continues to recommend AES for AEAD and SHA-256 for hashing; however, these are incompatible with smaller, weaker devices.

Despite its lightweight nature, NIST claims that ASCON is powerful enough to withstand attacks from powerful quantum computers at its standard 128-bit nonce. This is not, however, the goal or purpose of this standard, and lightweight cryptography algorithms should only be used to protect ephemeral secrets.

The National Institute of Standards and Technology (NIST) treats post-quantum cryptography as a distinct challenge, with a separate programme for developing quantum-resistant standards, and the effort has already produced results.

The National Institute of Standards and Technology (NIST) treats post-quantum cryptography as a separate challenge, with a separate programme for developing quantum-resistant standards, and the effort has already yielded its first results.

More information on ASCON, it can be found on the algorithm's website or in the technical paper submitted to NIST in May 2021.

Share it:

ASCON

Code

Cyber Security

Data

data security

Safety