The US National Institute of Standards and Technology (NIST) has selected the Ascon cryptographic algorithms to be its lightweight cryptographic standard. Lightweight cryptography algorithms need to be powerful enough to protect small Internet of Things (IoT) and other lightweight devices with limited computational resources.
Note
- It is a very important move by NIST to recognize that IoT devices with limited hardware capabilities need different encryption standards. Ascon appears to be a solid choice. But also remember that weak or missing encryption is just one of many security issues hurting IoT users. Encryption issues rank far below vulnerabilities like default passwords, outdated software components and the inability to efficiently upgrade IoT devices.
- There is a definite need for data encryption on a wide range of devices. While the phrase “lightweight cryptography” gives me pause, much the way “healthy fried food” does, the public process NIST uses for this has a good track record. Start by informing all device suppliers that security and privacy is an important criteria for all future procurements.
- Get ready to add Ascon to your cryptographic lexicon. While some encryption is available in hardware, such as AES, having a lightweight option than can fit within the resources of IoT devices makes it all that easier to incorporate without impact to performance or price point. There are seven members of the Ascon family. Keep an eye on solutions in the authenticated encryption with associated data (AHED) which will help better secure vehicle and RFID communications. While these show promise of raising the bar for IoT security, consumer education will be needed to drive demand for adoption and selection of products with increased security.
- Defining the US national standard for lightweight cryptography has been many years in the making. Unfortunately, it will be of little use for the billions of IoT devices in use today.
- In order to be useful and efficient, cryptographic algorithms need only raise the cost of attack to a point greater than the value of success. One must be sure to that use them only for the intended application and environment.
Read more in
- NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices
- Lightweight Cryptography Standardization Process: NIST Selects Ascon
- Lightweight Cryptography
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
