NIST just published a report on lightweight cryptography. What did it find and recommend?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
In March 2017, NIST published its long-awaited final report on lightweight cryptography. This report, NISTIR 8114, summarizes the findings of NIST's lightweight cryptography project and provides a roadmap to standardization of lightweight cryptography algorithms.
All conventional, NIST-approved cryptographic standards perform well on high-end devices, including desktops, servers and tablets. However, NIST found that performance may not be acceptable when conventional standards are implemented on low-end devices. For example, embedded systems, radio frequency IDs (RFIDs) and sensors have physical limitations. The number of gate equivalents is very small. These devices require cryptographic algorithms that can meet stringent timing and power requirements.
For example, passive RFID tags that are not battery-powered are activated by a limited amount of power from a mobile or wall-mounted RFID reader. These tags have a total count of 1,000 to 10,000 gates. Only 100 to 2,000 gates may be used for security purposes.
NIST proposed a template for profiles. One or more characteristic fields or design goal fields may be blank.
- Functionality (e.g., encryption, hashing, message authentication)
- Design goals
- Physical characteristics (e.g., 64 to 128 bytes of RAM)
- Performance characteristics (e.g., latency of no more than 5 nanoseconds)
- Security characteristics (e.g., minimum key size of no less than 112 bits)
NIST's standardization plan starts with soliciting answers about requirements from the community. Stakeholders are directed to send their responses to email@example.com. NIST will use the responses and other criteria to develop a profile for public comment for 30 days or more.
After finalizing a profile, NIST will publish a call for submissions of lightweight cryptographic functions. Standardization plans will be discussed at a Lightweight Cryptography Workshop, so keep an eye out for that to learn more.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Find out whether open source cryptography libraries are trustworthy
Learn about elliptic curve cryptography in transport ticketing
Check out whether white-box cryptography can save your apps
Dig Deeper on Information security policies, procedures and guidelines
Related Q&A from Judith Myerson
HTTPS interception tools help protect websites, but they can also hurt TLS security. Expert Judith Myerson explains how this works and what ...continue reading
Router vulnerabilities in over 20 Linksys models expose user data to attackers. Expert Judith Myerson explains how the flaws work and how to protect ...continue reading
Better DevOps application lifecycle management can help protect cryptographic and digital keys. Expert Judith Myerson explains the right approaches ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.