Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

NIST Lightweight Cryptography Standardization Process: Classification of Second Round Candidates, Open Challenges, and Recommendations

  • Gookyi, Dennis Agyemanh Nana (Dept. of Information and Communication Engineering, Hanbat National University) ;
  • Kanda, Guard (Dept. of Information and Communication Engineering, Hanbat National University) ;
  • Ryoo, Kwangki (Dept. of Information and Communication Engineering, Hanbat National University)
  • Received : 2020.03.24
  • Accepted : 2020.06.14
  • Published : 2021.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

In January 2013, the National Institute of Standards and Technology (NIST) announced the CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) contest to identify authenticated ciphers that are suitable for a wide range of applications. A total of 57 submissions made it into the first round of the competition out of which 6 were announced as winners in March 2019. In the process of the competition, NIST realized that most of the authenticated ciphers submitted were not suitable for resource-constrained devices used as end nodes in the Internet-of-Things (IoT) platform. For that matter, the NIST Lightweight Cryptography Standardization Process was set up to identify authenticated encryption and hashing algorithms for IoT devices. The call for submissions was initiated in 2018 and in April 2019, 56 submissions made it into the first round of the competition. In August 2019, 32 out of the 56 submissions were selected for the second round which is due to end in the year 2021. This work surveys the 32 authenticated encryption schemes that made it into the second round of the NIST lightweight cryptography standardization process. The paper presents an easy-to-understand comparative overview of the recommended parameters, primitives, mode of operation, features, security parameter, and hardware/software performance of the 32 candidate algorithms. The paper goes further by discussing the challenges of the Lightweight Cryptography Standardization Process and provides some suitable recommendations.

Keywords

References

  1. K. Schwab, The Fourth Industrial Revolution. Geneva, Switzerland: World Economic Forum, 2016.
  2. K. Gafurov and T. M. Chung, "Comprehensive survey on internet of things, architecture, security aspects, applications, related technologies, economic perspective, and future directions," Journal of Information Processing Systems, vol. 15, no. 4, pp. 797-819, 2019. https://doi.org/10.3745/JIPS.03.0125
  3. M. Bellare and C. Namprempre, "Authenticated encryption: Relations among notions and analysis of the generic composition paradigm," in Advances in Cryptology - ASIACRYPT 2000. Heidelberg, Germany: Springer, 2000, pp. 531-545.
  4. P. Rogaway, "Authenticated-encryption with associated-data," in Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, 2002, pp. 98-107.
  5. CAESAR call for submissions [Online]. Available: https://competitions.cr.yp.to/caesar-call.html.
  6. CAESAR submissions [Online]. Available: https://competitions.cr.yp.to/caesar-submissions.html.
  7. National Institute of Standards and Technology, "Announcing request for nomination for lightweight cryptographic algorithms," 2018 [Online]. Available: https://csrc.nist.gov/News/2018/requesting-nominations-for-lightweight-crypto-algs.
  8. K. McKay, L. Bassham, M. Sonmez Turan, and N. Mouha, "Report on lightweight cryptography," National Institute of Standards and Technology, Gaithersburg, MD, Report No. IR-8114, 2017.
  9. National Institute of Standards and Technology, "Lightweight cryptography: round 1 candidates," 2021 [Online]. Available: https://csrc.nist.gov/Projects/lightweight-cryptography/round-1-candidates.
  10. National Institute of Standards and Technology, "Lightweight cryptography: round 2 candidates," 2021 [Online]. Available: https://csrc.nist.gov/Projects/lightweight-cryptography/round-2-candidates.
  11. B. Rezvani and W. Diehl, "Hardware implementation of NIST lightweight cryptographic candidates: a first look," IACR Cryptology ePrint Archive, vol. 2019, article no. 824, 2019.
  12. F. Abed, C. Forler, and S. Lucks, "General classification of the authenticated encryption schemes for the CAESAR competition," Computer Science Review, vol. 22, pp. 13-26, 2016. https://doi.org/10.1016/j.cosrev.2016.07.002
  13. E. B. Kavun, H. Mihajloska, and T. Yalcin, "A survey on authenticated encryption: ASIC designer's perspective," ACM Computing Surveys (CSUR), vol. 50, no. 6, article no. 88, 2017. https://doi.org/10.1145/3131276
  14. F. Zhang, Z. Y. Liang, B. L. Yang, X. J. Zhao, S. Z. Guo, and K. Ren, "Survey of design and security evaluation of authenticated encryption algorithms in the CAESAR competition," Frontiers of Information Technology & Electronic Engineering, vol. 19, no. 12, pp. 1475-1499, 2018. https://doi.org/10.1631/FITEE.1800576
  15. M. Agrawal, J. Zhou, and D. Chang, "A survey on lightweight authenticated encryption and challenges for securing industrial IoT," in Security and Privacy Trends in the Industrial Internet of Things. Cham, Switzerland: Springer, 2019, pp. 71-94.
  16. M. J. O. Saarinen and D. W. Engels, "A do-it-all-cipher for RFID: design requirements," IACR Cryptology ePrint Archive, vol. 2012, article no. 317, 2012.
  17. L. Bassham, C. Calik, K. McKay, N. Mouha, and M. S. Turan, "Profiles for the lightweight cryptography standardization process," 2017 [Online]. Available: https://csrc.nist.gov/publications/detail/white-paper/ 2017/04/26/profiles-for-lightweight-cryptography-standardization-process/archive.
  18. National Institute of Standards and Technology, "Submission requirement and evaluation criteria for the lightweight cryptography submission process," 2018 [Online]. Available: https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/final-lwc-submission-requirements-august2018.pdf.
  19. D. A. N. Gookyi and K. Ryoo, "Selecting a synthesizable RISC-V processor core for low-cost hardware devices," Journal of Information Processing Systems, vol. 15, no. 6, pp. 1406-1421, 2019. https://doi.org/10.3745/JIPS.03.0129
  20. National Institute of Standards and Technology, "Cryptographic hash algorithm competition," 2007 [Online]. Available: https://www.nist.gov/programs-projects/cryptographic-hash-algorithm-competition.
  21. G. Bertoni, J. Daemen, M. Peeters, and G. V. Assche, "Keccak specification," 2008 [Online]. Available: https://keccak.team/obsolete/Keccak-specifications.pdf.