June 22, 2023
John Preuß Mattsson - Ericsson
NIST has announced the decision to standardize the Ascon family for lightweight cryptography applications. The NIST Lightweight Cryptography project is now entering a new phase. This memo suggests some directions for the upcoming work. The Ascon family consists of AEADs, hash functions, PRFs, and MACs but only the AEADs and hash functions were part of the original NIST submission. An important goal is that most forms of small devices should be able to implement only Ascon without also having to implement any of AES and its various modes of operation (e.g., CCM, CTR, CFB, GCM), SHA-2, SHAKE, HMAC, KMAC, HKDF, etc. Another goal is that the Ascon specification should support a variety of hash function output lengths.
Lightweight Cryptography Workshop 2023 [Virtual]