U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Lightweight Cryptography

Overview

NIST has initiated a process to solicit, evaluate, and standardize lightweight cryptographic algorithms that are suitable for use in constrained environments where the performance of current NIST cryptographic standards is not acceptable. In August 2018, NIST published a call for algorithms (test vector generation code) to be considered for lightweight cryptographic standards with authenticated encryption with associated data (AEAD) and optional hashing functionalities. The deadline for submitting algorithms has passed. NIST received 57 submissions to be considered for standardization. After the initial review of the submissions, 56 were selected as Round 1 candidates. Of the 56 Round 1 candidates, 32 were selected to advance to Round 2.

In March 2021, NIST announced ten finalists as ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak.

Next Steps

The final round of evaluation is expected to conclude late in 2022.

Status updates

To ensure that NIST has all relevant information, NIST invites submitters of finalists to provide a short (up to 10 pages) update on their algorithms. Teams are not required to submit updates; it is optional.

Specifically, NIST is interested in updates on:

  1. overview of the third-party analysis and their implications,
  2. new proofs/arguments supporting the security claims,
  3. new software and hardware implementations (including ones that protect against side channel attacks),
  4. platforms and metrics in which the candidate performs better than current NIST standards,
  5. target applications and use cases for which the candidate is optimized,
  6. any other relevant information.

The updates must be provided electronically in PDF format and sent to lightweight-crypto@nist.gov before September 30, 2022. NIST will post the updates on the project webpage.

Acknowledgements

The success of the NIST Lightweight Crypto Standardization process relies on the efforts of the researchers from the cryptographic community that provide security, implementation and performance analysis of the candidate algorithms. NIST strongly encourages public evaluation and publication of the results throughout the process.

NIST thanks the submission teams, who developed and designed the candidates and the cryptographic community, who analyzed the candidates, shared their comments through the lwc-forum, and published papers on various technical aspects of the candidates.

NIST also thanks the developers who provided optimized implementations of the candidates, as well as the hardware and software benchmarking initiatives, for their contributions in understanding the performance characteristics of the algorithms on various target platforms.

Contacts

Lightweight Crypto Technical Inquiries
lightweight-crypto@nist.gov

Lawrence Bassham

Donghoon Chang

Deukjo Hong

Jinkeon Kang

John Kelsey

Kerry McKay

Meltem Sönmez Turan

Noah Waller

Topics

Security and Privacy: cryptography

Created January 03, 2017, Updated August 11, 2022