Reference : State of the Art in Lightweight Symmetric Cryptography
E-prints/Working papers : First made available on ORBilu
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/31319
State of the Art in Lightweight Symmetric Cryptography
English
Biryukov, Alex mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) > ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)]
Perrin, Léo Paul [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) > ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)]
Jun-2017
40
No
Esch-sur-Alzette
Luxembourg
[en] Lightweight cryptography ; Ultra-Lightweight ; Internet of Things
[en] Lightweight cryptography has been one of the ``hot topics'' in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products.
In this paper, we discuss the different implementation constraints that a ``lightweight'' algorithm is usually designed to satisfy. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (\nist{}...) and international (\textsc{iso/iec}...) standards are listed.
We then discuss some trends we identified in the design of lightweight algorithms, namely the designers' preference for \arx{}-based and bitsliced-S-Box-based designs and simple key schedules.
Finally, we argue that lightweight cryptography is too large a field and that it should be split into two related but distinct areas: \emph{ultra-lightweight} and \emph{IoT} cryptography. The former deals only with the smallest of devices for which a lower security level may be justified by the very harsh design constraints. The latter corresponds to low-power embedded processors for which the \aes{} and modern hash function are costly but which have to provide a high level security due to their greater connectivity.
SnT
Fonds National de la Recherche - FnR
Researchers ; Professionals ; Students ; General public
http://hdl.handle.net/10993/31319
FnR ; FNR4009992 > Alex Biryukov > ACRYPT > Applied Cryptography for the Internet of Things > 01/07/2013 > 30/06/2016 > 2012

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
SoK___lightweight_crypto.pdfAuthor preprint655.28 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.