Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [lightweight]

Small and/or fast ciphers and other cryptographic primitives designed for use in constrained environments, such as embedded MCUs and smart cards.

For am extended explanation, check our related Q&A:

What is the official, generally accepted definition of “lightweight crypto”

62 questions
28
votes
3 answers

How is bitslicing faster?

I have read a paper on Bit Slicing and Lightweight crypto but cannot understand how bitslicing makes encryption scheme faster. Please can someone explain with an example exactly how bit slicing makes the code faster (even a single xor example will…
ishaan arora
  • 383
  • 3
  • 6
12
votes
2 answers

Are there any signature schemes for underpowered devices (8-bit microcontroller)?

I am currently researching into a small scale home automation system, aiming for cost. The system architecture is basically one master and several slaves which are connected in parallel. Recently i've bumped into the natural question of system…
Bruno Morais
  • 223
  • 2
  • 7
12
votes
2 answers

Can one implement AES on 4-bit microcontroller?

It is possible to implement AES on 4-bit microcontroller? As far as I know, AES on 8-bit microcontroller are common especially for light weight application such as the RFID. I have yet to come across AES been employed on 4-bit microcontroller,…
cLaRe
  • 171
  • 3
11
votes
1 answer

CAESAR finalists: Lightweight case (Ascon vs ACORN)

The Ascon cipher has been selected as the first choice in lightweight case and ACORN as the second. However according to Face-off between the CAESAR Lightweight Finalists: ACORN vs. Ascon paper, the winner of the face-off is ACORN. They mentioned…
hardyrama
  • 2,288
  • 1
  • 17
  • 41
11
votes
1 answer

What are the drawbacks of "lightweight crypto"?

Last year I learned about another NIST competition. https://csrc.nist.gov/projects/lightweight-cryptography/finalists And I thought to myself: "why would I continue to use heavyweight cryptography in my desktop and server environments, if we have…
Timur Timak
  • 145
  • 7
9
votes
4 answers

Lightweight cipher using only 8-bit operations

What is the most efficient (in cycles per byte) cryptographically secure symmetric cipher to implement using only 8-bit operations? Algorithms like TEA are great for embedded devices, but it is optimized for 32-bit operations. I am not looking for…
forest
  • 15,626
  • 2
  • 49
  • 103
9
votes
2 answers

What is the official, generally accepted definition of "lightweight crypto"?

I frequently stumble upon the term "lightweight crypto". It tends to be used is a for special algorithms that use less resources, for constrained systems. Yet, it's somewhat unclear to me where to draw the line between "regular algorithms" and…
Mike Edward Moras
  • 18,161
  • 12
  • 87
  • 240
8
votes
3 answers

Lightweight Asymmetric encryption algorithm

I'm an embedded systems researcher, and new in the crypto field. Actually, I need to know if there are any lightweight asymmetric encryption algorithm especially considering the time needed for key generation. I found that NTRU is considered one of…
a.refaat
  • 81
  • 1
  • 2
7
votes
3 answers

Standard lightweight one-way hash functions for IoT devices

What are the standard lightweight one-way hash functions used in current Internet of Things devices? I could find some proposal of hash functions in conference papers but I want to know the ones which are being currently used. I found no concrete…
Shridhar R Kulkarni
  • 427
  • 6
  • 13
7
votes
1 answer

What is the status of the NIST Lightweight Cryptography Standardisation Process?

The NIST Computer Security Resource Center called for nominations for a process to standardise lightweight symmetric primitives in August 2018. In the update talk in the 2019 Lightweight Cryptography Workshop, it was hoped that winners would be…
Daniel S
  • 29,316
  • 1
  • 33
  • 73
6
votes
1 answer

What are the advantages of MICKEY over Trivium and Grain?

These three stream ciphers were chosen for the final hardware profile of the eSTREAM portfolio. As far as I understand it, their merits are: Trivium: elegant design, very high throughput per area, small area, parallelizable. Grain: simple design,…
Thomas Prest
  • 1,100
  • 8
  • 14
6
votes
1 answer

Generating an IV for AES-CBC

I am faced with the task of generating a secure 256-bit IV for AES-CBC. I possess the following resources: A 32-bit microprocessor A 32-bit PRNG (can read/reseed) A 64-bit clock counter (can read) The first one is unpredictable, but repeating. The…
user907323
  • 63
  • 5
6
votes
1 answer

Difference between lightweight, online and low memory Authenticated Encryption schemes

What is the basic difference between the following types of Authenticated Encryption (AE) schemes? Lightweight Authenticated encryption Online Authenticated Encryption Authenticated Encryption for low memory devices Are they all the same or is…
megha
  • 89
  • 2
5
votes
1 answer

NIST LWC finalists (AEAD) vs ChaCha20-Poly1305

NIST LWC finalists announced. My question is that how finalists are faster or slower than current golden lightweight AEAD standard -- ChaCha20-Poly1305. Some benchmark among chacha20-poly1305 vs LWC finalists?
jannik
  • 53
  • 4
4
votes
2 answers

Why does TinyJAMBU-128 claim only 112-bit security?

I am trying to understand the security level of TinyJAMBU-128. As shown in Table 4.1 page 12 of this document, TinyJAMBU-128 claims 112-bit security. However, it has a 128-bit key. How have we lost 16 bits of key? What is the obvious attack that has…
user
  • 313
  • 2
  • 8
1
2 3 4 5