A Comprehensive Survey on the Implementations, Attacks, and Countermeasures of the Current NIST Lightweight Cryptography Standard

This survey is the first work on the current standard for lightweight cryptography, standardized in 2023. Lightweight cryptography plays a vital role in securing resource-constrained embedded systems such as deeply-embedded systems (implantable and wearable medical devices, smart fabrics, smart homes, and the like), radio frequency identification (RFID) tags, sensor networks, and privacy-constrained usage models. National Institute of Standards and Technology (NIST) initiated a standardization process for lightweight cryptography and after a relatively-long multi-year effort, eventually, in Feb. 2023, the competition ended with ASCON as the winner. This lightweight cryptographic standard will be used in deeply-embedded architectures to provide security through confidentiality and integrity/authentication (the dual of the legacy AES-GCM block cipher which is the NIST standard for symmetric key cryptography). ASCON's lightweight design utilizes a 320-bit permutation which is bit-sliced into five 64-bit register words, providing 128-bit level security. This work summarizes the different implementations of ASCON on field-programmable gate array (FPGA) and ASIC hardware platforms on the basis of area, power, throughput, energy, and efficiency overheads. The presented work also reviews various differential and side-channel analysis attacks (SCAs) performed across variants of ASCON cipher suite in terms of algebraic, cube/cube-like, forgery, fault injection, and power analysis attacks as well as the countermeasures for these attacks. We also provide our insights and visions throughout this survey to provide new future directions in different domains. This survey is the first one in its kind and a step forward towards scrutinizing the advantages and future directions of the NIST lightweight cryptography standard introduced in 2023

LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments

The non-repudiation as an essential requirement of many applications can be provided by the asymmetric key model. With the evolution of new applications such as mobile commerce, it is essential to provide secure and efficient solutions for the mobile environments. The traditional public key cryptography involves huge computational costs and is not so suitable for the resource-constrained platforms. The elliptic curve-based approaches as the newer solutions require certain considerations that are not taken into account in the traditional public key infrastructures. The main contribution of this paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the constrained platforms such as mobile phones. It takes advantages of elliptic curve cryptography and signcryption to decrease the computational costs and communication overheads, and adapting to the constraints. All the computational costs of required validations can be eliminated from end-entities by introduction of a validation authority to the introduced infrastructure and delegating validations to such a component. LPKI is so suitable for mobile environments and for applications such as mobile commerce where the security is the great concern.Comment: 6 Pages, 6 Figure

A Taxonomy and Review of Lightweight Blockchain Solutions for Internet of Things Networks

Internet of things networks have spread to most digital applications in the past years. Examples of these networks include smart home networks, wireless sensor networks, Internet of Flying Things, and many others. One of the main difficulties that confront these networks is the security of their information and communications. A large number of solutions have been proposed to safeguard these networks from various types of cyberattacks. Among these solutions is the blockchain, which gained popularity in the last few years due to its strong security characteristics, such as immutability, cryptography, and distributed consensus. However, implementing the blockchain framework within the devices of these networks is very challenging, due to the limited resources of these devices and the resource-demanding requirements of the blockchain. For this reason, a large number of researchers proposed various types of lightweight blockchain solutions for resource-constrained networks. The "lightweight" aspect can be related to the blockchain architecture, device authentication, cryptography model, consensus algorithm, or storage method. In this paper, we present a taxonomy of the lightweight blockchain solutions that have been proposed in the literature and discuss the different methods that have been applied so far in each "lightweight" category. Our review highlights the missing points in existing systems and paves the way to building a complete lightweight blockchain solution for resource-constrained networks.Comment: 64 pages, 11 figures

I2PA, U-prove, and Idemix: An Evaluation of Memory Usage and Computing Time Efficiency in an IoT Context

The Internet of Things (IoT), in spite of its innumerable advantages, brings many challenges namely issues about users' privacy preservation and constraints about lightweight cryptography. Lightweight cryptography is of capital importance since IoT devices are qualified to be resource-constrained. To address these challenges, several Attribute-Based Credentials (ABC) schemes have been designed including I2PA, U-prove, and Idemix. Even though these schemes have very strong cryptographic bases, their performance in resource-constrained devices is a question that deserves special attention. This paper aims to conduct a performance evaluation of these schemes on issuance and verification protocols regarding memory usage and computing time. Recorded results show that both I2PA and U-prove present very interesting results regarding memory usage and computing time while Idemix presents very low performance with regard to computing time

KLEIN: A New Family of Lightweight Block Ciphers

Resource-efficient cryptographic primitives become fundamental for realizing both security and efficiency in embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a major role as a building block for security protocols. In this paper, we describe a new family of lightweight block ciphers named KLEIN, which is designed for resource-constrained devices such as wireless sensors and RFID tags. Compared to the related proposals, KLEIN has advantage in the software performance on legacy sensor platforms, while in the same time its hardware implementation can also be compact