2023-05-03
The NIST Lightweight Cryptography finalist Ascon was announced just before Keyfactor Tech Days in February. Bouncy Castle now supports Ascon, as well as several other finalists.
The NIST Lightweight Cryptography competition was conducted to identify a secure algorithm suitable for use in small power/platform devices. Ascon represents a family of algorithms that support an AEAD cipher, message digest, and an XOF (eXpandable Output Function) suitable for key generation, providing the full range of functionality that could be required in symmetric key and hashing applications on an IoT device.
Due to its lightweight design and minimal resource consumption, the Ascon cryptographic algorithms are suitable for IoT devices with limited computing capabilities. Furthermore, the Ascon family is designed to provide strong security and to resist attacks, such as side-channel attacks, which are particularly relevant to small devices. Ascon was also selected for the final portfolio in the CAESAR Competition in 2019.
Bouncy Castle now provides the full Ascon family both in Java and C#. The addition of the Ascon algorithms to the BC APIs allows applications to be prototyped on smaller devices, such as Android devices or iPhones, as well as for the development of applications in general for secure communication with more primitive devices. When the final NIST standard is published, Bouncy Castle will be releasing an updated implementation in line with any published modifications. The current expectation is that NIST will release the final standards on Ascon at the end of 2023.