[Sls-sea-dls] [Sea-sec] Fw: [EXTERNAL] NIST Publishes SP 800-232: Ascon-Based Lightweight Cryptography Standards for Constrained Devices

[Howard.Weiss at parsons.us]

Oana,

ASCON would be a lightweight, symmetric algorithm alternative to AES.

I would only specify the use of ASCON-80pq which is the NIST variant designed to be Level 1 conformant.  This variant uses a 160-bit key (vice 128-bit), 128-bit nonce, and a 128-bit authentication tag.  I’m not sure why NIST SP 800-232 only mentions but does not specify ASCON-80pq?

As for missions needing lightweight cryptography, in the past this was absolutely yes. There were many missions that would not entertain any manner of security. For the future, not so clear.  Nevertheless, if we can provide a strong but very lightweight algorithm, with a small code-base size (saving memory/storage) and low CPU usage, or even better in very small and cheap silicon, mission managers would be much less resistant to adoption of onboard cryptography.

It could also be very useful in small, low-cost, short-lived CubeSat missions.

Regards

howie

From: Oana-Alexandra Graur <Oana-alexandra.Graur at esa.int>
Sent: Thursday, August 14, 2025 4:47 AM
To: Weiss, Howard [US-US] <Howard.Weiss at parsons.us>; Moury Gilles via SLS-SEA-DLS <sls-sea-dls at mailman.ccsds.org>; Howard.Weiss--- via SEA-SEC <sea-sec at mailman.ccsds.org>
Subject: Re: [Sea-sec] Fw: [EXTERNAL] NIST Publishes SP 800-232: Ascon-Based Lightweight Cryptography Standards for Constrained Devices

Hi Howie,

In principle, we could add Ascon-AEAD128, but that has only 64 bits of quantum resistance (NIST states they want 128 bits from 2030 onwards). For 3KEM of course, it would not be my first choice for instantiation of the cipher (nor the second 😊), but there might be some other environments where AES is too heavy.
Personally I have to admit I have not seen any space missions so far where the hardware was so constrained that they could not do AES, but that doesn’t mean they might not exist. I would say that we would then have to put in some restrictions not to use it with 3KEM.

Did you have the experience that on some missions AES was too heavy? Perhaps deep space where the energy efficiency of Ascon would be very appreciated?

Kind regards,
Oana

From: SEA-SEC <sea-sec-bounces at mailman.ccsds.org<mailto:sea-sec-bounces at mailman.ccsds.org>> on behalf of "Howard.Weiss--- via SEA-SEC" <sea-sec at mailman.ccsds.org<mailto:sea-sec at mailman.ccsds.org>>
Reply to: "Howard.Weiss at parsons.us<mailto:Howard.Weiss at parsons.us>" <Howard.Weiss at parsons.us<mailto:Howard.Weiss at parsons.us>>
Date: Wednesday, 13 August 2025 at 17:26
To: Moury Gilles via SLS-SEA-DLS <sls-sea-dls at mailman.ccsds.org<mailto:sls-sea-dls at mailman.ccsds.org>>, "Howard.Weiss--- via SEA-SEC" <sea-sec at mailman.ccsds.org<mailto:sea-sec at mailman.ccsds.org>>
Subject: [Sea-sec] Fw: [EXTERNAL] NIST Publishes SP 800-232: Ascon-Based Lightweight Cryptography Standards for Constrained Devices

SecWG and SDLS WG: For your information.

Antonios/Oana - while you are updating the CCSDS Cryptographic Algorithms BB for Post-Quantum, would it make sense to add the lightweight symmetric algorithms at the same time?  I believe that lightweight algorithms are directly applicable to the CCSDS environment.

regards

howie
________________________________
From: NIST Cybersecurity and Privacy Program <csrc.nist at announcements.nist.gov<mailto:csrc.nist at announcements.nist.gov>>
Sent: Wednesday, August 13, 2025 10:23 AM
To: howard.weiss at parsons.com<mailto:howard.weiss at parsons.com> <howard.weiss at parsons.com<mailto:howard.weiss at parsons.com>>
Subject: [EXTERNAL] NIST Publishes SP 800-232: Ascon-Based Lightweight Cryptography Standards for Constrained Devices

[Image removed by sender. NIST]

View As Web Page<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fcontent.govdelivery.com*2Faccounts*2FUSNIST*2Fbulletins*2F3eae579/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/AcPPPxFgCgYCXulxwI_ZY2utRlAeCDVDnb_ER3yeQbk=418__;JSUlJSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4H5SCYy0k$>
[Image removed by sender. Header]
NIST Cybersecurity and Privacy Program
NIST Publishes SP 800-232: Ascon-Based Lightweight Cryptography Standards for Constrained Devices

NIST has released Special Publication (SP) 800-232, Ascon-Based Lightweight Cryptography Standards for Constrained Devices<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fcsrc.nist.gov*2Fpubs*2Fsp*2F800*2F232*2Ffinal/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/hEZCjALLPZ6v4A0EsMd4kPdZH2WbwCQn7tHNjGE1MHE=418__;JSUlJSUlJQ!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4H6qIPK7U$>.

This standard introduces a new Ascon-based family of symmetric-key cryptographic primitives that provides robust security, efficiency, and flexibility. With its compact state and range of cryptographic functions, it is ideal for resource-constrained environments, such as Internet of Things (IoT) devices, embedded systems, and low-power sensors. This standard includes multiple algorithms to meet a wide range of symmetric cryptographic needs, including the Authenticated Encryption with Associated Data (AEAD) scheme Ascon-AEAD128, the hash function Ascon-Hash256, and the eXtendable-Output Functions (XOFs) Ascon-XOF128 and Ascon-CXOF128.

Read more about the release of SP 800-232, review NIST's news release<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fwww.nist.gov*2Fnews-events*2Fnews*2F2025*2F08*2Fnist-finalizes-lightweight-cryptography-standard-protect-small-devices/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/1cEbKUEpFmmMrHP8e-xv_KPMaWdI4QRh8t27Pebkp2Q=418__;JSUlJSUlJQ!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4Hpg2i1Ig$>.

Read More<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fcsrc.nist.gov*2Fpubs*2Fsp*2F800*2F232*2Ffinal/2/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/93ReICGcTbe9X0vTog3u53gals74ra-qPQek4TO4fRU=418__;JSUlJSUlJQ!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4Hkx2wMkg$>

NIST Cybersecurity and Privacy Program
Questions/Comments about this notice: sp800-232-comments at list.nist.gov<mailto:sp800-232-comments at list.nist.gov>
CSRC Website questions: csrc-inquiry at nist.gov<mailto:csrc-inquiry at nist.gov>

Connect with us
[Image removed by sender. facebook]<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fwww.facebook.com*2FNIST/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/1RR_5-1h7JLGeKf68E5eDZ-SpCsK5D_9fJZG-rif_Ys=418__;JSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HmM0gmcA$>[Image removed by sender. twitter]<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Ftwitter.com*2FNIST/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/xmf0BHh--6teQwhrVuPswzSLdlfxbu963PR97H5_WuI=418__;JSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HgArf-JA$>[Image removed by sender. youtube]<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fwww.youtube.com*2FNIST/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/PqFTsMl7KloUjqfm6UoJWUcBK74Irpm71gGoj1Q_yck=418__;JSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HPm5vj6c$>[Image removed by sender. linkedin]<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fwww.linkedin.com*2Fcompany*2Fnist/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/44wtGt65tNGm_LR40MIssiHrHenUpqCn9o4NQX1Cfqk=418__;JSUlJQ!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HSEyuxUM$>[Image removed by sender. flickr]<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fwww.instagram.com*2Fnist*2F/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/eexEnbHTFu37unuSJB9DIPWeNsGTTkYzBzTpFfw1Gxc=418__;JSUlJQ!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HifEJAFo$>

Received this email from a friend? Subscribe here<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fpublic.govdelivery.com*2Faccounts*2FUSNIST*2Fsubscriber*2Fnew*3Ftopic_id=USNIST_1/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/x9AlczpyT6I5aaXTW3dsCRIJ8DNjy-FcLlexdF2_2c4=418__;JSUlJSUlJQ!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4H9Z_gQ6A$>.
[Image removed by sender. ITL NIST]<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fwww.nist.gov*2Fitl/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/yWid6D2jyJiOtBnRe93Mf3LgLSff0yILhZzY8trppfg=418__;JSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HRhtFM98$>

Subscriber services:

Manage Preferences<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fpublic.govdelivery.com*2Faccounts*2FUSNIST*2Fsubscriber*2Fedit*3Fpreferences=true*23tab1/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/ROCHKfzDnl3Lk3a9xiCT60U465D2r7d-Ogav-f8gYgM=418__;JSUlJSUlJSU!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HiTGU_Rw$>  |  Unsubscribe<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fpublic.govdelivery.com*2Faccounts*2FUSNIST*2Fsubscriber*2Fedit*3Fpreferences=true*23tab1/2/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/klWMX8rPGnDeaATFgRDnwtS4AKoVi1BE-9sChaGSJ1E=418__;JSUlJSUlJSU!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HOJ4nKkQ$>  |  Help<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fsubscriberhelp.govdelivery.com*2F/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/L1beodgyKNbA1n7obP7UQxA39pb8wfx3nnl_CftCILI=418__;JSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HDGrewvY$>

________________________________

If you have questions or problems with the subscription service, please contact subscriberhelp.govdelivery.com<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fsubscriberhelp.govdelivery.com*2F/2/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/SgN6ISqRO8reP8x-jEODawRzpe16LdpLI04cc8HZ_sY=418__;JSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HNcnzYlE$>.
Technical questions? Contact inquiries at nist.gov<mailto:inquiries at nist.gov>. (301) 975-NIST (6478).

This service is provided to you at no charge by National Institute of Standards and Technology (NIST). 100 Bureau Drive, Stop 1070 · Gaithersburg, MD 20899 · 301-975-6478
[Image removed by sender. GovDelivery logo]<https://urldefense.com/v3/__https:/links-1.govdelivery.com/CL0/https:*2F*2Fsubscriberhelp.granicus.com*2F/1/01000198a3d07004-2f7333ce-c22b-466a-a74b-fd2c46f3d569-000000/FhE_hPGWy2lOuuxihJ9qczGWD6whTZzKNCeQ1kRfGZM=418__;JSUl!!NFAdMAnI0yk!AP3QRG0rUEw6CjfCvzri1KkPDYUGjkEhQLHwf82A6sHsixf_N034cTeG8Tk2EadY-NY66gUqAZnMPbQIyUouQuW8PK4HIHiFVBI$>
[Image removed by sender.]

"NOTICE: This email message and all attachments transmitted with it may contain confidential information, including information that is privileged or protected by, and proprietary to, Parsons Corporation, and is intended solely for the use of the addressee for the specific purpose set forth in this communication. If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited, and you should delete this message and all copies and backups thereof. The recipient may not further distribute or use any of the information contained herein without the express written authorization of the sender. If you have received this message in error, or if you have any questions regarding the use of the proprietary information contained therein, please contact the sender of this message immediately, and the sender will provide you with further instructions."
This message is intended only for the recipient(s) named above. It may contain proprietary information and/or protected content. Any unauthorised disclosure, use, retention or dissemination is prohibited. If you have received this e-mail in error, please notify the sender immediately. ESA applies appropriate organisational measures to protect personal data, in case of data privacy queries, please contact the ESA Data Protection Officer (dpo at esa.int<mailto:dpo at esa.int>).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/sls-sea-dls/attachments/20250815/1ac2b7cc/attachment-0001.htm>