Ascon is a family of authenticated encryption algorithms and a finalist of the CAESAR competition. The Ascon family was designed to be lightweight and easy to implement, even with added countermeasures against side-channel attacks.
Features
- Sponge-based mode of operation with custom-tailored SPN permutation
- Provably secure mode with keyed finalization for additional robustness
- Easy to implement in software and hardware
- Lightweight for constrained devices: small state, simple permutation, robust mode
- Fast in hardware
- Fast in software: Pipelinable, bit-sliced 5-bit S-box for 64-bit architectures
- Scalable for more conservative security or higher throughput
- Timing resistance: No table look-ups or additions
- Side-channel resistance: S-box optimized for countermeasures
- Key size = tag size = security level (128 bits recommended)
- Minimal overhead (ciphertext length = plaintext length)
- Single-pass, online (encryption and decryption), nonce-based, inverse-free
Ascon was designed by a team of cryptographers from
Graz University of Technology and
Infineon Technologies:
Christoph Dobraunig, Maria Eichlseder, Florian Mendel and Martin Schläffer.
The work has been supported in part by the Austrian Science Fund (FWF): P26494-N15 and J4277-N38, by the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644052, and by the Austrian Government through the research projects SePAG (FIT-IT 835919) and SeCoS (FFG/SFG 836628).
