惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
WordPress大学
WordPress大学
宝玉的分享
宝玉的分享
人人都是产品经理
人人都是产品经理
博客园 - 聂微东
IT之家
IT之家
V
V2EX
Jina AI
Jina AI
V
Visual Studio Blog
有赞技术团队
有赞技术团队
博客园 - 司徒正美
博客园 - 叶小钗
The Cloudflare Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
小众软件
小众软件
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
博客园 - 三生石上(FineUI控件)
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Google DeepMind News
Google DeepMind News
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
腾讯CDC
Google Online Security Blog
Google Online Security Blog
博客园 - 【当耐特】
Apple Machine Learning Research
Apple Machine Learning Research
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
N
News and Events Feed by Topic
N
News and Events Feed by Topic
The Last Watchdog
The Last Watchdog
W
WeLiveSecurity
月光博客
月光博客
Security Archives - TechRepublic
Security Archives - TechRepublic
Webroot Blog
Webroot Blog
SecWiki News
SecWiki News
博客园_首页
罗磊的独立博客
量子位
Latest news
Latest news
I
Intezer
V
Vulnerabilities – Threatpost
A
Arctic Wolf
Last Week in AI
Last Week in AI
Recent Commits to openclaw:main
Recent Commits to openclaw:main
S
SegmentFault 最新的问题
S
Security Affairs
阮一峰的网络日志
阮一峰的网络日志
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
酷 壳 – CoolShell
酷 壳 – CoolShell
P
Palo Alto Networks Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
N
News | PayPal Newsroom

News and Events Feed by Topic

Securing AI Data Center: Architecture, Security Posture, and Emerging Standards New NCCoE Project: Asset Management and Visibility for Operational Technology (OT) Environments NIST Guidelines for Secure Remote Access in Water and Wastewater Systems NIST Workshop on Hardware CPE and CVSS Updates NCCoE Two-Pager Now Available: Effective OT Backup Management The Department of Commerce’s CHIPS Program Announces a Letter of Intent with Coherent for up to $50 Million to Expand Indium Phosphide Production Now Available: Practical Guidelines for Preventing and Mitigating Ransomware NIST NCCoE Genomic Data PETs Testbed & Dioptra Webinar NIST Mathematical Proof Supports Transition to a Continuous-Monitor-and-Update Security Model for AI Systems NCCoE Cybersecurity Connections Event: Accelerating the Adoption of Mobile Driver's Licenses NIST Expands AI Consortium’s Scope, Calls for New Members Now Available: NIST SP 1800-41, Responding to and Recovering from a Cyber Attack NCCoE Manufacturing Project Update NIST NCCoE Cyber AI Profile Virtual Working Session Series: Usability of the Profile Draft PNT Profile Updated to Align with NIST CSF 2.0 NIST NCCoE Cyber AI Profile Virtual Working Session Series: Extending the Technical Content CAISI Signs Agreements Regarding Frontier AI National Security Testing With Google DeepMind, Microsoft and xAI NIST NCCoE Cyber AI Profile Virtual Working Session Series: Updates to Profile Elements and Contents NICE Releases NICE Framework Components v2.2.0 Adoption of Mobile Driver’s Licenses for Financial Institutions Webinar NIST Updates NVD Operations to Address Record CVE Growth New Publication: Automation of the NIST Cryptographic Module Validation Program NIST Workshop on AI Incident Management Cybersecurity for IoT Workshop: Future Directions New Live Guidelines for Secure Software Development, Security, and Operations Practices Workshop on Blockchain and Distributed Ledger Technologies Improving the Nation’s Cybersecurity - an Open Forum NIST Guidelines on Implementing Mobile Driver’s Licenses for Financial Institutions NICE Webinar: Beyond Technical Skills - The Human Element of a Cyber Career Artificial Intelligence (AI) for Manufacturing Workshop Safeguarding Health Information: Building Assurance through HIPAA Security 2026 Workshop on Blockchain and Distributed Ledger Technologies 2026 Time and Frequency Seminar NCCoE Project Portfolio Webinar MLXN: Machine Learning for X-ray and Neutron Scattering Comment Now: Draft Guidelines on Data Classification Practices Technologies and Use Cases for Smart Standards NIST Allocates Over $3 Million to Small Businesses Advancing AI, Biotechnology, Semiconductors, Quantum and More Building the Strategic Supply Chain Network Iris Experts Group Annual Meeting New Concept Paper on Identity and Authority of Software Agents SUSHI@NIST: Rolling Next-Generation Secure Hardware into Standards Now Available! Transit Cybersecurity Framework Community Profile Now Available: NIST NCCoE Project Portfolio Cyber AI Workshop #2 NIST Launches Centers for AI in Manufacturing and Critical Infrastructure Apply on USAJobs: Open CAISI Position for an AI Research Scientist Securing Smart Speakers for Home Health Care: NIST Offers New Guidelines Secure Software Development Framework (SSDF) Version 1.2 is Available for Public Comment Just Published! Final NIST Telehealth Smart Home Integration Cybersecurity White Paper Draft NIST Guidelines Rethink Cybersecurity for the AI Era Comment & Save the Date Now! NIST Cyber AI Profile Preliminary Draft & Workshop Final NCCoE IoT Secure Onboarding Publications Now Available! Mobile Driver’s License Project Update Webinar NCCoE Cybersecurity Connections – Strengthening the Cybersecurity Workforce New Draft White Paper | PQC Migration: Mappings to Risk Framework Docs Now Available: NIST Final SP 1800-37, Addressing Visibility Challenges with TLS 1.3 NIST Awards More Than $3 Million to Support Cybersecurity Workforce Development Across 13 States Feedback Requested: NIST Cryptographic Module Validation Program White Paper New NIST NCCoE Mobile Drivers Licenses Project Resources Now Available! CSF 2.0 Webinar Series: Deep-Dive into the CSF 2.0 Govern Function to Improve Cybersecurity Final Publication Available: NIST IR 8523, Multi-Factor Authentication for Criminal Justice Information Systems Federal Investments in IoT Infrastructure Offer 10-20x Return, NIST Study Finds Final NIST IR 8349 Released: Characterize & Secure Your IoT Devices NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases We Want Your Feedback! Developing a Transit Cybersecurity Framework Community Profile Advances in Automation of Quantum Dot Devices Control Empowering Future Innovators: NIST CTL Connects Cybersecurity Students with Real-World Research NIST Awards Over $1.8 Million to Small Businesses Advancing AI, Semiconductors, Additive Manufacturing and More NIST Researchers Demonstrate that Superconducting Neural Networks Can Learn on Their Own STPPA8: Special Topics on Privacy and Public Auditability — Event 8: Experimenting with Privacy-Enhancing Cryptography (PEC) Implementations NIST Releases Test Tools to Accelerate Adoption of Emerging Route Leak Mitigation Standards Second Seminar on Building an In-Space Circular Economy Lessons Learned from the Consortium: Tool Use in Agent Systems
NIST Finalizes ‘Lightweight Cryptography’ Standard to Protect Small Devices
Chad Boutin · 2025-08-13 · via News and Events Feed by Topic
  • Many networked devices do not possess the electronic resources that larger computers do, but they still need protection from cyberattacks. NIST’s lightweight cryptography standard will help. 
  • The four algorithms in the standard require less computing power and time than more conventional cryptographic methods do, making them useful for securing data from resource-constrained devices such as those making up the Internet of Things. 
  • NIST has finalized the standard after a multiyear public review process followed by extensive interaction with the design community.
Shield labeled "Update" is surrounded by icons for Internet of Things applications like fitness trackers and smart home systems.

Lightweight cryptography is designed to protect information created and transmitted by the Internet of Things, as well as for other miniature technologies.

Credit: N. Hanacek/NIST

It’s the little things that matter most, as the saying goes, and the National Institute of Standards and Technology (NIST) has got their back. NIST’s newly finalized lightweight cryptography standard provides a defense from cyberattacks for even the smallest of networked electronic devices. 

Released as Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST Special Publication 800-232), the standard contains tools designed to protect information created and transmitted by the billions of devices that form the Internet of Things (IoT) as well as other small electronics, such as RFID tags and medical implants. Miniature technologies like these often possess far fewer computational resources than computers or smartphones do, but they still need protection from cyberattacks. The answer is lightweight cryptography, which is designed to defend these sorts of resource-constrained devices.

“We encourage the use of this new lightweight cryptography standard wherever resource constraints have hindered the adoption of cryptography,” said NIST computer scientist Kerry McKay, who co-led the project with her NIST colleague Meltem Sönmez Turan. “It will benefit industries that build devices ranging from smart home appliances to car-mounted toll registers to medical implants. One thing these electronics have in common is the need to fine-tune the amount of energy, time and space it takes to do cryptography. This standard fits their needs.” 

The standard is built around a group of cryptographic algorithms in the Ascon family, which NIST selected in 2023 as the planned basis for its lightweight cryptography standard after a multiround public review process. Ascon was developed in 2014 by a team of cryptographers from Graz University of Technology, Infineon Technologies and Radboud University. In 2019 it emerged as the primary choice for lightweight encryption in the CAESAR competition, a sign that Ascon had withstood years of examination by cryptographers. 

In the standard are four variants from the Ascon family that give designers different options for different use cases. The variants focus on two of the main tasks of lightweight cryptography: authenticated encryption with associated data (AEAD) and hashing. 

ASCON-128 AEAD is useful when a device needs to encrypt its data, verify the authenticity of the data, or — crucially — both. A common weakness of small devices is their vulnerability to “side-channel attacks,” in which an attacker can extract sensitive information by observing physical characteristics like power consumption or timing. While no cryptographic algorithm is inherently immune to such attacks, ASCON is designed to support side-channel-resistant implementations more easily than many traditional algorithms. Devices that can benefit from its approach include RFID tags, implanted medical devices, and toll-registration transponders attached to car windshields.

ASCON-Hash 256 takes all the data it encrypts and uses it to create a short “hash” a few characters long, which functions like a fingerprint of the data. Even a small change to the original data results in an instantly recognizable change in the hash, making the algorithm useful for maintaining the data’s integrity — such as during a software update, to ensure that no malware has crept in. Other uses are for protecting passwords and the digital signatures we use in online bank transfers. It is a lightweight alternative to NIST’s SHA-3 family of hash algorithms, which are widely used for many of the same purposes.

ASCON-XOF 128 and ASCON-CXOF 128 are hash functions with a twist: Both algorithms allow the user to change the size of the hash. This option can benefit small devices because using shorter hashes allows the device to spend less time and energy on the encryption process. 

The CXOF variant also adds the ability to attach a customized “label” a few characters long to the hash. If many small devices perform the same encryption operation, there is a small but significant chance that two of them could output the same hash, which would offer attackers a clue about how to defeat the encryption. Adding customized labels would allow users to sidestep this potential problem.

McKay said the NIST team intends the standard not only to be of immediate use, but also to be expandable to meet future needs. 

“We’ve taken the community’s feedback and tried to provide a standard that can be easily followed and implemented, but we are also trying to be forward-looking in terms of being able to build on it,” she said. “There are additional functionalities people have requested that we might add down the road, such as a dedicated message authentication code. We plan to start considering these possibilities very soon.” 

For more information on the standard, visit the NIST Lightweight Cryptography Project page