Lightweight Cryptology Standardization

Lightweight Cryptology Standardization

Standard cryptology methods are well designed for desktop or server environments, so they are applicable for old systems. But today's technology evolves on small devices that connect with each other, like in the internet of things, the network of sensors, or similar areas. There are some constraints about storage, cost, surface area, electric usage, and many more with these small devices. This has led to the need for lightweight cryptology methods today.

Unfortunately, there is no standardization by NIST in lightweight cryptology. NIST realized this problem and made a call for a lightweight algorithm and standardization process. First of the meetings done in 2014 at NIST. After two more workshops and lots of analysis, NIST plans to announce the finalists before the end of February 2021.

Here is the full list of the Round 2 Candidates:

  • ACE
  • Elephant
  • ForkAE
  • Gimli
  • Grain-128AEAD
  • HyENA
  • ISAP
  • KNOT
  • mixFeed
  • Oribatida
  • PHOTON-Beetle
  • Pajamas
  • Romulus
  • Saturnin
  • SPIX
  • SpoC
  • Spook
  • Subterranean 2.0
  • TinJambu
  • WAGE
  • Xoodyak

For detailed information, you can check NIST's webpage from here.

ISO Standardized Lightweight Block Ciphers



It was designed in 2006 by Deukjo Hong. It was highly efficient for extremely constrained hardware. After becoming standard encryption by ISO and used in South Korea, it is found that it has a weakness and is not used. 



Present published in 2007, and it is a SPN-based lightweight block cipher. The key size is 80 or 128 bits. The message block size is 64 bits and has 31 rounds. Today, 80 bit can be secure, but depending on the usage, it can be thought of as not secure. It is bit-oriented and not software friendly.

There is a truncated differential attack on 26 out of 31 rounds of present found in 2014.



CALIFIA was published in 2007 as PRESENT. It is designed by SONY Corporation. The key size is 128 or 192 or 256 bits. It has a block size of 128 bits, and it has 18,22 or 26 rounds, depending on the key length.

There is an attack that breaks 13 of the 18 rounds.



Today we need lighter cryptology algorithms for our needs. NIST has led this search, and soon we will have new standardization methodologies that will be used around the world and affect our daily lives even if we don't realize somebody is trying to secure our devices.