by Corentin Verhamme, UCLouvain
Embedded systems have become an unavoidable part of modern technology, seamlessly integrated into devices such as smart cards and IoT gadgets. However, the often-overlooked danger of side channel attacks poses a significant risk to the security of these embedded implementations. Recently the Lightweight Cryptography Competition (LWC) finished with the announcement of Ascon as a new standard for constrained applications.
Embedded systems, due to their prevalence in IoT devices and smart cards, operate with limited resources and processing power. Cryptographic algorithms implemented in these environments face unique challenges, making them susceptible to side channel attacks. However the Ascon proposition offers a tailored solution for that very specific design corner. Namely it is efficient and offers built-in countermeasure named ‘leveling’ that mitigates the prohibitive cost of side-channel countermeasures. This makes Ascon an appealing algorithm to use for REWIRE’s secure software update distribution. UCL plans to analyse it in the second phase of the project.
Built out of the same permutation (Ascon), ISAP is another candidate using a mechanism that allows obtaining side-channel security without relying on implementation countermeasures, such as masking. Since the industry should move to integrate this new standard, we note that an interesting design spot exists to tape out Ascon permutation co processors that would be able to accelerate unprotected Ascon mode of operation or perform protected ISAP operations.