ASCON: New NIST Standard for Lightweight IoT Cryptography

The NIST standard FIPS 205 has been officially released – and with it, ASCON, a resource-efficient and highly secure encryption algorithm for IoT and embedded systems. For enterprises and security teams, this marks a significant milestone: for the first time, there is a globally recognized standard that combines performance and security for microcontrollers, RFID tags, and medical implants, helping to address the often underestimated attack surface of small, connected devices.

Practical Benefits and Relevance of ASCON

In manufacturing facilities, logistics hubs, and office buildings, countless sensors, actuators, and trackers communicate with each other. Many of these systems operate with minimal processing power and limited memory. Traditional encryption such as AES (Advanced Encryption Standard) – commonly used to secure servers and endpoints – would significantly slow these devices down or drastically reduce battery life. Without efficient security mechanisms, however, IoT devices can serve as entry points for attacks, DDoS campaigns, or manipulation of physical processes.

ASCON is an algorithm for Lightweight Cryptography (LWC) – cryptographic methods specifically designed for devices with constrained computing resources and limited memory.

The algorithm combines Authenticated Encryption in an efficient approach:

• Encryption: Protects the confidentiality of data sent to or from IoT devices.
• Authentication: Ensures that data is genuine and has not been tampered with.

This ensures that data is transmitted confidentially, authentically, and unaltered – even on highly resource-constrained devices such as microcontrollers or RFID chips.

NIST Standardization of ASCON

ASCON was originally developed by TU Graz in collaboration with Infineon, Lamarr Security Research, and Radboud University. After a multi-year, rigorous evaluation and selection process, NIST has validated ASCON and published it as the official FIPS 205 standard.

NIST standards carry strong global weight and are widely regarded as international benchmarks. As a result, ASCON is now positioned to become the de facto standard for lightweight IoT cryptography.

Enterprises can also rely on ASCON to meet high security requirements: the algorithm has undergone extensive scrutiny and is robust against known attack vectors. Standardization additionally ensures interoperability, enabling devices from different vendors that implement ASCON to work seamlessly together.

Practical Implications for Organizations

• Future-proof procurement: When selecting IoT solutions, ensure FIPS 205 / ASCON compatibility.
• Reduced attack surface: Devices using ASCON minimize exposure and increase network resilience.
• Security by design: ASCON can be integrated into in-house IoT products to enable early-stage security implementation.
• Compliance support: Modern, standardized encryption aligns with industry best practices and helps meet data protection requirements.

Conclusion

The days when IoT security was often a neglected side issue are over. With the standardization of ASCON (FIPS 205), organizations now have access to a globally recognized, efficient cryptographic standard to secure IoT devices. Security teams can effectively protect resource-constrained devices — without compromising performance or efficiency.

Sources:
https://csrc.nist.gov/pubs/sp/800/232/final
https://ascon.isec.tugraz.at