Cybersecurity

NIST seeks 'lightweight' encryption standards

Letters of word encyption highlighed on text background 

The National Institute of Standards and Technology will seek public comment next week on the best way to design evaluation criteria dictating new encryption standards for small computing devices.

The agency will eventually call for cryptographers and researchers to submit algorithms to encrypt data on smaller "constrained devices," such as RFID tags, industrial controllers, sensor nodes and smart cards. Such components are often present in automobile systems, internet-of-things devices, the smart grid and distributed control systems.

NIST is asking for feedback on the requirements and evaluation criteria that will guide that process. According to a notice scheduled to be published in the Federal Register on May 14, current NIST encryption standards were designed for "general purpose computing platforms" like personal computers and tablets, and the agency says they have not been optimized for smaller devices and could lead to performance issues.

"The shift from desktop computers to small devices brings a wide range of new security and privacy concerns," the notice reads. "It is challenging to apply conventional cryptographic standards to small devices, because the tradeoff between security, performance and resource requirements was optimized for desktop and server environments, and this makes the standards difficult or impossible to implement in resource-constrained devices."

The 45-day comment period is scheduled to begin when the notice officially publishes on May 14. Following that process, NIST will put out a call for public submissions of encryption algorithms from security experts, cryptographers, academia and government. The algorithms will be subject to a year of public review and an additional 10 to 11 months of analysis by NIST officials before being considered for standardization.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected