United States of America: National Institute of Standards and Technology released Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST SP 800-232)

On 13 August 2025, the National Institute of Standards and Technology (NIST) published NIST SP 800-232 (Final), setting out the Ascon-based Lightweight Cryptography Standards for Constrained Devices. These standards define the technical specifications and security properties for the Ascon family of cryptographic algorithms, selected through the NIST Lightweight Cryptography Standardisation Process for use in environments where conventional cryptographic methods may be resource-intensive. The standard formalises Authenticated Encryption with Associated Data (AEAD) through Ascon-AEAD128, a nonce-based scheme offering 128-bit security strength; the Ascon-Hash256 cryptographic hash function, producing 256-bit digests with 128-bit security strength; the Ascon-XOF128 eXtendable Output Function (XOF), allowing user-defined output lengths with up to 128-bit security strength; and the Ascon-CXOF128 customised XOF, which supports an optional customisation string and user-defined output length, also up to 128-bit security strength. The specification includes definitions for Ascon permutations supporting up to 16 rounds, updated initial values, and modifications to the little-endian format to enhance performance on microcontrollers, alongside implementation options such as truncation and nonce masking. It further details the Substitution–Permutation Network (SPN) structure, internal state configuration, constant addition, substitution, and linear diffusion layers, as well as the algorithmic phases for encryption and decryption, domain separation, padding, and parsing rules. These provisions ensure conformance with federal information system requirements under the Federal Information Security Modernisation Act (FISMA) of 2014.