Does TLS support lightweight cryptography defined by IOS/IEC 29192 standard?

Question

does TLS support any of the lightweight cryptographic primitives defined in IOS/IEC 29192? like Clefia, Present or any others?

This is not a programming/development question, but a move to security.SX or maybe crypto.SX would be (much) better than superuser as the vote is suggesting. And PS: it's ISO/IEC. — dave_thompson_085, Nov 29 '18 at 21:01

score 0 · Answer 1 · edited Oct 07 '21 at 07:27

0

If you look at the TLS 1.2 cipher suites You will see that it is not containing any lightweight ciphers.

The TLS 1.3 actually has only 5 cipher suites. Due to the birthday attack on small block sized block ciphers, see sweet32, they are not even suitable for TLS, anymore.

The ChaCha20 as mentioned by Dave is a stream cipher.

edited Oct 07 '21 at 07:27

Community

1
1

answered Nov 29 '18 at 18:43

kelalaka

5,064
5
27
44

1

"Lightweight" cryptography is a new/recent criterion and means basically "works on very limited CPUs" for example RFID tags. It has nothing to do with blocksize and [3]DES and Blowfish are not lightweight; ChaCha _may_ be (also Salsa, but that isn't supported in TLS). Note there are lots of <=1.2 suites in RFCs other than 5246 et pred; the registry at IANA is a better reference. – dave_thompson_085 Nov 29 '18 at 20:59
@dave_thompson_085 Oh there is a mistake calling them lightweight, thanks. The Present block cipher goes back to 2007. Yes they are designed for limited... – kelalaka Nov 29 '18 at 21:16

Does TLS support lightweight cryptography defined by IOS/IEC 29192 standard?

1 Answers1