Lightweight Authenticated Encryption

ISAP is a family of lightweight authenticated encryption algorithms designed with a focus on robustness against passive side-channel attacks and is currently competing in the NIST Lightweight Cryptography competition (2019). It is of particular interest for applications like firmeware updates where robustness against side-channel attacks is crucial and codesize and a small footprint in hardware matters, but performance is not so important. ISAP's original version was published at FSE 2017.


  • Authenticated encryption using lightweight permutations
  • Sponge-based mode of operation using well studied SPN permutations
  • Suitable for constrained devices: small state, simple permutation
  • Side-channel resistance: Provably secure leakage-resilience for en/decryption
  • Built-in hardening against fault attacks
  • Easy to implement in software and hardware
  • Compact in software: Pipelinable, bit-sliced 5-bit S-box
  • Fast and compact in hardware
  • Scalable for more conservative security or higher throughput
  • Timing resistance: No table look-ups or additions
  • Minimal overhead (ciphertext length = plaintext length)

ISAP was designed by a team of cryptographers from Graz University of Technology, Infineon Technologies, and Radboud University:

Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Bart Mennink, Robert Primas and Thomas Unterluggauer.

logo tu graz         logo infineon

logo radboud