Isap is a family of lightweight authenticated encryption algorithms designed with a focus on robustness against implementation attacks and is currently competing in the final round of the NIST Standardization Process for Lightweight Cryptography (2019–). It is of particular interest for applications like firmware updates where robustness against power analysis and fault attacks is crucial while codesize and a small footprint in hardware matters. Isap's original version was published at FSE 2017.
- Authenticated encryption using lightweight permutations
- Sponge-based mode of operation using well studied SPN permutations
- Suitable for constrained devices: small state, simple permutation
- Side-channel resistance: Provably secure leakage-resilience for en/decryption
- Built-in hardening against fault attacks
- Easy to implement in software and hardware
- Compact in software: Pipelinable, bit-sliced 5-bit S-box
- Fast and compact in hardware
- Scalable for more conservative security or higher throughput
- Timing resistance: No table look-ups or additions
- Minimal overhead (ciphertext length = plaintext length)
Isap was designed by a team of cryptographers from
Graz University of Technology,
Lamarr Security Research, and
Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Bart Mennink, Robert Primas and Thomas Unterluggauer.