NIST's New Crypto Standard a Step Forward in IoT Security

The National Institute of Standards and Technology has settled on a standard for encrypting IoT communications, but many devices remain vulnerable and unpatched.

2 Min Read
IoT box on a digital circuit board

A new encryption standard for Internet of Things (IoT) should help advance security for these connected devices in businesses, manufacturers, critical infrastructure, and other sectors running this equipment.

But many of these devices continue to lag behind in cybersecurity functions and practices.

On Feb. 7, the National Institute of Standards and Technology (NIST) announced it had selected a group of cryptographic algorithms, known as Ascon, to be the formal encryption standard for "lightweight" electronic devices and their communications. The standard should help devices makers and their customers better secure the data and devices from attackers increasingly targeting operational technology even though such devices have limited processing power and storage.

The algorithms allow encryption protections for even the smallest devices, NIST computer scientist Kerry McKay said in the announcement of the standard.

"The world is moving toward using small devices for lots of tasks ranging from sensing to identification to machine control, and because these small devices have limited resources, they need security that has a compact implementation," she said. "These algorithms should cover most devices that have these sorts of resource constraints."

Related:Ransomware Attacks on Industrial Firms Increased by 87% in 2022

Why IoT Is Exploding

Connected devices in business and industrial settings are a rapidly growing application driven by two major forces over the past three years. Initially, the pandemic spurred the need to support remote operations, while the current concerns of a recession are pushing companies to automate operations using connected devices.

For example, the Industrial Internet of Things (IIoT) — an umbrella term for connected devices that monitor and control physical systems and industrial processes — is predicted to grow dramatically. The number of industrial IoT connections — a measure of the number of devices deployed — is expected to more than double to 36.8 billion in 2025, up from 17.7 billion in 2020, according to Juniper Research. 

Continue reading this Article on Dark Reading

Read more about:

Dark Reading

About the Author(s)

Robert Lemos

Dark Reading, Contributing writer

Robert Lemos is a veteran technology journalist and a former research engineer. He's written for more than two dozen publications, including CNET, Dark Reading, MIT's Technology Review, Popular Science and Wired News. He has won five awards for journalism and crunches numbers on various trends using Python and R. 

Dark Reading

Long one of the most widely read cyber security news sites on the Web, Dark Reading, a sister site to ITPro Today, is now the most trusted online community for security professionals like you. Dark Reading's community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like