Paper 2015/303

The Design Space of Lightweight Cryptography

Nicky Mouha


For constrained devices, standard cryptographic algorithms can be too big, too slow or too energy-consuming. The area of lightweight cryptography studies new algorithms to overcome these problems. In this paper, we will focus on symmetric-key encryption, authentication and hashing. Instead of providing a full overview of this area of research, we will highlight three interesting topics. Firstly, we will explore the generic security of lightweight constructions. In particular, we will discuss considerations for key, block and tag sizes, and explore the topic of instantiating a pseudorandom permutation (PRP) with a non-ideal block cipher construction. This is inspired by the increasing prevalence of lightweight designs that are not secure against related-key attacks, such as PRINCE, PRIDE or Chaskey. Secondly, we explore the efficiency of cryptographic primitives. In particular, we investigate the impact on efficiency when the input size of a primitive doubles. Lastly, we provide some considerations for cryptographic design. We observe that applications do not always use cryptographic algorithms as they were intended, which negatively impacts the security and/or efficiency of the resulting implementations.

Available format(s)
Secret-key cryptography
Publication info
Preprint. MINOR revision.
symmetric-keyencryptionauthenticationhash functionlightweightconstrained devicesscaling law
Contact author(s)
Nicky Mouha @ esat kuleuven be
2015-06-30: revised
2015-04-06: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nicky Mouha},
      title = {The Design Space of Lightweight Cryptography},
      howpublished = {Cryptology ePrint Archive, Paper 2015/303},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.