What’s Small and Efficient: A Crypto Beetle
One of the great advantages of using a sponge method in cryptography is that you get the addition of hashing on top of encryption for very little overhead in the code size and the memory requirements. If we are using something like an 8-bit microcontroller, we might only have a few hundred bytes of ROM, and a similar space for RAM. The device on the left-hand side is an MC6811, and only has 8 KB of ROM and 256 bytes of on-chip RAM. We thus need efficient code for our encryption, as there needs to be space for the main application software, too.
One method which focuses on creating an extremely small footprint is the PHOTON-Beetle method. Overall it is a lightweight block cipher and was written by Zhenzhen Bao, Avik Chakraborti, Nilanjan Datta, Jian Guo, Mridul Nandi, Thomas Peyrin, and Kan Yasuda. It uses the sponge-based mode Beetle with the P256 for the permutation and supports both authenticated encryption (AE) and hashing. PHOTON-Beetle AEAD and PHOTON-Beetle hashing are finalists for NIST’s competition on lightweight cryptography. We can see in this test that it produced the smallest amount of code for the assessed hashing methods:
