Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

NSA Offers Block Ciphers to Help Secure RFID Transmissions

The SIMON and SPECK block cipher families are free to use and enable the encryption of transmitted RFID data in any frequency.
By Claire Swedberg
Jul 17, 2015

The National Security Agency (NSA) is offering two families of encryption algorithms, known as block ciphers, intended to provide a level of security for such processes as authentication or anti-counterfeiting via RFID technology. The block ciphers, dubbed SIMON and SPECK, are intended to be a lightweight, low-power-using alternative to existing encryption systems available for RFID tag reads.

The name SIMON alludes to the nursery rhyme "Simple Simon," while the name SPECK was inspired by the block cipher's small size. NSA is making the ciphers (which are designed for wired or wireless electronic devices, including RFID readers) publicly available at no cost, as part of an effort to ensure security in the Internet of Things (IOT), in which devices are sharing data with others on the Internet. The agency's algorithms were reviewed by U.S. standards group InterNational Committee for Information Technology Standards (INCITS), which then submitted them to the International Organization for Standardization (ISO) for inclusion in the ISO 29192-2 standard, which currently specifies two other lightweight block ciphers: CLEFIA, a proprietary 128-bit block cipher developed by Sony, and PRESENT, a 64-bit block cipher developed by a research team affiliated with France's Orange Lab, Germany's Ruhr University Bochum and the Technical University of Denmark.

NSA researchers developed SIMON and SPECK as an improvement on block cipher algorithms already in use that were, in most cases, designed for desktop computers or very specialized systems, explains Louis Wingers, a cryptographic designer for the NSA's Trusted Systems Research Group, who helped design both SPECK and SIMON.

The encryption algorithm most commonly used for RFID applications is the Advanced Encryption Standard (AES), which was standardized by the National Institute of Standards and Technology (NIST) in 2001. AES is included in the ISO 18033-3 standard, which specifies encryption techniques designed to protect the confidentiality of stored or transmitted data. At the time that it was standardized, the AES cipher was intended for desktop computers, which typically had a 32-bit microprocessor and no power issues since such a device is plugged into an outlet. With processors getting smaller and faster, and with more devices (including RFID readers and other IOT-based sensors) becoming mobile, the AES system has become clunky, Wingers explains. For instance, it uses 2,400 gate equivalents (GEs)—a GE is a unit for measuring space used on a chip—when users (RFID technology developers, for instance) were seeking something that consumed a smaller area, such as 2,000 GEs. The lightweight SIMON and SPECK block ciphers employ approximately 1,200 GEs, Wingers says.

SIMON and SPECK are not the only lightweight block ciphers, Wingers notes, but some others tend to be specialized for a specific application, meaning they aren't optimized for use across a variety of solutions. The CLEFIA and PRESENT algorithms can be used for any application, as can SIMON and SPECK. However, he says, SPECK and SIMON are designed to perform better on memory- and processor-constrained devices with smaller hardware. They also offer a greater number of block and key sizes, he adds, and work well in software.

Wingers likens SIMON and SPECK to generalist animals, such as crows and coyotes, that can function in most environments, as opposed to a koala that eats only one type of food (eucalyptus leaves) and is thus highly specialized. Encryption needs to be very low-cost, Wingers points out, and making the ciphers standardized and available at no cost makes it possible for the RFID hardware manufacturers to build the encryption into their own products.

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations