The National Institute of Standards and Technology (NIST) published NIST SP 800-232 [1] standards for lightweight cryptography for constrained devices in August 2025, based on the Ascon cipher. I am teaching a course on cryptography in the Spring 2026 semester at Hamdard University. With some effort, I simulated the indistinguishability experiment, chosen-plaintext attack [2] on the Ascon-AEAD 123 encryption scheme. The Ascon-AEAD 128 Python code was acquired from [3]. Additionally, a few more resources were explored for learning.
The methods in the Python module ascon.py included both the encryption and decryption methods: ascon_encrypt and ascon_decrypt. For the simulation, only the ascon_encrypt was required. "Chosen-plaintext attacks capture the ability of an adversary to exercise (partial) control over what the honest parties encrypt."
The smart adversary has access to the encryption scheme as a black box. A guess to make by the adversary against the challenge ciphertext to succeed with a probability much higher than 1/2.
The results of the experiment show: Pr[Exp = 1] ≤ 0.5 + negligible. In other words, the Ascon-AEAD 128 encryption scheme is CPA-secure.
Note: Adversary has no choice but to output a guess in response to a challenge!
References:
[1] Meltem Sönmez Turan, Kerry A. McKay, Donghoon Chang, Jinkeon Kang, John Kelsey (2025) Ascon-Based Lightweight Cryptography Standards for Constrained Devices. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) NIST SP 800-232. https://doi.org/10.6028/NIST.SP.800-232
[2] Katz. Introduction to Modern Cryptography, 3rd Ed. 2021
[3] https://github.com/meichlseder/pyascon.git
.jpeg)
