First online tool for Ascon cipher on the internet [blogpost]
playascon is a Javascript implementation of Ascon cipher that runs in your browser without any server-side latency. There is no ads or fancy designs, and it's obviously open source.
Ascon is a family of many variants:
As discussed in the LWC-Forum, NIST is considering only some of these variants to be standardized, which are: Ascon-128, Ascon-128a for AEAD, and Ascon-XOF for hashing. Therefore, those are the variants supported by playascon.
Along with the basic functionality of the tool which is encryption, decryption, and hashing, there are two other features to mention:
To ensure the correctness of playascon results, I used Known Answer Tests (KATs) generated from the Python implementation of Asconby Maria Eichlseder (one of the Ascon authors). You can also run the tests yourself from the KATs page.
(To have an idea what these KATs look like, you can visit: https://playascon.github.io/KATs/LWC_AEAD_KAT_128.js)
To make this tool more fun, I’ve added an easy CTF (Capture The Flag) challenge to be solved. I am planning to add more challenges, to help you visualize how a nonce misuse attack could take place for example.
After the initial release of playascon, people started testing it and found some bugs in the format of the data displayed. You can find the two issues here:
I hope playascon will be the way-to-go tool for students to play out with Ascon, which is expected to have a very important role in the upcoming era of securing lightweight devices. The main reward I am welling to get from this project is to see feedbacks like this:
Also, if you have any suggestions to modify or add something to the tool, feel free to raise an issue or email me at 0xmohamed.tarek@gmail.com