Ascon: Ascon-128 v1.2

Ascon is a family of authenticated encryption and hashing algorithms designed to be lightweight and easy to implement, even with added countermeasures against side-channel attacks. Ascon has been selected as new standard for lightweight cryptography in the NIST Lightweight Cryptography competition (2019–2023).

The Ascon-128 implementation used in SQLite3 Multiple Ciphers is based on the Ascon reference implementation and its variants optimized for 32- resp. 64-bit architectures - with minor modifications of the API for the use in this project.

The encryption key is derived from the passphrase using a random salt (stored in the first 16 bytes of the database file) and the (not yet) standardized PBKDF2 algorithm with an Ascon-derived hash function. The implementation of this PBKDF2 function is based on the information contained in the paper Additional Modes for Ascon, Version 1.1 by Rhys Weatherley.

One-time keys per database page are derived from the encryption key, the page number, and a 16 bytes nonce. Additionally, the Ascon cipher provides a 16 bytes authentication tag per database page. Therefore this cipher requires 32 reserved bytes per database page.

The following table lists all parameters related to this cipher that can be set before activating database encryption.