A team of international researchers has developed SCARF, a new cipher for cache randomization that addresses cache side-channel attacks and offers robust security with exceptional performance. SCARF’s implementation could significantly bolster computer security, and its practicality was validated through rigorous evaluations, paving the way for a more secure information society.
A team of researchers from around the world has made significant progress in the field of computer security by creating an innovative and highly effective cipher for cache randomization. The innovative cipher, designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication at Tohoku University, addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.
Modern computer systems are under serious threat from cache side-channel attacks, which can covertly gather sensitive data such as secret keys and passwords from unaware targets. Addressing these attacks is particularly difficult because they take advantage of flaws in the current working mechanisms of computers, making the creation of effective countermeasures extremely challenging.
A schematic outlining how the new SCARF system operates. Credit: Rei Ueno
Cache randomization has emerged as a promising countermeasure; however, identifying a secure and effective mathematical function for this purpose has been a lingering challenge.
To overcome this, Ueno and his colleagues created SCARF. SCARF is based on a comprehensive mathematical formulation and modeling of cache side-channel attacks, offering robust security. Moreover, SCARF exhibits remarkable performance, completing the randomization process with only half the latency of existing cryptographic techniques. The cipher’s practicality and performance were thoroughly validated through rigorous hardware evaluations and system-level simulations.
The team comprised members from Tohoku University, CASA at Ruhr University Bochum, and NTT Social Informatics Laboratories at Nippon Telegraph and Telephone Corporation.
A schematic outlining how a hacker uses cache side-channel attacks. Credit: Rei Ueno
“We are thrilled to announce SCARF, a powerful tool in enhancing computer security,” said Ueno. “Our innovative cipher is engineered to be compatible with various modern computer architectures, ensuring its widespread applicability and potential to bolster computer security significantly.”
SCARF’s potential impact extends beyond individual computers, as its implementation has the capacity to contribute to building a more secure information society. By mitigating cache side-channel attack vulnerabilities, SCARF takes a critical step toward safeguarding sensitive data and user privacy.
Reference: “SCARF: A Low-Latency Block Cipher for Secure Cache-Randomization” by Federico Canale, Tim Güneysu, Gregor Leander, Jan Philipp Thoma, Yosuke Todo and Rei Ueno, 2022, USENIX Security Symposium.
The paper detailing the development will be presented at the USENIX Security Symposium on August 9, 2023.
This provides a great insight about the ever emerging field of cybersecurity and sophisticated software being developed day by day to secure computers from cyber attacks or threats.