A group of international researchers has achieved a breakthrough in computer security by developing a new and efficient cipher for cache randomization.
The cipher, designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication at Tohoku University, addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.
Cache side-channel attacks pose a significant threat to modern computer systems, as they can stealthily extract sensitive information, including secret keys and passwords, from unsuspecting victims.
These attacks exploit vulnerabilities in the operating principles of contemporary computers, making their countermeasures extremely challenging. Cache randomization has emerged as a promising countermeasure; however, identifying a secure and effective mathematical function for this purpose has been a lingering challenge.
How a hacker uses cache side-channel attacks. ©Rei Ueno
To overcome this, Ueno and his colleagues created SCARF. SCARF is based on a comprehensive mathematical formulation and modeling of cache side-channel attacks, offering robust security. Moreover, SCARF exhibits remarkable performance, completing the randomization process with only half the latency of existing cryptographic techniques.
The cipher’s practicality and performance were thoroughly validated through rigorous hardware evaluations and system-level simulations.
The team comprised members from Tohoku University, CASA at Ruhr University Bochum, and NTT Social Informatics Laboratories at Nippon Telegraph and Telephone Corporation.
“We are thrilled to announce SCARF, a powerful tool in enhancing computer security,” said Rei Ueno. “Our innovative cipher is engineered to be compatible with various modern computer architectures, ensuring its widespread applicability and potential to bolster computer security significantly.”
How the new SCARF system operates. ©Rei Ueno
SCARF’s potential impact extends beyond individual computers, as its implementation can contribute to building a more secure information society. By mitigating cache side-channel attack vulnerabilities, SCARF takes a critical step towards safeguarding sensitive data and user privacy.