Paper 2024/1408
Multiple-Tweak Differential Attack Against SCARF
Abstract
In this paper, we present the first third-party cryptanalysis of SCARF, a tweakable low-latency block cipher designed to thwart contention-based cache attacks through cache randomization. We focus on multiple-tweak differential attacks, exploiting biases across multiple tweaks. We establish a theoretical framework explaining biases for any number of rounds and verify this framework experimentally. Then, we use these properties to develop a key recovery attack on 7-round SCARF with a time complexity of \(2^{76}\), achieving a 98.9% success rate in recovering the 240-bit secret key. Additionally, we introduce a distinguishing attack on the full 8-round SCARF in a multi-key setting, with a complexity of \(c \times 2^{67.55}\), demonstrating that SCARF does not provide 80-bit security under these conditions. We also explore whether our approach could be extended to the single-key model and discuss the implications of different S-box choices on the attack success.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2024
- Keywords
- SCARFcache randomizationlow latencydifferential cryptanalysismultiple-tweak differential attack
- Contact author(s)
-
christina boura @ irif fr
shahram rasoolzadeh @ rub de
dhiman @ iitbhilai ac in
todo yosuke @ gmail com - History
- 2024-09-11: approved
- 2024-09-09: received
- See all versions
- Short URL
- https://ia.cr/2024/1408
- License
-
CC BY-SA
BibTeX
@misc{cryptoeprint:2024/1408,
author = {Christina Boura and Shahram Rasoolzadeh and Dhiman Saha and Yosuke Todo},
title = {Multiple-Tweak Differential Attack Against {SCARF}},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1408},
year = {2024},
url = {https://eprint.iacr.org/2024/1408}
}
