International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Multiple-Tweak Differential Attack Against SCARF

Authors:
Christina Boura , IRIF, Université Paris Cité, Paris, France
Shahram Rasoolzadeh , Ruhr University Bochum, Bochum, Germany
Dhiman Saha , Indian Institute of Technology, Bhilai, India
Yosuke Todo , NTT Social Informatics Laboratories, Tokyo, Japan
Download:
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2024
Abstract: In this paper, we present the first third-party cryptanalysis of SCARF, a tweakable low-latency block cipher designed to thwart contention-based cache attacks through cache randomization. We focus on multiple-tweak differential attacks, exploiting biases across multiple tweaks. We establish a theoretical framework explaining biases for any number of rounds and verify this framework experimentally. Then, we use these properties to develop a key recovery attack on 7-round SCARF with a time complexity of 2^76, achieving a 98.9% success rate in recovering the 240-bit secret key. Additionally, we introduce a distinguishing attack on the full 8-round SCARF in a multi-key setting, with a complexity of c x 2^67.55, demonstrating that SCARF does not provide 80-bit security under these conditions. We also explore whether our approach could be extended to the single-key model and discuss the implications of different S-box choices on the attack success.
BibTeX
@inproceedings{asiacrypt-2024-34505,
  title={Multiple-Tweak Differential Attack Against SCARF},
  publisher={Springer-Verlag},
  author={Christina Boura and Shahram Rasoolzadeh and Dhiman Saha and Yosuke Todo},
  year=2024
}