Cipher System Against Cache Attack

Posted by: Prof. K. Ganagavalli

Posted on:

Cipher System Against Cache Attack

Due to the advancement of technology, many serious threats are being developed for collecting sensitive information like user information, password and credit card details from the user without their knowledge. Prevention mechanisms for avoiding such attacks are difficult to develop and more challenging.

 

Side Channel Attack

Side channel attacks are attacks that break a cryptographic system by stealing unauthorized information. These systems influence data leakage from the well-organized crypto-system. They try to identify the cryptographic mechanism of the system and compromise it with the help of any vulnerability present in the system. The main motive of these attacks is exploiting information leakage in all possible ways.  Based on the physical design being exploited, the side channel attacks are classified as following categories:

 

Electromagnetic: Attack initiated with the help of electromagnetic radiation by the target device.

 

Acoustic : Attacks performed based on the acoustic sounds produced by the target system for guessing the key strokes and typing pattern of the user

 

Power: The attacker monitors the power consumption of the target system and its sub components based on which the activity of the system may be tracked.

 

Optical: Attacker uses visual cues for gaining information about the target system. In this type of attack, the attacker may reconstruct audio files from the recorded video of object vibration.

 

Timing: Based on the time taken for each operation in the system, the attacker may gain information about the target system. Here the attacker compares the timing behavior of the target system with a well-known system for guessing the operation being performed in the target system.

 

Memory cache: As the modern systems uses caching and prefetching technology for improving the performance, the attacker may use this formation against the target system and get unauthorized information access. Using this attack, the attacker can decode the security algorithm being used by the users in the system.

 

Hardware weakness: The attacker analyze the physical characteristics of the target system and induce a behavior change to initiate a data breach.

 

In the next section, we are going to see about the counter measures and cipher mechanisms that can be used for preventing cache attacks in a detailed manner.

 

Counter Measures for Cache Attacks

As cache attacks are associated with memory access with sensitive information, they can be avoided by providing constant-time algorithms where there will not be any variation in cache access operations. So that the attackers cannot predict the timing variation of cache access. The memory access patterns can also be randomized to make it unpredictable by the attacker. We can also create cache partitions that separate the code and sensitive information for avoiding cache based attacks.

 

SCARF

SCARF is cryptographic technique, developed based on the mathematic formulation to prevent modern systems against cache attacks. It employs a randomization technique with reduced latency than the traditional cryptographic systems. It is also called as Low latency Block cipher for Secure Cache Randomization.  It was designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication at Tohoku University for addressing the threat of cache attacks with high level security.

 

A simple cache access mechanism is depicted in Figure 1. In this whenever the user initiates a cache access, the data being accessed will be identified by a specific address which can be used by the attacker to initiate a data breach.

 

In the SCARF system, a randomization technique is used where the address of the data will be generated in a random manner. Thus the address is being generated randomly; it will be difficult for the attacker to guess the pattern of cache access mechanism. So it is not possible to exploit a cache side channel attack as the attacker is not aware of the data being accessed.

 

Side channel attacks against cache can be avoided with the help of SCARF technique which provides better performance than the other cipher mechanisms with half of their latency. It works in robust manner against attacks and safeguards information in an effective way. It preserves the sensitive information and ensures the user’s privacy. The system performance is validated based on various hardware evaluations and software simulations. This technique can be deployed not only for individual computers but also for developing secure information society.

 

Featured Image

https://authlab.com/community/coralraider-utilizes-cdn-caching-to-spread-malicious-software/

 

Source:

  1. https://www.tohoku.ac.jp/en/press/researchers_unveil_new_cipher_system.html
  2. https://scitechdaily.com/cybersecurity-breakthrough-new-cipher-system-protects-computers-against-spy-programs/
  3. https://www.bitsathy.ac.in/big-data-in-cyber-security/
Categories: Technology
Tags: , , ,