Cache attacks are becoming a major threat in the field of computer security.

They involve attackers observing and exploiting patterns in the memory cache access to gain insights about data or operations carried out on a computer. Attackers do not need direct contact with the target's data or algorithms; instead, they monitor or adjust cache states and evaluate access timings to infer sensitive information. You could think of it as someone working out the content of a private conversation merely by noting the frequency and duration of words, without actually hearing the words themselves. One of the alarming potential outcomes of cache attacks is the deduction of cryptographic keys while they are used in encryption processes.

Given the indirect nature of these attacks, defending against them is a challenge. Cache attacks do not just pose hypothetical dangers; when successful, they can breach encrypted communications, compromise data, and destroy the integrity and confidentiality of systems. The threat becomes even more pronounced in environments like cloud platforms, where users often share physical resources, amplifying the potential risks.

To combat this threat, NTT has joined forces with the Research Institute of Electrical Communication, Tohoku University, and CASA (Cyber Security in the Age of Large-Scale Adversaries) at Germany's Ruhr University Bochum. Their mission was to develop a solution that would mitigate the vulnerabilities exposed by cache attacks. The result of their collaboration was the creation of a dedicated cache random function designed to tackle the vulnerability caused by the differential delay in the cache during data acquisition and updates between CPU memories.

The essence of their solution, the Secure Cache Randomization Function (SCARF), is randomization. Imagine a room where the arrangement of items is continually changing. If someone were trying to monitor the placement of a particular item secretly, this constant rearrangement would throw them off, making it difficult to predict the item's next location. When it comes to computers, cache randomization embodies this concept. It involves consistently altering the data's location in the cache memory. Such unpredictability makes it increasingly difficult for attackers to anticipate and exploit patterns for malicious endeavors, like cache attacks.

The technology has a number of potential uses, which include:

Cloud Computing Security: In cloud environments where multiple users share physical resources, SCARF can be integrated to protect sensitive data from potential cache attacks. This carries the promise of enhancing user trust in cloud platforms, knowing their data is less susceptible to these advanced threats.

Cryptographic Systems: Given that cache attacks can potentially deduce cryptographic keys during their usage, integrating SCARF in cryptographic systems, especially during encryption routines, would add an additional layer of security.

Multi-Tenant Data Centers: In data centers where multiple clients' data resides on shared hardware, SCARF can ensure that no client can use cache attacks to infer information about another client's operations or data.

Secure Web Hosting: Web hosting providers can utilize SCARF to secure their servers, ensuring that websites hosted on shared servers are safe from cache-based attacks potentially launched by malicious entities hosted on the same server.

IoT Devices: As many Internet of Things (IoT) devices operate in shared environments and often have limited security measures, SCARF could be an essential component in safeguarding these devices against advanced cache-based threats.

Financial Systems: In financial systems where swift and secure transactions are paramount, SCARF could be employed to ensure that transaction details and other sensitive financial data remain protected against cache-based inferences.

High-Security Government and Corporate Networks: In environments where data security is of utmost importance, such as defense networks or corporate research labs, SCARF can be integrated to bolster their defenses against cache attacks.

E-commerce Platforms: Online shopping platforms, which handle vast amounts of sensitive customer data and payment information, can employ SCARF to ensure that cache attacks do not compromise user data during transactions.

It would be a mistake to believe that introducing randomness into the cache index is straightforward. While researchers believe that an attacker would not be able to exploit the cache if they are unable to determine the cache index associated with an address, the specifics of implementing this randomization have remained elusive until now. This was the puzzle that NTT and its partners set out to resolve.

The team began by modeling potential attackers and then designing an efficient and secure system against their modeled threats. They initially considered encryption with block ciphers (symmetric-key ciphers) as a likely candidate for a random function. However, traditional block ciphers aim to ensure confidentiality, making them too qualified for the cache random function, where outputs remain hidden.

To develop a cache random function tailored for this specific challenge, the team proposed SCARF, utilizing an Enc (Encryption)-then-Dec (Decryption) model. The SCARF design takes advantage of NTT's extensive experience in symmetric-key encryption design. In terms of performance, while standard low-latency block ciphers manifest a latency of about 560 to 630 ps in a 15 nm technology environment, SCARF achieves roughly half that latency.

The success of SCARF in randomizing cache indices offers a promising defense against cache attacks. NTT's research of this niche encryption technology is a testament to the the company's commitment to enhance security, particularly in environments exposed to specific threats like cache attacks. Such technological innovations are vital in an age where cyber threats are not just evolving, but also diversifying in their complexity.

NTT--Innovating the Future of Security

Daniel O'Connor

Daniel O'Connor joined the NTT Group in 1999 when he began work as the Public Relations Manager of NTT Europe. While in London, he liaised with the local press, created the company's intranet site, wrote technical copy for industry magazines and managed exhibition stands from initial design to finished displays.

Later seconded to the headquarters of NTT Communications in Tokyo, he contributed to the company's first-ever winning of global telecoms awards and the digitalisation of internal company information exchange.

Since 2015 Daniel has created content for the Group's Global Leadership Institute, the One NTT Network and is currently working with NTT R&D teams to grow public understanding of the cutting-edge research undertaken by the NTT Group.