Unlocking Security: Cryptanalysis of Full SCARF Tweakable Block Cipher 🔐

COSIC Seminar - Cryptanalysis of Full SCARF - Michiel Verbauwhede (COSIC) SCARF is a tweakable block cipher dedicated to cache address randomization, proposed at the USENIX Security conference. It has a 10-bit block, 48-bit tweak, and 240-bit key. SCARF is aggressively optimized to meet the harsh latency constraints of cache address randomization, and uses a dedicated model for its security claim. The full version of SCARF has 8 rounds, and its designers claim security up to $2^{40}$ queries and $2^{80}$ computations. In this work we present a distinguisher against 6-round SCARF under the collision model with complexity $2^{30}$, and a key-recovery attack against the full 8-round SCARF under the encryption-decryption model with $2^{39}$ queries and time $2^{76.2}$.