New scan attacks against state-of-the-art countermeasures and DFT

Ali, Sk Subidh; Sinanoglu, Ozgur; Saeed, Samah Mohamed; Karri, Ramesh

doi:10.1109/hst.2014.6855585

Cited by 18 publications

(9 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…If an attacker can access the state register through scan design, the intermediate result of just one round is available for him. Thus, the cipher key (also called as user key) can be exposed through mathematical derivation based on intermediate encryption results [22,23]. There are three possible attack ways based on standard boundary scan design.…”

Section: Proposed Secure Scan Test Schemementioning

confidence: 99%

See 1 more Smart Citation

Enhancing Sensor Network Security with Improved Internal Hardware Design

Wang

Deng

Jin

2019

Sensors

View full text Add to dashboard Cite

With the rapid development of the Internet-of-Things (IoT), sensors are being widely applied in industry and human life. Sensor networks based on IoT have strong Information transmission and processing capabilities. The security of sensor networks is progressively crucial. Cryptographic algorithms are widely used in sensor networks to guarantee security. Hardware implementations are preferred, since software implementations offer lower throughout and require more computational resources. Cryptographic chips should be tested in a manufacturing process and in the field to ensure their quality. As a widely used design-for-testability (DFT) technique, scan design can enhance the testability of the chips by improving the controllability and observability of the internal flip-flops. However, it may become a backdoor to leaking sensitive information related to the cipher key, and thus, threaten the security of a cryptographic chip. In this paper, a secure scan test architecture was proposed to resist scan-based noninvasive attacks on cryptographic chips with boundary scan design. Firstly, the proposed DFT architecture provides the scan chain reset mechanism by gating a mode-switching detection signal into reset input of scan cells. The contents of scan chains will be erased when the working mode is switched between test mode and functional mode, and thus, it can deter mode-switching based noninvasive attacks. Secondly, loading the secret key into scan chains of cryptographic chips is prohibited in the test mode. As a result, the test-mode-only scan attack can also be thwarted. On the other hand, shift operation under functional mode is disabled to overcome scan attack in the functional mode. The proposed secure scheme ensures the security of cryptographic chips for sensor networks with extremely low area penalty.

show abstract

Section: Proposed Secure Scan Test Schemementioning

confidence: 99%

“…Test-mode-only attacks [23,24,25] that can be implemented only under the test mode are deemed to be more risky attacks. Such attacks mainly focus on boundary scan design, in which each primary input (PI) is equipped with a boundary scan cell.…”

Section: Introductionmentioning

confidence: 99%

Enhancing Sensor Network Security with Improved Internal Hardware Design

Wang

Deng

Jin

2019

Sensors

View full text Add to dashboard Cite

show abstract

“…(iii) Partitioning the key cells into AES bytes. (iv) Recovering the key from pre-computed signature table [14][15][16].…”

Section: Tmo Attacksmentioning

confidence: 99%

“…Researchers have also explored scan-chain-based attacks on test infrastructures included by major electronic design automation (EDA) vendors Mentor Graphics, Cadence and Synopsys [11][12][13]. Furthermore, the TMO attacks on AES crypto-hardware mentioned in [14][15][16]. Differential scan attack (DSA) and TMO attack work on the same principle: exploiting differential property of cryptocipher and calculating Hamming distance on output differences to retrieve secret key of the cipher.…”

Section: Introductionmentioning

confidence: 99%

Statistical security analysis of AES with X‐tolerant response compactor against all types of test infrastructure attacks with/without novel unified countermeasure

Popat

Mehta

2019

IET Circuits, Devices & Systems

View full text Add to dashboard Cite

Advanced encryption standard (AES) crypto-algorithm design can be implemented in software and hardware. No known attacks are available that can break the AES with brute force or cryptanalysis in finite time. However, when the AES is implemented in hardware, test infrastructure such as scan chain, stimuli decompressor, response compactor and built-in selftest (BIST) are included in the normal design for making the crypto-chip easily testable after manufacturing. This test infrastructure is highly susceptible to attacks. The attacker may misuse the scan-chain content for the retrieval of secret key from AES hardware. In this study, the authors investigated scan-chain attack based on different distributions of key-related flipflops of AES hardware implementation with X-tolerant response compactor-based test infrastructure. The modular exponentiation security scheme as a counter measure against test infrastructure attacks is proposed. In this study, the statistical security analyses are performed with and without the proposed countermeasure in case of AES hardware followed by X-tolerant test response compactor. The experimental result shows that the proposed countermeasure thwarts the attack with almost constant rate for different distributions of key-related flops in the scan-chain, and hence it is not dependent on the nature of scan-chain architecture design.

show abstract

“…Our future work will focus on contemporary scan architectures where a test stimulus decompressor and a response compactor reside on the scan path. We have already made some progress on attacks using compactor [20] and boundary scan chains [21]. The technique we present in this paper is readily applicable on ICs that enable debug and diagnostics with a bypass of such advanced DFT features.…”

Section: Conclusion and Ongoing Workmentioning

confidence: 99%

New Scan-Based Attack Using Only the Test Mode and an Input Corruption Countermeasure

Ali

Saeed

Sinanoglu

et al. 2015

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

Scan-based design-for-testability, which improves access and thus the test quality, is highly vulnerable to scan attack. While in-field test is enabled through the scan design to provide debug capabilities, an attacker can leverage the test mode to leak the secret key of the chip. The scan attack can be thwarted by a simple defense that resets the data upon a switch from the normal mode to the test mode. We proposed a new class of scan attack in [15] using only the test mode of a chip, circumventing this defense. In this book chapter we extend our earlier work by introducing case studies to explain this new attack in greater detail. Furthermore, we study the effectiveness of existing countermeasures to thwart the attack and propose a new input corruption countermeasure that requires a smaller area overhead compared to the existing countermeasures.

show abstract

New scan attacks against state-of-the-art countermeasures and DFT

Cited by 18 publications

References 6 publications

Enhancing Sensor Network Security with Improved Internal Hardware Design

Enhancing Sensor Network Security with Improved Internal Hardware Design

Statistical security analysis of AES with X‐tolerant response compactor against all types of test infrastructure attacks with/without novel unified countermeasure

New Scan-Based Attack Using Only the Test Mode and an Input Corruption Countermeasure

Contact Info

Product

Resources

About