New scan-based attack using only the test mode

Ali, Sk Subidh; Sinanoglu, Ozgur; Saeed, Samah Mohamed; Karri, Ramesh

doi:10.1109/vlsi-soc.2013.6673281

Cited by 39 publications

(16 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…DIPs rule out incorrect keys utilizing the output corruptibility of the miter circuit constructed using locked design and activated design. For sequential designs, it is assumed that an IC's internal states can be accessed and controlled via scan chains to [59] Internal States Scan encryption [45], DOS [51] Resetting Attack [46] Internal Secrets LCSS [48], DOS [51], Lock & Key [60], Scan encryption [45] Flushing Attack [47] Bit-role Identification Combinational Function Recovery [54] Functionality DOS [51] SAT Attack [4] Obfuscation Key…”

Section: Vulnerabilities Of the Dftmentioning

confidence: 99%

Defense-in-depth: A recipe for logic locking to prevail

Rahman

Wang

et al. 2020

Integration

View full text Add to dashboard Cite

Logic locking has emerged as a promising solution for protecting the semiconductor intellectual Property (IP) from the untrusted entities in the design and fabrication process. Logic locking hides the functionality of the IP by embedding additional key-gates in the circuit. The correct output of the chip is produced, once the correct key value is available at the input of the key-gates. The confidentiality of the key is imperative for the security of the locked IP as it stands as the lone barrier against IP infringement. Therefore, the logic locking is considered as a broken scheme once the key value is exposed. The research community has shown the vulnerability of the logic locking techniques against different classes of attacks, such as Oracle-guided and physical attacks. Although several countermeasures have already been proposed against such attacks, none of them is simultaneously impeccable against Oracle-guided, Oracle-less, and physical attacks. Under such circumstances, a defense-in-depth approach can be considered as a practical approach in addressing the vulnerabilities of logic locking. Defense-in-depth is a multilayer defense approach where several independent countermeasures are implemented in the device to provide aggregated protection against different attack vectors. Introducing such a multilayer defense model in logic locking is the major contribution of this paper. With regard to this, we first identify the core components of logic locking schemes, which need to be protected. Afterwards, we categorize the vulnerabilities of core components according to potential threats for the locking key in logic locking schemes. Furthermore, we propose several defense layers and countermeasures to protect the device from those vulnerabilities. Finally, we turn our focus to open research questions and conclude with suggestions for future research directions.

show abstract

Section: Vulnerabilities Of the Dftmentioning

confidence: 99%

Defense-in-depth: A recipe for logic locking to prevail

Rahman

Wang

et al. 2020

Integration

View full text Add to dashboard Cite

show abstract

“…In [7], a test-mode-only attack has been proposed in order to cope with the chosen plaintext strategy described in [4]. In this attack, plaintexts are applied by scanned-in bit streams.…”

Section: ) Scan Attacksmentioning

confidence: 99%

“…For instance, scanning out the scan chain content of a crypto-processor after one-round execution in functional mode permits to retrieve part of the used secret key. Several attacks ( [4], [5], [6] and [7]) on the Advanced Encryption Standard (AES) [8], called differential scan attacks, have been proposed in the literature.…”

Section: Introductionmentioning

confidence: 99%

Stream vs block ciphers for scan encryption

Valea

Silva

Flottes

et al. 2019

Microelectronics Journal

View full text Add to dashboard Cite

Security in the Integrated Circuits (IC) domain is an important challenge, especially with regard to the side channel offered by test infrastructures. Test interfaces provide access to the internal states of the IC by means of the scan chains for testing and debugging purposes. In terms of security, however, scan chains are a potential source of leakage that can be exploited by attackers. A countermeasure against such attacks is to encrypt the data flowing through the scan chains. Two types of ciphers can be employed: stream ciphers or block ciphers. Both have pros and cons in terms of performance (footprint, impact on test activity) and security. In this paper, we present two solutions: one exploiting stream ciphers fulfilling security requirements, and another exploiting block ciphers. We draw a comparison between these two scan encryption countermeasures taking into account design cost functions and security properties.

show abstract

“…Such an interface can allow the attacker to recover unencrypted images of the device firmware. Moreover, by identifying the location of particular registers within a scan chain, it is possible to recover the values stored within particular registers at runtime [20]. …”

Section: Identifying Shift-registers and Scan Chainsmentioning

confidence: 99%

Emission Analysis of Hardware Implementations

Tajik

Nedospasov

Helfmeier

et al. 2014

2014 17th Euromicro Conference on Digital System Design

View full text Add to dashboard Cite

Today, hardware implementations are the basis for many security applications, such as cryptographic ciphers. Such applications are realized using complex combinatorial logic circuits of substantial size. Therefore, understanding the gatelevel implementation can be crucial for the attacker. However, Hardware Description Language (HDL) behavioral models and gate-level netlist are seldom available for a particular design. Executing software directly on the device to assist in understanding the implementation is one potential solution. However, this may either be infeasible or completely impossible in practice as target devices may be incapable of executing code. Currently, few works have proposed forms of dynamic gate-level analysis of the actual hardware implementations. Moreover, current reverse-engineering techniques based on physical delayering and optical imaging cannot be applied to programmable logic. In this work we present the first dynamic emission analysis of a hardware implementation. This technique does not require any prior knowledge about the target device. Furthermore, it does not require code to be executed by the target. Hardware implementations consist of basic primitives that form the building blocks of complex hardware functions. By individually analyzing each primitive and correlating the corresponding optical images, the emission fingerprint of each primitive can be identified. As a result the hardware implementation of the device can be reconstructed. We present practical results for a common Complex Programmable Logic Device (CPLD). However, the same approach can be applied to hardware implementations in general.

show abstract

New scan-based attack using only the test mode

Cited by 39 publications

References 5 publications

Defense-in-depth: A recipe for logic locking to prevail

Defense-in-depth: A recipe for logic locking to prevail

Stream vs block ciphers for scan encryption

Emission Analysis of Hardware Implementations

Contact Info

Product

Resources

About