Novel Test-Mode-Only Scan Attack and Countermeasure for Compression-Based Scan Architectures

Ali, Sk Subidh; Saeed, Samah Mohamed; Sinanoglu, Ozgur; Karri, Ramesh

doi:10.1109/tcad.2015.2398423

Cited by 47 publications

(19 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For this reason, countermeasures have been developed, based on resetting the scan chains when the circuit is switched from test mode to functional mode. S. Ali et al [11] conceived a scan attack on AES that is entirely executed in test mode. In test mode, the AES inputs are set through the scan chain, as well as the observation of the round register value.…”

Section: Scan Attacksmentioning

confidence: 99%

A Survey on Security Threats and Countermeasures in IEEE Test Standards

et al. 2019

View full text Add to dashboard Cite

The growth in complexity of Integrated Circuits (IC) is supported, amongst other factors, by the development of standardized test infrastructures. The feasibility of both end-ofmanufacturing and in-field tests heavily depends on the presence of these infrastructures that give detailed access to the IC. The standard test infrastructures are referred as IEEE Std. 1149.1 (JTAG), IEEE Std. 1500 and IEEE Std. 1687 (IJTAG). The security issues arising from the presence of these infrastructures have been fully exposed in the last two decades. This led to the publication of several practical attacks showing how a non-protected test infrastructure can end into the jeopardizing of the entire system. As a consequence, many countermeasures have been proposed. In this survey, we provide: (i) a taxonomy of the attacks that can be performed exploiting the standard test infrastructures; (ii) a taxonomy of countermeasures inspired by the kind of security primitives that are granted in each case.

show abstract

Section: Scan Attacksmentioning

confidence: 99%

A Survey on Security Threats and Countermeasures in IEEE Test Standards

et al. 2019

View full text Add to dashboard Cite

show abstract

“…The presented technique is as well compared with other scheme protecting cryptographic chips against scan-based attacks, such as MKR [28], mode switching reset [27], secure DFT method [29], SOSD-128 [38], DOSD-128 [38], DOS [41], SIE [45], and FTSL-128 [40]. The comparison results are given in Table 3.…”

Section: Performance Analysismentioning

confidence: 99%

“…The attack model is developed to thwart the secure techniques based on mode switching reset. The authors also extend their attack model to decompressor-based scan architectures [27].…”

Section: Introductionmentioning

confidence: 99%

Securing Cryptographic Chips against Scan-Based Attacks in Wireless Sensor Network Applications

Wang

Deng

Wang

et al. 2019

Sensors

View full text Add to dashboard Cite

Wireless sensor networks (WSN) have deeply influenced the working and living styles of human beings. Information security and privacy for WSN is particularly crucial. Cryptographic algorithms are extensively exploited in WSN applications to ensure the security. They are usually implemented in specific chips to achieve high data throughout with less computational resources. Cryptographic hardware should be rigidly tested to guarantee the correctness of encryption operation. Scan design improves significantly the test quality of chips and thus is widely used in semiconductor industry. Nevertheless, scan design provides a backdoor for attackers to deduce the cipher key of a cryptographic core. To protect the security of the cryptographic system we first present a secure scan architecture, in which an automatic test control circuitry is inserted to isolate the cipher key in test mode and clear the sensitive information at mode switching. Then, the weaknesses of this architecture are analyzed and an enhanced scheme using concept of test authorization is proposed. If the correct authorization key is applied within the specific time, the normal test can be performed. Otherwise, only secure scan test can be performed. The enhanced scan scheme ensures the security of cryptographic chips while remaining the advantages of scan design.

show abstract

“…Test-mode-only attacks [23,24,25] that can be implemented only under the test mode are deemed to be more risky attacks. Such attacks mainly focus on boundary scan design, in which each primary input (PI) is equipped with a boundary scan cell.…”

Section: Introductionmentioning

confidence: 99%

Enhancing Sensor Network Security with Improved Internal Hardware Design

Wang

Deng

Jin

2019

Sensors

View full text Add to dashboard Cite

With the rapid development of the Internet-of-Things (IoT), sensors are being widely applied in industry and human life. Sensor networks based on IoT have strong Information transmission and processing capabilities. The security of sensor networks is progressively crucial. Cryptographic algorithms are widely used in sensor networks to guarantee security. Hardware implementations are preferred, since software implementations offer lower throughout and require more computational resources. Cryptographic chips should be tested in a manufacturing process and in the field to ensure their quality. As a widely used design-for-testability (DFT) technique, scan design can enhance the testability of the chips by improving the controllability and observability of the internal flip-flops. However, it may become a backdoor to leaking sensitive information related to the cipher key, and thus, threaten the security of a cryptographic chip. In this paper, a secure scan test architecture was proposed to resist scan-based noninvasive attacks on cryptographic chips with boundary scan design. Firstly, the proposed DFT architecture provides the scan chain reset mechanism by gating a mode-switching detection signal into reset input of scan cells. The contents of scan chains will be erased when the working mode is switched between test mode and functional mode, and thus, it can deter mode-switching based noninvasive attacks. Secondly, loading the secret key into scan chains of cryptographic chips is prohibited in the test mode. As a result, the test-mode-only scan attack can also be thwarted. On the other hand, shift operation under functional mode is disabled to overcome scan attack in the functional mode. The proposed secure scheme ensures the security of cryptographic chips for sensor networks with extremely low area penalty.

show abstract

Novel Test-Mode-Only Scan Attack and Countermeasure for Compression-Based Scan Architectures

Cited by 47 publications

References 14 publications

A Survey on Security Threats and Countermeasures in IEEE Test Standards

A Survey on Security Threats and Countermeasures in IEEE Test Standards

Securing Cryptographic Chips against Scan-Based Attacks in Wireless Sensor Network Applications

Enhancing Sensor Network Security with Improved Internal Hardware Design

Contact Info

Product

Resources

About