Scan chain encryption for the test, diagnosis and debug of secure circuits

Silva, Mathieu Da; Flottes, Marie-Lise; Natale, Giorgio Di; Rouzeyre, Bruno; Prinetto, P.; Restifo, Marco

doi:10.1109/ets.2017.7968248

Cited by 26 publications

(26 citation statements)

References 16 publications

(17 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…DIPs rule out incorrect keys utilizing the output corruptibility of the miter circuit constructed using locked design and activated design. For sequential designs, it is assumed that an IC's internal states can be accessed and controlled via scan chains to [59] Internal States Scan encryption [45], DOS [51] Resetting Attack [46] Internal Secrets LCSS [48], DOS [51], Lock & Key [60], Scan encryption [45] Flushing Attack [47] Bit-role Identification Combinational Function Recovery [54] Functionality DOS [51] SAT Attack [4] Obfuscation Key…”

Section: Vulnerabilities Of the Dftmentioning

confidence: 99%

See 1 more Smart Citation

Defense-in-depth: A recipe for logic locking to prevail

Rahman

Wang

et al. 2020

Integration

View full text Add to dashboard Cite

Logic locking has emerged as a promising solution for protecting the semiconductor intellectual Property (IP) from the untrusted entities in the design and fabrication process. Logic locking hides the functionality of the IP by embedding additional key-gates in the circuit. The correct output of the chip is produced, once the correct key value is available at the input of the key-gates. The confidentiality of the key is imperative for the security of the locked IP as it stands as the lone barrier against IP infringement. Therefore, the logic locking is considered as a broken scheme once the key value is exposed. The research community has shown the vulnerability of the logic locking techniques against different classes of attacks, such as Oracle-guided and physical attacks. Although several countermeasures have already been proposed against such attacks, none of them is simultaneously impeccable against Oracle-guided, Oracle-less, and physical attacks. Under such circumstances, a defense-in-depth approach can be considered as a practical approach in addressing the vulnerabilities of logic locking. Defense-in-depth is a multilayer defense approach where several independent countermeasures are implemented in the device to provide aggregated protection against different attack vectors. Introducing such a multilayer defense model in logic locking is the major contribution of this paper. With regard to this, we first identify the core components of logic locking schemes, which need to be protected. Afterwards, we categorize the vulnerabilities of core components according to potential threats for the locking key in logic locking schemes. Furthermore, we propose several defense layers and countermeasures to protect the device from those vulnerabilities. Finally, we turn our focus to open research questions and conclude with suggestions for future research directions.

show abstract

Section: Vulnerabilities Of the Dftmentioning

confidence: 99%

“…Scan Encryption: A countermeasure against scan-based side channel attacks could be done through the encryption of the scan chain content [45]. These attacks use an efficient and secure block cipher placed at each scan port to decrypt/encrypt scan patterns/responses at each scan input/output, respectively.…”

Section: E Defense For Design-for-testabilitymentioning

confidence: 99%

Defense-in-depth: A recipe for logic locking to prevail

Rahman

Wang

et al. 2020

Integration

View full text Add to dashboard Cite

show abstract

“…The countermeasure proposed in [9] targets circuits embedding at least one crypto-core. We assume a tamperresistant memory to store secret-keys and a key management policy (no additional key management policy is required).…”

Section: Presentation Of Scan Chain Encryptionmentioning

confidence: 99%

“…The countermeasure described in [9] consists in using light block ciphers for scan encryption. Assuming a cryptoprocessor embedded with key management and storing, the same key storage present in the circuit under test is used to store the scan chain encryption key.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Experimentations on scan chain encryption with PRESENT

Silva

Flottes

Natale

et al. 2017

2017 IEEE 2nd International Verification and Security Workshop (IVSW)

Self Cite

View full text Add to dashboard Cite

Crypto-processors are vulnerable to scan attacks. Using the scan chain, an attacker is indeed able to observe intermediate encryption states and steal secret data closelyrelated to the key. However, scan design is the most powerful mean for test and diagnostic purpose. Several countermeasure approaches have thus been proposed for securing scan designs while preserving test efficiency, diagnosis and debugging abilities. One solution is to encrypt test patterns thanks to extra block ciphers preventing control and observation of plain texts in the scan chain. The goal of this paper is to experiment this scan chain encryption approach on different designs in order to evaluate test efficiency and costs in terms of area and test time.

show abstract