A Secure DFT Architecture Protecting Crypto Chips Against Scan-Based Attacks

Wang, Wei-Zheng; Wang, Jincheng; Wang, Wei; Liu, Peng; Cai, Shuo

doi:10.1109/access.2019.2898447

Cited by 18 publications

(20 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The proposed technique is also compared with other countermeasures resisting scan attacks, including MKR [22], secure DFT [33], SOSD [37] and DOS [40] in Table 4. SOSD-64 and SOSD-128 refer to the SOSD design in [37] with 64-bit and 128-bit shift register (SR), respectively.…”

Section: Performance Analysismentioning

confidence: 99%

“…Table 5 gives comprehensive comparison with other secure scan techniques on performances except hardware overhead. Similar with the proposed technique, MKR [22], mode reset [31], smart controller [32] and secure DFT [33] are countermeasures based secure test control. All these countermeasures have connatural resistance to brute force and do not need extra test cycles.…”

Section: Performance Analysismentioning

confidence: 99%

“…Recently such architecture has been proved not unassailable [29,30]. Enhancing the security of a chip has become one of main concerns to industry, and a variety of countermeasures have been developed, mainly including the following five categories:Protection of mode switching: By introducing the test controller, the values of the scan flip-flops will be reset once switch from functional mode to test mode is requested [31,32,33]. However, this countermeasure is solely applicable for mode-switching attacks and powerless to test-mode-only attacks.Blocking of encryption key: In reference [22], secure scan architecture including MKRs (Mirror Key Registers) is utilized.…”

Section: Introductionmentioning

confidence: 99%

“…Protection of mode switching: By introducing the test controller, the values of the scan flip-flops will be reset once switch from functional mode to test mode is requested [31,32,33]. However, this countermeasure is solely applicable for mode-switching attacks and powerless to test-mode-only attacks.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Enhancing Sensor Network Security with Improved Internal Hardware Design

Wang

Deng

Jin

2019

Sensors

Self Cite

View full text Add to dashboard Cite

With the rapid development of the Internet-of-Things (IoT), sensors are being widely applied in industry and human life. Sensor networks based on IoT have strong Information transmission and processing capabilities. The security of sensor networks is progressively crucial. Cryptographic algorithms are widely used in sensor networks to guarantee security. Hardware implementations are preferred, since software implementations offer lower throughout and require more computational resources. Cryptographic chips should be tested in a manufacturing process and in the field to ensure their quality. As a widely used design-for-testability (DFT) technique, scan design can enhance the testability of the chips by improving the controllability and observability of the internal flip-flops. However, it may become a backdoor to leaking sensitive information related to the cipher key, and thus, threaten the security of a cryptographic chip. In this paper, a secure scan test architecture was proposed to resist scan-based noninvasive attacks on cryptographic chips with boundary scan design. Firstly, the proposed DFT architecture provides the scan chain reset mechanism by gating a mode-switching detection signal into reset input of scan cells. The contents of scan chains will be erased when the working mode is switched between test mode and functional mode, and thus, it can deter mode-switching based noninvasive attacks. Secondly, loading the secret key into scan chains of cryptographic chips is prohibited in the test mode. As a result, the test-mode-only scan attack can also be thwarted. On the other hand, shift operation under functional mode is disabled to overcome scan attack in the functional mode. The proposed secure scheme ensures the security of cryptographic chips for sensor networks with extremely low area penalty.

show abstract

Section: Performance Analysismentioning

confidence: 99%

Section: Performance Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Enhancing Sensor Network Security with Improved Internal Hardware Design

Wang

Deng

Jin

2019

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…The design can jump to the secure mode from the insecure mode, however, the opposite jump is prohibited. In [29], the authors disable completely the switch between the test mode and normal mode and protect the cipher key in test mode. This can be reshuffled only after the system reset.…”

Section: Scan Design and Countermeasures Thwarting Scan Attacksmentioning

confidence: 99%

Securing Cryptographic Chips against Scan-Based Attacks in Wireless Sensor Network Applications

Wang

Deng

Wang

et al. 2019

Sensors

View full text Add to dashboard Cite

Wireless sensor networks (WSN) have deeply influenced the working and living styles of human beings. Information security and privacy for WSN is particularly crucial. Cryptographic algorithms are extensively exploited in WSN applications to ensure the security. They are usually implemented in specific chips to achieve high data throughout with less computational resources. Cryptographic hardware should be rigidly tested to guarantee the correctness of encryption operation. Scan design improves significantly the test quality of chips and thus is widely used in semiconductor industry. Nevertheless, scan design provides a backdoor for attackers to deduce the cipher key of a cryptographic core. To protect the security of the cryptographic system we first present a secure scan architecture, in which an automatic test control circuitry is inserted to isolate the cipher key in test mode and clear the sensitive information at mode switching. Then, the weaknesses of this architecture are analyzed and an enhanced scheme using concept of test authorization is proposed. If the correct authorization key is applied within the specific time, the normal test can be performed. Otherwise, only secure scan test can be performed. The enhanced scan scheme ensures the security of cryptographic chips while remaining the advantages of scan design.

show abstract

Soft Error Reliability Evaluation of Nanoscale Logic Circuits in the Presence of Multiple Transient Faults

Cai

Wang

et al. 2020

J Electron Test

View full text Add to dashboard Cite

A Secure DFT Architecture Protecting Crypto Chips Against Scan-Based Attacks

Cited by 18 publications

References 26 publications

Enhancing Sensor Network Security with Improved Internal Hardware Design

Enhancing Sensor Network Security with Improved Internal Hardware Design

Securing Cryptographic Chips against Scan-Based Attacks in Wireless Sensor Network Applications

Soft Error Reliability Evaluation of Nanoscale Logic Circuits in the Presence of Multiple Transient Faults

Contact Info

Product

Resources

About