Echeloned IJTAG data protection

Kan, Senwen; Dworak, Jennifer; Dunham, J.G.

doi:10.1109/asianhost.2016.7835558

Cited by 27 publications

(25 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The SESC technique proposed in [19] does not present the same vulnerability as the previous countermeasures in [9], [17] and [18] concerning the differential scan attacks. The seed used to initialize the stream cipher is randomly generated, consequently encrypting with a different keystream at each reset of the circuit.…”

Section: A Security Analysismentioning

confidence: 93%

“…Stream ciphers are also used on IJTAG reconfigurable scan networks (RSN) in [18]. A TRIVIUM cipher encrypts and decrypts the data shifted in and out of the RSN.…”

Section: State-of-the-art Countermeasures Based On Test Communicamentioning

confidence: 99%

“…Fig. 4 Two-time pad exploited for the differential scan attack The countermeasures presented in [9], [17] and [18] are all exposed to this vulnerability because the IV and the key are not managed properly (i.e. they do not change between two encryptions).…”

Section: A Stream Cipher Limitationsmentioning

confidence: 99%

“…Therefore, an attacker can send the same key to the circuit in order to generate the same keystream for different encryptions. In [18], the authors evoke the use of a unique set of keys and IVs for each protected instrument in the IJTAG network. However, the re-use of the same sets of keys and IVs to encrypt test data shifted through a protected instrument leads to the presented vulnerability.…”

Section: A Stream Cipher Limitationsmentioning

confidence: 99%

See 3 more Smart Citations

Stream vs block ciphers for scan encryption

Valea

Silva

Flottes

et al. 2019

Microelectronics Journal

View full text Add to dashboard Cite

Security in the Integrated Circuits (IC) domain is an important challenge, especially with regard to the side channel offered by test infrastructures. Test interfaces provide access to the internal states of the IC by means of the scan chains for testing and debugging purposes. In terms of security, however, scan chains are a potential source of leakage that can be exploited by attackers. A countermeasure against such attacks is to encrypt the data flowing through the scan chains. Two types of ciphers can be employed: stream ciphers or block ciphers. Both have pros and cons in terms of performance (footprint, impact on test activity) and security. In this paper, we present two solutions: one exploiting stream ciphers fulfilling security requirements, and another exploiting block ciphers. We draw a comparison between these two scan encryption countermeasures taking into account design cost functions and security properties.

show abstract

Section: A Security Analysismentioning

confidence: 93%

“…Stream ciphers are also used on IJTAG reconfigurable scan networks (RSN) in [18]. A TRIVIUM cipher encrypts and decrypts the data shifted in and out of the RSN.…”

Section: State-of-the-art Countermeasures Based On Test Communicamentioning

confidence: 99%

Section: A Stream Cipher Limitationsmentioning

confidence: 99%

Section: A Stream Cipher Limitationsmentioning

confidence: 99%

See 2 more Smart Citations

Stream vs block ciphers for scan encryption

Valea

Silva

Flottes

et al. 2019

Microelectronics Journal

View full text Add to dashboard Cite

show abstract

“…In [5], [9] and [10] the JTAG communication is encrypted resorting to the TRIVIUM stream cipher. The IV is normally hardwired into the device.…”

Section: State-of-the-artmentioning

confidence: 99%

Encryption-Based Secure JTAG

Valea

Silva

Flottes

et al. 2019

2019 IEEE 22nd International Symposium on Design and Diagnostics of Electronic Circuits &Amp; Systems (DDECS)

View full text Add to dashboard Cite

Standard test infrastructures, such as IEEE Std. 1149.1 (JTAG), IEEE Std. 1500 and IEEE Std. 1687 (IJTAG), are widely used in nowadays Integrated Circuits (ICs). However, they pose an important security challenge to the designers because of the high controllability and observability they offer through the Test Access Port (TAP). For instance, malicious users can exploit test infrastructures in order to access the internal scan chains of crypto-cores and perform scan attacks. Moreover, these infrastructures connect all the devices of the system to the same network. For this reason, the data sent to a target device are potentially visible to all the others. Consequently, this poses a threat to the confidentiality of data content. The encryption of test data is a countermeasure that has been conceived in order to overcome these threats. In this paper, we propose a new secure version of the JTAG infrastructure, relying on stream-based encryption.

show abstract