Ensuring Cryptography Chips Security by Preventing Scan-Based Side-Channel Attacks With Improved DFT Architecture

Wang, Wei-Zheng; Wang, Xiangqi; Wang, Jin; Xiong, Naixue; Cai, Shuo; Liu, Peng

doi:10.1109/tsmc.2020.3036879

Cited by 15 publications

(7 citation statements)

References 50 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The scan architecture proposed in [20] receives the test password consisting of the load password and the scan password using primary inputs of the cryptography chip. If the load password is correct, the scan password can be loaded into the cyclic shift register (CSR).…”

Section: Previous Work a Previous Countermeasuresmentioning

confidence: 99%

“…Table 3 presents a comparison between the security of the proposed secure scan architecture and the previous approaches. The reported results for scan chain encryption [22] are assumed to use SKINNY-64-128, and the results of improved DFT [20] are assumed to use the 128-bit password assigning 64 bits for the scan password. Secure DFT [16] and HBSDlow [23] do not use an authentication key.…”

Section: ) Comparison With the Previous Approachesmentioning

confidence: 99%

“…In [19], the authors proposed inserting dummy flip-flops in the scan chain to locate the input key for the lock and key technique. In [20], the authors used primary inputs of the cryptographic chip as a test password to protect the scan design. To avoid the vulnerability of a common key, a secure scan design that adopts physically unclonable function (PUF) was proposed, which generates a unique key for each chip [21].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Secure Scan Architecture Protecting Scan Test and Scan Dump Using Skew-Based Lock and Key

2021

View full text Add to dashboard Cite

Scan-based Design for Testability (DFT) is widely used in industry as it consistently provides high fault coverage. However, scan-based DFT is prone to security vulnerabilities where attackers use the scan design to obtain secret information from the system-on-chip. Existing countermeasures for such attacks contribute to enhancing the security of the scan design but cannot prevent the loss of debuggability because scan dumps are also treated as a type of attack even though they provide debuggers with high observability after a chip has been packaged. Therefore, it is necessary for secure scan architectures to effectively defend various existing attacks without losing the debuggability of the scan dump. In this paper, we propose a secure scan architecture using a skew-based lock and key to enhance the security of the scan design while maintaining the debuggability of the scan dump. The proposed architecture builds up an invisible barrier against the attacker by combining the physical information into a lock and key scheme. While the security is improved effectively with the new barrier by only a few key flip-flops, the scan dump, which has been treated as an attack, is protected separately in the acquisition and analysis steps using secure software in the proposed architecture. Performance evaluations show that the area and the test time overhead in the proposed architecture are negligible while achieving both a high level of security and scan dump protection.INDEX TERMS Secure scan architecture, secure scan dump, skew-based lock and key, lock and key.

show abstract

Section: Previous Work a Previous Countermeasuresmentioning

confidence: 99%

Section: ) Comparison With the Previous Approachesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Secure Scan Architecture Protecting Scan Test and Scan Dump Using Skew-Based Lock and Key

2021

View full text Add to dashboard Cite

show abstract

“…With the rapid development and large-scale application of the Internet of Things (IoT) technology, a number of issues and challenges have emerged, including greater concern over the secure transmission of private information. [1][2][3][4][5] The secure transmission of private information cannot be achieved without the information security system provided by cryptography. Therefore, pseudo-random number generators (PRNGs), as the most prevalent information security systems in cryptography, are receiving increasing attention from researchers.…”

Section: Introductionmentioning

confidence: 99%

FPGA implementation and image encryption application of a new PRNG based on a memristive Hopfield neural network with a special activation gradient

Zhang

Shen

et al. 2022

Chinese Phys. B

View full text Add to dashboard Cite

In this paper, a memristive Hopfield neural network with a special activation gradient (MHNN) is proposed by adding a suitable memristor to the Hopfield neural network (HNN) with a special activation gradient. The MHNN is simulated and dynamic analyzed, and implemented on FPGA. Then, a new pseudo-random number generator (PRNG) based on MHNN is proposed. The post-processing unit of the PRNG is composed of nonlinear post-processor and XOR calculator, which effectively ensures the randomness of PRNG. The experiments in this paper comply with the IEEE 754-1985 high precision 32-bit floating point standard and are done on the Vivado design tool using a Xilinx XC7Z020CLG400-2 FPGA chip and the Verilog-HDL hardware programming language. The random sequence generated by the PRNG proposed in this paper has passed the NIST SP800-22 test suite and security analysis, proving its randomness and high performance. Finally, an image encryption system based on PRNG is proposed and implemented on FPGA, which proves the value of the image encryption system in the field of data encryption connected to the Internet of Things (IoT).

show abstract

“…In recent years, several technologies, such as sensor networks [1][2][3][4], wireless communication [5][6][7][8], smart grid [9,10], big data [11,12], and internet of things [13,14], have been developed rapidly and their security has been widely researched [15]. At the same time, the researcher has been paying more and more attention to the security issue of the underlying hardware [16][17][18].…”

Section: Introductionmentioning

confidence: 99%

Preventing Scan-Based Side-Channel Attacks by Scan Obfuscating with a Configurable Shift Register

Wang

Yin

Cai

et al. 2021

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Scan test is widely used in integrated circuit test. However, the excellent observability and controllability provided by the scan test gives attackers an opportunity to obtain sensitive information by using scan design to threaten circuit security. Hence, the primary motivation of this paper is to improve the existing DFT technique, i.e., to enhance the chip security on the premise of guaranteeing test quality. In this paper, we propose a new scan design method against scan-based side-channel attack. In the proposed method, the encryption structure is adopted, which requires the correct test authorization code to carry out normal test operation. Without the correct test authorization, the attackers cannot obtain the desired scan data, preventing the scan-based side-channel attacks. Furthermore, the test authorization code is determined by the nonvolatile memory built into the chip to realize the inconsistency of the test authorization code for each chip.

show abstract

Ensuring Cryptography Chips Security by Preventing Scan-Based Side-Channel Attacks With Improved DFT Architecture

Cited by 15 publications

References 50 publications

A Secure Scan Architecture Protecting Scan Test and Scan Dump Using Skew-Based Lock and Key

A Secure Scan Architecture Protecting Scan Test and Scan Dump Using Skew-Based Lock and Key

FPGA implementation and image encryption application of a new PRNG based on a memristive Hopfield neural network with a special activation gradient

Preventing Scan-Based Side-Channel Attacks by Scan Obfuscating with a Configurable Shift Register

Contact Info

Product

Resources

About