Scan Attacks and Countermeasures in Presence of Scan Response Compactors

Abstract: International audienceThe conflict between security and testability is still a concern of hardware designers. While secure devices must protect confidential information from unauthorized users, quality testing of these devices requires the controllability and observability of a substantial quantity of embedded information, and thus may jeopardize the data confidentiality. Several attacks using the test infrastructures (and in particular scan chains) have been described. More recently it has been shown how test… Show more

“…In [1], the authors claim that identification of these KFFs in the scan design is crucial for successful recovery of the encryption key. However, this has been contradicted in later works presented by Da Rolt et al [4], [5].…”

“…In [5], Da Rolt et al present a scan based attack on an AES design with a scan response compactor, in which the identification of KFFs is not necessary for mounting a successful attack. They show that the attack proposed in [3] is directly applicable to designs which use an XOR tree structure for scan response compaction.…”

“…However, this XOR operation can affect the observed Hamming distances depending on the distribution of KFFs over the scan chain structure. In [5], Da Rolt et al analyse the effect of an XOR compaction on the basic attack and show that the attack is still applicable to these systems but some additional work is required to successfully recover the key.…”

“…In this work, we take this approach to the next level and extend the scan-based differential attack [4], [5] to test compression schemes which use X-masking logic as well as response compactors. For comparability with the previous work, the results are given in next section are for a collection of distinct distributions of KFFs over the scan chain structure of a generic test compression scheme.…”

“…Although scan-chain Designfor-Test (DFT) offers the highest testability, they are prone to scan-based side channel leakages which may help an intruder to perform a non-invasive attack on secure chips to extract secret information such as cryptographic keys from secure hardware implementations. In fact, there are works available in the literature which exploit this property, and they are referred to as scan-based side channel attacks [3], [4], [5]. However, these works do not consider any X-tolerant or X-masking logic which is widely used in industrial test compression schemes, and gravely affects the applicability and running time of these attacks.…”

Differential Scan Attack on AES with X-tolerant and X-masked Test Response Compactor

“…In [1], the authors claim that identification of these KFFs in the scan design is crucial for successful recovery of the encryption key. However, this has been contradicted in later works presented by Da Rolt et al [4], [5].…”

“…In [5], Da Rolt et al present a scan based attack on an AES design with a scan response compactor, in which the identification of KFFs is not necessary for mounting a successful attack. They show that the attack proposed in [3] is directly applicable to designs which use an XOR tree structure for scan response compaction.…”

“…However, this XOR operation can affect the observed Hamming distances depending on the distribution of KFFs over the scan chain structure. In [5], Da Rolt et al analyse the effect of an XOR compaction on the basic attack and show that the attack is still applicable to these systems but some additional work is required to successfully recover the key.…”

“…In this work, we take this approach to the next level and extend the scan-based differential attack [4], [5] to test compression schemes which use X-masking logic as well as response compactors. For comparability with the previous work, the results are given in next section are for a collection of distinct distributions of KFFs over the scan chain structure of a generic test compression scheme.…”

“…Although scan-chain Designfor-Test (DFT) offers the highest testability, they are prone to scan-based side channel leakages which may help an intruder to perform a non-invasive attack on secure chips to extract secret information such as cryptographic keys from secure hardware implementations. In fact, there are works available in the literature which exploit this property, and they are referred to as scan-based side channel attacks [3], [4], [5]. However, these works do not consider any X-tolerant or X-masking logic which is widely used in industrial test compression schemes, and gravely affects the applicability and running time of these attacks.…”

Differential Scan Attack on AES with X-tolerant and X-masked Test Response Compactor

New Scan-Based Attack Using Only the Test Mode and an Input Corruption Countermeasure

Scan Design: Basics, Advancements, and Vulnerabilities