Security Extension for IEEE Std 1149.1

Novak, Franc; Biasizzo, Anton

doi:10.1007/s10836-006-7720-x

Cited by 43 publications

(18 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the first approaches for implementing a secure JTAG appears in [8]. It presents a locking/unlocking mechanism for controlling the access to the JTAG instructions.…”

Section: Previous Workmentioning

confidence: 99%

“…Most of the previous approaches [8,9,10,11,26] suppose a one-way authentication, where either the circuit or the server is considered trusted. In this paper, we propose a suitable solution in cases where neither the circuit nor the server is trusted.…”

Section: Previous Workmentioning

confidence: 99%

“…Though there are several approaches for securing the JTAG interface, which can be found in the literature [8,9,10,11,12], most of them are based on symmetric-key approaches. They have an inherent key management problem.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Secure JTAG Implementation Using Schnorr Protocol

et al. 2013

View full text Add to dashboard Cite

Abstract.The standard IEEE 1149.1 (Test Access Port and Boundary-Scan Architecture, also known as JTAG port) provides a useful interface for embedded systems development, debug, and test. In an 1149.1-compatible integrated circuit, the JTAG port allows the circuit to be easily accessed from the external world, and even to control and observe the internal scan chains of the circuit. However, the JTAG port can be also exploited by attackers to mount several cryptographic attacks. In this paper we propose a novel architecture that implements a secure JTAG interface. Our JTAG scheme allows for mutual authentication between the device and the tester. In contrast to previous work, our scheme uses provably secure asymmetric-key based authentication and verification protocols. The complete scheme is implemented in hardware and integrated with the standard JTAG interface. Detailed area and timing results are also presented.

show abstract

“…One of the first approaches for implementing a secure JTAG appears in [8]. It presents a locking/unlocking mechanism for controlling the access to the JTAG instructions.…”

Section: Previous Workmentioning

confidence: 99%

Section: Previous Workmentioning

confidence: 99%

See 1 more Smart Citation

Secure JTAG Implementation Using Schnorr Protocol

et al. 2013

View full text Add to dashboard Cite

show abstract

“…Previous works have proposed two separate approaches to user authentication, which are two-entity authentication and three-entity authentication. The two-entity authentication uses a shared secret key between the device and the user [9,10]. A user with the key can authenticate oneself regardless of time or place, minimizing the loss of availability while maintaining a certain level of security.…”

Section: Related Workmentioning

confidence: 99%

Debug Port Protection Mechanism for Secure Embedded Devices

Park¹,

Yoo²,

Kim³

2012

JSTS:Journal of Semiconductor Technology and Science

View full text Add to dashboard Cite

Abstract-In this paper we propose a protection mechanism for the debug port. While debug ports are useful tools for embedded device development and maintenance, they can also become potential attack tools for device hacking in case their usage is permitted to hackers with malicious intentions. The proposed approach prevents illicit use of debug ports by controlling access through user authentication, where the device generates and issues authentication token only to the server-authenticated users. An authentication token includes user access information which represents the user's permitted level of access and the maximum number of authentications allowed using the token. The device authenticates the user with the token and grants limited access based on the user's access level. The proposed approach improves the degree of overall security by removing the need to expose the device's secret key. Availability is also enhanced by not requiring server connection after the initial token generation and further by supporting flexible token transfer among predefined device groups. Low implementation cost is another benefit of the proposed approach, enabling it to be adopted to a wide range of environments in demand of debug port protection.

show abstract

“…Scan chain is accessed and scan data is obtained through these test interfaces. In some cases, secure test interfaces are implemented in a chip where the access to the scan chain is limited somehow [2], [3], but it is pointed out that there still exist LSI chips on which these test interfaces can be accessed nonsecurely [1], [4], [5]. Scan data itself can be secured or compressed and several secure scan architectures are proposed [5].…”

Section: Introductionmentioning

confidence: 99%

Scan-based Side-channel Attack against HMAC-SHA-256 Circuits Based on Isolating Bit-transition Groups Using Scan Signatures

Oku

Yanagisawa

Togawa

2018

IPSJ Transactions on System LSI Design Methodology

View full text Add to dashboard Cite

Abstract:A scan chain is used by scan-path test, one of design-for-test techniques, which can control and observe internal registers in an LSI chip. On the other hand, a scan-based side-channel attack is focused on which can restore secret information by exploiting the scan data obtained from a scan chain inside the crypto chip during cryptographic processing. In this paper, we propose a scan-based attack method against a hash generator circuit called HMAC-SHA-256. Our proposed method is composed of three steps; Firstly, we isolate 64 bit-transition groups from a scan data using scan signatures based on the property of the HMAC-SHA-256 algorithm. Secondly, we classify these 64 bittransition groups into 32 pairs. Lastly, we find out the correspondence between the scan data and the internal registers in the target HMAC-SHA-256 circuit. Our proposed method restores the secret information by the three steps above, even if the scan chain includes registers other than the target hash generator circuit and hence it becomes too long. Experimental results show that our proposed method successfully restores two secret keys of the HMAC-SHA-256 circuit using up to 425 input messages in 7.5 hours.

show abstract

Security Extension for IEEE Std 1149.1

Cited by 43 publications

References 0 publications

Secure JTAG Implementation Using Schnorr Protocol

Secure JTAG Implementation Using Schnorr Protocol

Debug Port Protection Mechanism for Secure Embedded Devices

Scan-based Side-channel Attack against HMAC-SHA-256 Circuits Based on Isolating Bit-transition Groups Using Scan Signatures

Contact Info

Product

Resources

About