Static and Dynamic Obfuscations of Scan Data Against Scan-Based Side-Channel Attacks

Cui, Aijiao; Luo, Yanhui; Chang, Chip-Hong

doi:10.1109/tifs.2016.2613847

Cited by 57 publications

(52 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a result, countermeasures for scan attacks are no longer secure in the more generous threat model. Certain scan attack countermeasures rely on scan chain authentication [14], [30], [31], [32]. These countermeasures can be circumvented by having access to a reverse-engineered netlist, as the on-chip logic that implements secure scan can also be reverse-engineered to bypass authentication.…”

Section: Scansat Versus Scan Attacksmentioning

confidence: 99%

See 1 more Smart Citation

ScanSAT: Unlocking Static and Dynamic Scan Obfuscation

Alrahis

Yasin

Limaye

et al. 2021

IEEE Trans. Emerg. Topics Comput.

View full text Add to dashboard Cite

While financially advantageous, outsourcing key steps, such as testing, to potentially untrusted Outsourced Assembly and Test (OSAT) companies may pose a risk of compromising on-chip assets. Obfuscation of scan chains is a technique that hides the actual scan data from the untrusted testers; logic inserted between the scan cells, driven by a secret key, hides the transformation functions that map the scan-in stimulus (scan-out response) and the delivered scan pattern (captured response). While static scan obfuscation utilizes the same secret key, and thus, the same secret transformation functions throughout the lifetime of the chip, dynamic scan obfuscation updates the key periodically. In this paper, we propose ScanSAT: an attack that transforms a scan obfuscated circuit to its logic-locked version and applies the Boolean satisfiability (SAT) based attack, thereby extracting the secret key. We implement our attack, apply on representative scan obfuscation techniques, and show that ScanSAT can break both static and dynamic scan obfuscation schemes with 100% success rate. Moreover, ScanSAT is effective even for large key sizes and in the presence of scan compression.

show abstract

Section: Scansat Versus Scan Attacksmentioning

confidence: 99%

“…Scan obfuscation/masking defenses Scan chain authentication[30],[31], State dependent scan flip-flop based scan (SDSFF)[32] RE-vulnerable Flipped scan[39], XOR scan[40], double feedback XOR scan[41] RE-vulnerable…”

mentioning

confidence: 99%

ScanSAT: Unlocking Static and Dynamic Scan Obfuscation

Alrahis

Yasin

Limaye

et al. 2021

IEEE Trans. Emerg. Topics Comput.

View full text Add to dashboard Cite

show abstract

“…There are different types of IP cores at various design levels, as identification information can be inserted at any design level as a part of the IP core for protection [21,22]. FPGAs are programmable integrated circuits, and the process to insert identification information in such a circuit as a target is more complicated than that of traditional multimedia—text, software, among others.…”

Section: Preliminariesmentioning

confidence: 99%

Hausdorff Distance Model-Based Identity Authentication for IP Circuits in Service-Centric Internet-of-Things Environment

Liang

Huang

Chen

et al. 2019

Sensors

View full text Add to dashboard Cite

Rapid advances in the Internet-of-Things (IoT) have exposed the underlying hardware devices to security threats. As the major component of hardware devices, the integrated circuit (IC) chip also suffers the threat of illegal, malicious attacks. To protect against attacks and vulnerabilities of a chip, a credible authentication is of fundamental importance. In this paper, we propose a Hausdorff distance-based method to authenticate the identity of IC chips in IoT environments, where the structure is analyzed, and the lookup table (LUT) resources are treated as a set of reconfigurable nodes in field programmable gate array (FPGA)-based IC design. Unused LUT resources are selected for insertion of the copyright information by using the depth-first search algorithm, and the random positions are reordered with the Hausdorff distance matching function next, so these positions are mapped to satisfy the specific constraints of the optimal watermark positions. If the authentication process is activated, virtual positions are mapped to the initial key file, yet the identity of the IC designed can be authenticated using the mapping relationship of the Hausdorff distance function. Experimental results show that the proposed method achieves good randomness and secrecy in watermark embedding, as well the extra resource overhead caused by watermarks are promising.

show abstract

“…So, the watermarking implementation is different. 21 In Figure 2, Alice should first generate the watermark sequence with her own signature using the watermark generator. To ensure the security, two secret keys are generated, respectively, as the public key KEY1 and the private key KEY2.…”

Section: Ecc-based Ip Watermarking Algorithmmentioning

confidence: 99%

Intellectual property protection for FPGA designs using the public key cryptography

Huang

et al. 2019

Advances in Mechanical Engineering

View full text Add to dashboard Cite

For the copyright protection in intellectual property reuse technology, we must ensure that when an intellectual property watermark verifier leaks the secret key of an intellectual property watermark system, a malicious attacker could not guess the key to facilitate successful attacks on the watermarks. Therefore, this work proposes a robust intellectual property watermarking algorithm based on elliptic-curve cryptography. The physical layout of intellectual property design is abstracted into a graph with tree structure by using the topology theory. A secure model based on the asymmetric encryption model is proposed to encrypt the watermark positions. The generated graph and a random searching algorithm are used for the distribution of the watermark positions. Finally, the watermarks are inserted by reordering the redundant attributes in the graph. The experiments show that the proposed algorithm will insert more watermark constraints under the same condition. Thus, the probability of coincidence is lower, achieving good reliability. In addition, when the watermarks are impaired due to attacks, the algorithm can restore the original watermarks from the topology graph. In comparison to other algorithms, the proposed algorithm has good performance in watermark capacity and overhead, as well as provides resilience to the typical attacks.

show abstract

Static and Dynamic Obfuscations of Scan Data Against Scan-Based Side-Channel Attacks

Cited by 57 publications

References 33 publications

ScanSAT: Unlocking Static and Dynamic Scan Obfuscation

ScanSAT: Unlocking Static and Dynamic Scan Obfuscation

Hausdorff Distance Model-Based Identity Authentication for IP Circuits in Service-Centric Internet-of-Things Environment

Intellectual property protection for FPGA designs using the public key cryptography

Contact Info

Product

Resources

About