New scan attacks against state-of-the-art countermeasures and DFT

Author

Ali, Sk Subidh ; Sinanoglu, Ozgur ; Saeed, Samah Mohamed ; Karri, Ramesh

Author_Institution

New York Univ. Abu Dhabi (NYUAD), Abu Dhabi, United Arab Emirates

fYear

2014

fDate

6-7 May 2014

Firstpage

142

Lastpage

147

Abstract

Scan attack has been known as a threat to Design for Testability (DFT). All the existing attacks require both the normal mode and the test mode of the device. In normal mode the intermediate results of a crypto-hardware are captured in scan chains and in the test mode the results are shifted out. One simple countermeasure for this kind of attacks is to reset the device whenever there is a switch of the mode. A recent test-mode-only attack shows that the mode-reset countermeasure is insecure against scan attack. An attack is still possible using only the test mode of the device. However, the attack was presented without the presence of an on-chip test compactor. In this paper we propose a new test-mode-only attack on AES hardware which works in the presence of an on-chip response compactor. The proposed attack retrieves the secret key with negligible time complexity. The attack results show that DFT infrastructures with response compactor are vulnerable to scan attack even in the presence of mode-reset countermeasure.

Keywords

cryptography; design for testability; AES hardware; DFT; crypto-hardware; design for testability; mode-reset countermeasure; on-chip response compactor; scan attack; test-mode-only attack; Compaction; Discrete Fourier transforms; Hamming distance; Security; Switches; System-on-chip; Vectors; AES; Scan Attack; Scan Chain; Scan-based DFT; Security; Testability;

fLanguage

English

Publisher

ieee

Conference_Titel

Hardware-Oriented Security and Trust (HOST), 2014 IEEE International Symposium on

Conference_Location

Arlington, VA

Print_ISBN

978-1-4799-4114-8

Type

conf

DOI

10.1109/HST.2014.6855585

Filename

6855585