Fast and automatic security test on cryptographic ICs against fault injection attacks based on design for security test

Fault injection attacks have constituted a serious threat against cryptographic integrated circuits (ICs). However, the security test nowadays is just sample test with workload statistics and experiences as the qualitative criterion, and results in costly, time-consuming and error-prone test procedures. This study presents a design for security test (DFST) method for cryptographic ICs against fault injection attacks. The DFST involves identifying the sensitive registers for various crypto modules, inserting the scan chains and generating the specific test patterns for security test. Then the security test is conducted on the manufactured cryptographic ICs with the industrial automatic test equipment. With this DFST method, a fast and automatic security test can be applied onto volume production of cryptographic ICs. Experimental results on an RSA implementation demonstrate the validity of this method.

[1]  Hipólito Guzmán-Miranda,et al.  FPGA-based mimicking of cryptographic device hacking through fault injection attacks , 2015, 2015 IEEE International Conference on Industrial Technology (ICIT).

[2]  William M. Daley,et al.  Security Requirements for Cryptographic Modules , 1999 .

[3]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[4]  Andrés Marín López,et al.  Overhead of using secure wireless communications in mobile computing , 2013, IEEE Transactions on Consumer Electronics.

[5]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[6]  Debiao He,et al.  Secure pseudonym-based near field communication protocol for the consumer internet of things , 2015, IEEE Transactions on Consumer Electronics.

[7]  Chris J. Mitchell,et al.  Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks , 2009, Lecture Notes in Computer Science.

[8]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.

[9]  Guoqing Xu,et al.  Heavy-Ion Microbeam Fault Injection into SRAM-Based FPGA Implementations of Cryptographic Circuits , 2015, IEEE Transactions on Nuclear Science.

[10]  Qiang Xie,et al.  A smart-card-based conditional access subsystem separation scheme for digital TV broadcasting , 2005, IEEE Trans. Consumer Electron..

[11]  Amir Moradi,et al.  A Generalized Method of Differential Fault Attack Against AES Cryptosystem , 2006, CHES.

[12]  Ramesh Karri,et al.  Secure scan: a design-for-test architecture for crypto chips , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[13]  E.J. Marinissen,et al.  Scan chain design for test time reduction in core-based ICs , 1998, Proceedings International Test Conference 1998 (IEEE Cat. No.98CH36270).

[14]  Mark Mohammad Tehranipoor,et al.  Securing Designs against Scan-Based Side-Channel Attacks , 2007, IEEE Transactions on Dependable and Secure Computing.

[15]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[16]  Debdeep Mukhopadhyay,et al.  Scan Based Side Channel Attacks on Stream Ciphers and Their Counter-Measures , 2008, INDOCRYPT.

[17]  Giorgio Di Natale,et al.  Thwarting Scan-Based Attacks on Secure-ICs With On-Chip Comparison , 2014, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[18]  Yan Deng,et al.  Fault injection methodology and tools , 2011, Proceedings of 2011 International Conference on Electronics and Optoelectronics.

[19]  Richard J. Lipton,et al.  On the Importance of Eliminating Errors in Cryptographic Computations , 2015, Journal of Cryptology.

[20]  Youhua Shi,et al.  Robust Secure Scan Design Against Scan-Based Differential Cryptanalysis , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[21]  Fei Hu,et al.  Detection of Faults and Attacks Including False Data Injection Attack in Smart Grid Using Kalman Filter , 2014, IEEE Transactions on Control of Network Systems.