Test-mode-only scan attack and countermeasure for contemporary scan architectures

Scan design is a de facto design-for-testability technique that enhances access during the manufacturing test process. However, it can also be exploited to leak secret information off a secure chip. A mode-reset countermeasure has been used to thwart all the existing scan attacks, as they all rely on switching between the test and normal modes. Recently, the countermeasure was circumvented by a new scan attack that utilizes only the test mode to identify the secret key of an AES chip. However, this test-mode-only attack has overlooked the other test structures, such as a decompressor and a compactor, on the scan path, which act as fortuitous countermeasures against test-mode-only scan attacks. In this work, we present a scan attack analysis for contemporary scan architectures with a stimulus decompressor unit. A stimulus decompressor poses a challenge for the test-mode-only attack, as the bit-flips required to launch the attack may not be created through the decompressor. The problem bears similarities to the test pattern encodability problem, where certain test cubes cannot be delivered due to the correlation induced by the stimulus decompressor. This paper sheds light to the intrinsic connections between the scan attack and the test pattern encodability problem, and presents a new test-mode-only scan attack in the presence of a decompressor of any type. Our analysis on an AES design shows that the proposed attack is successful for contemporary scan architectures. We also propose countermeasures that diminish the success of the proposed attack.

[1]  Ramesh Karri,et al.  Secure scan: a design-for-test architecture for crypto chips , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[2]  Brion L. Keller,et al.  OPMISR: the foundation for compressed ATPG vectors , 2001, Proceedings International Test Conference 2001 (Cat. No.01CH37260).

[3]  Ramesh Karri,et al.  New scan-based attack using only the test mode , 2013, 2013 IFIP/IEEE 21st International Conference on Very Large Scale Integration (VLSI-SoC).

[4]  Rohit Kapur Security vs. test quality: are they mutually exclusive? , 2004 .

[5]  J.H. Jahnke Reverse engineering software architecture using rough clusters , 2004, IEEE Annual Meeting of the Fuzzy Information, 2004. Processing NAFIPS '04..

[6]  Yu Huang,et al.  Effects of Embedded Decompression and Compaction Architectures on Side-Channel Attack Resistance , 2007, 25th IEEE VLSI Test Symposium (VTS'07).

[7]  Kaisa Nyberg,et al.  Generalized Feistel Networks , 1996, ASIACRYPT.

[8]  Ingrid Verbauwhede,et al.  Differential Scan Attack on AES with X-tolerant and X-masked Test Response Compactor , 2012, 2012 15th Euromicro Conference on Digital System Design.

[9]  Ralph Howard,et al.  Data encryption standard , 1987 .

[10]  Neil Walkinshaw,et al.  Reverse-Engineering Software Behavior , 2013, Adv. Comput..

[11]  Rohit Kapur,et al.  A reconfigurable shared scan-in architecture , 2003, Proceedings. 21st VLSI Test Symposium, 2003..

[12]  Mitsuru Matsui,et al.  Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis , 2000, Selected Areas in Cryptography.

[13]  Nilanjan Mukherjee,et al.  Embedded deterministic test for low cost manufacturing test , 2002, Proceedings. International Test Conference.

[14]  Giorgio Di Natale,et al.  Scan Attacks and Countermeasures in Presence of Scan Response Compactors , 2011, 2011 Sixteenth IEEE European Test Symposium.

[15]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004 .

[16]  Ramesh Karri,et al.  Scan attack in presence of mode-reset countermeasure , 2013, 2013 IEEE 19th International On-Line Testing Symposium (IOLTS).

[17]  Rodham E. Tulloss,et al.  The Test Access Port and Boundary Scan Architecture , 1990 .

[18]  Bruno Rouzeyre,et al.  Test control for secure scan designs , 2005, European Test Symposium (ETS'05).

[19]  Giorgio Di Natale,et al.  Are advanced DfT structures sufficient for preventing scan-attacks? , 2012, 2012 IEEE 30th VLSI Test Symposium (VTS).