AES Design Improvements Towards Information Security Considering Scan Attack

With the rapid development and globalization of semiconductor industry, data security is becoming a more critical issue for highly confidential devices, especially for cryptography related applications. Advanced Encryption Standard (AES) is widely used for information security. For AES, the most important data are plaintext and keys, which are the targets of attacks. In this paper, AES security vulnerabilities are analyzed first. Information leakage would be a major concern for AES. Hence one of the most common types of attacks that could leak information at the AES implementation, inserted into AES and utilizing scan chains in or around AES to extract keys or plaintext, is discussed. To deal with the attacks and improve AES circuit's information security, one protection, namely Registered Data Obfuscation, is presented. Experiment results show that with the proposed protection, the scan-based attack is invalidated to leak the critical data. Meanwhile, the proposed protection can also disalbe key Trojan attack introduced in [1, 2]. The cost analysis shows that the additional area and power overhead incurred by the proposed protection are 1.09% and 0.46%, respectively.

[1]  Mark Mohammad Tehranipoor,et al.  Securing Scan Design Using Lock and Key Technique , 2005, 20th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems (DFT'05).

[2]  Mark Mohammad Tehranipoor,et al.  Securing Designs against Scan-Based Side-Channel Attacks , 2007, IEEE Transactions on Dependable and Secure Computing.

[3]  Ramesh Karri,et al.  Secure scan: a design-for-test architecture for crypto chips , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[4]  G. Sengar,et al.  An Efficient Approach to Develop Secure Scan Tree for Crypto-Hardware , 2007, 15th International Conference on Advanced Computing and Communications (ADCOM 2007).

[5]  Giorgio Di Natale,et al.  Are advanced DfT structures sufficient for preventing scan-attacks? , 2012, 2012 IEEE 30th VLSI Test Symposium (VTS).

[6]  Debdeep Mukhopadhyay,et al.  CryptoScan: A Secured Scan Chain Architecture , 2005, 14th Asian Test Symposium (ATS'05).

[7]  Mark Mohammad Tehranipoor,et al.  A low-cost solution for protecting IPs against scan-based side-channel attacks , 2006, 24th IEEE VLSI Test Symposium.

[8]  Nozomu Togawa,et al.  Scan-based attack against elliptic curve cryptosystems , 2010, 2010 15th Asia and South Pacific Design Automation Conference (ASP-DAC).

[9]  Christof Paar,et al.  One Attack to Rule Them All: Collision Timing Attack versus 42 AES ASIC Cores , 2013, IEEE Transactions on Computers.

[10]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004 .

[11]  Chien-Mo James Li,et al.  IEEE 1500 Compatible Secure Test Wrapper For Embedded IP Cores , 2008, 2008 IEEE International Test Conference.

[12]  Bruno Rouzeyre,et al.  Secure scan techniques: a comparison , 2006, 12th IEEE International On-Line Testing Symposium (IOLTS'06).

[13]  Bernard L. Menezes,et al.  Design and implementation of an espionage network for cache-based side channel attacks on AES , 2015, 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE).

[14]  Avi Mendelson,et al.  Exploiting the Scan Side Channel for Reverse Engineering of a VLSI Device , 2016 .

[15]  Giorgio Di Natale,et al.  Scan chain encryption for the test, diagnosis and debug of secure circuits , 2017, 2017 22nd IEEE European Test Symposium (ETS).

[16]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[17]  Youhua Shi,et al.  Dynamically changeable secure scan architecture against scan-based side channel attack , 2012, 2012 International SoC Design Conference (ISOCC).

[18]  Patrick Fay,et al.  Breakthrough AES Performance with Intel ® AES New Instructions , 2010 .

[19]  Michel Renovell,et al.  Scan Design and Secure Chip , 2004, IOLTS.

[20]  Amine Dehbaoui,et al.  Electromagnetic Transient Faults Injection on a Hardware and a Software Implementations of AES , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[21]  Hideo Fujiwara,et al.  Partial Scan Approach for Secret Information Protection , 2009, 2009 14th IEEE European Test Symposium.

[22]  Ramesh Karri,et al.  AES design space exploration new line for scan attack resiliency , 2014, 2014 22nd International Conference on Very Large Scale Integration (VLSI-SoC).

[23]  Debdeep Mukhopadhyay,et al.  Secured Flipped Scan-Chain Model for Crypto-Architecture , 2007, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[24]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004, 2004 International Conferce on Test.

[25]  Ramesh Karri,et al.  Test-mode-only scan attack using the boundary scan chain , 2014, 2014 19th IEEE European Test Symposium (ETS).

[26]  Masayoshi Yoshimura,et al.  A smart Trojan circuit and smart attack method in AES encryption circuits , 2013, 2013 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS).

[27]  Takeshi Kumaki,et al.  Cipher-destroying and secret-key-emitting hardware Trojan against AES core , 2013, 2013 IEEE 56th International Midwest Symposium on Circuits and Systems (MWSCAS).

[28]  Ramesh Karri,et al.  Test-mode-only scan attack and countermeasure for contemporary scan architectures , 2014, 2014 International Test Conference.

[29]  Nozomu Togawa,et al.  Scan-Based Side-Channel Attack against RSA Cryptosystems Using Scan Signatures , 2010, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[30]  Yu Huang,et al.  Effects of Embedded Decompression and Compaction Architectures on Side-Channel Attack Resistance , 2007, 25th IEEE VLSI Test Symposium (VTS'07).

[31]  Ramesh Karri,et al.  New scan-based attack using only the test mode , 2013, 2013 IFIP/IEEE 21st International Conference on Very Large Scale Integration (VLSI-SoC).

[32]  Giorgio Di Natale,et al.  Scan Attacks and Countermeasures in Presence of Scan Response Compactors , 2011, 2011 Sixteenth IEEE European Test Symposium.

[33]  David Blaauw,et al.  A compact 446 Gbps/W AES accelerator for mobile SoC and IoT in 40nm , 2016, 2016 IEEE Symposium on VLSI Circuits (VLSI-Circuits).