Securing Scan Design Using Lock & Key Technique

Scan test has been a common and useful method for testing VLSI designs due to the high controllability and observability it provides. These same properties have recently been shown to also be a security threat to the intellectual property on a chip [1]. In order to defend from scan based attacks, we present the Lock & Key technique. Our proposed technique provides security while not negatively impacting the design’s fault coverage. This technique requires only that a small area overhead penalty is incurred for a significant return in security. Lock & Key divides the already present scan chain into smaller subchains of equal length that are controlled by an internal test security controller. When a malicious user attempts to manipulate the scan chain, the test security controller goes into insecure mode and enables each subchain in an unpredictable sequence making controllability and observability of the circuit under test very difficult. We will present and analyze the design of the Lock & Key technique to show that this is a flexible option to secure scan designs for various levels of security.

[1]  Jürgen Gessner,et al.  Design and test of an integrated cryptochip , 1991, IEEE Design & Test of Computers.

[2]  Wolfgang Fichtner,et al.  A 177 Mb/s VLSI implementation of the International Data Encryption Algorithm , 1994 .

[3]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[4]  Mike Godwin,et al.  High Noon on the Electronic Frontier: Conceptual Issues in Cyberspace , 1996 .

[5]  L. R. Shade High noon on the electronic frontier: Conceptual issues in cyberspace , 1997 .

[6]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[7]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[8]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[9]  Bruce Schneier,et al.  Side channel cryptanalysis of product ciphers , 2000 .

[10]  L. Whetsel,et al.  An analysis of power reduction techniques in scan testing , 2001, Proceedings International Test Conference 2001 (Cat. No.01CH37260).

[11]  Nur A. Touba,et al.  Reducing power dissipation during test using scan chain disable , 2001, Proceedings 19th IEEE VLSI Test Symposium. VTS 2001.

[12]  Ramesh Karri,et al.  Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphers , 2002, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[13]  Travis N. Blalock,et al.  An on-chip signal suppression countermeasure to power analysis attacks , 2004, IEEE Transactions on Dependable and Secure Computing.

[14]  Srivaths Ravi,et al.  Tamper resistance mechanisms for secure embedded systems , 2004, 17th International Conference on VLSI Design. Proceedings..

[15]  Michel Renovell,et al.  Scan Design and Secure Chip , 2004, IOLTS.

[16]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004 .

[17]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..

[18]  Ingrid Verbauwhede,et al.  A VLSI design flow for secure side-channel attack resistant ICs , 2005, Design, Automation and Test in Europe.