AES design space exploration new line for scan attack resiliency

Crypto-chips are vulnerable to side-channel attacks. Scan attack is one such side-channel attack which uses the scan-based DFT test infrastructure to leak the secret information of the crypto-chip. In the presence of scan, an attacker can run the chip in normal mode, and then by switching to the test mode, retrieve the intermediate results of the crypto-chip. Using only a few input-output pairs one can retrieve the entire secret key. Almost all the scan attacks on AES crypto-chip use the same iterative 128-bit AES design where the round register is placed exactly after the round operation. However, the attack potency may vary depending on the design of AES. In this work, we consider various designs of AES. We shed light on the impact of design style on the scan attack. We also consider response compaction in our analysis. We show that certain design decisions deliver inherent resistance to scan attack.

[1]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[2]  Giorgio Di Natale,et al.  Scan Attacks and Countermeasures in Presence of Scan Response Compactors , 2011, 2011 Sixteenth IEEE European Test Symposium.

[3]  Rohit Kapur Security vs. test quality: are they mutually exclusive? , 2004 .

[4]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004 .

[5]  Nozomu Togawa,et al.  Scan-Based Side-Channel Attack against RSA Cryptosystems Using Scan Signatures , 2010, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[6]  Giorgio Di Natale,et al.  A New Scan Attack on RSA in Presence of Industrial Countermeasures , 2012, COSADE.

[7]  Giorgio Di Natale,et al.  A scan-based attack on Elliptic Curve Cryptosystems in presence of industrial Design-for-Testability structures , 2012, 2012 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT).

[8]  Ramesh Karri,et al.  Secure scan: a design-for-test architecture for crypto chips , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[9]  Ingrid Verbauwhede,et al.  Differential Scan Attack on AES with X-tolerant and X-masked Test Response Compactor , 2012, 2012 15th Euromicro Conference on Digital System Design.

[10]  Kris Gaj,et al.  FPGA and ASIC Implementations of AES , 2009, Cryptographic Engineering.

[11]  Yu Huang,et al.  Effects of Embedded Decompression and Compaction Architectures on Side-Channel Attack Resistance , 2007, 25th IEEE VLSI Test Symposium (VTS'07).