Cryptanalysis of the Double-Feedback XOR-Chain Scheme Proposed in Indocrypt 2013

For any modern chip design with a considerably large portion of logic, design for test (DFT) is a mandatory part of the design process which helps to reduce the complexity of testing sequential circuits. Scan-chains are one of the most commonly-used DFT techniques. However, the presence of scan-chains makes the device vulnerable to scan-based attacks from a cryptographic point of view. Techniques to cryptanalyze stream ciphers like Trivium, with additional hardware for scan-chains, are already available in literature (Agrawal et al. Indocrypt 2008). Such ideas were extended to more complicated stream ciphers like MICKEY 2.0 in the paper by Banik et al. at Indocrypt 2013. In this paper, we will look at the Double-Feedback XOR-Chain based countermeasure that was proposed by Banik et al. in Indocrypt 2013, to protect scan-chains from such scan-based attacks. We will show that such an XOR-Chain based countermeasure is vulnerable to attack. As an alternative, we propose a novel countermeasure based on randomization of XOR gates, that can protect scan-chains against such attacks.

[1]  Ramesh Karri,et al.  Scan attack in presence of mode-reset countermeasure , 2013, 2013 IEEE 19th International On-Line Testing Symposium (IOLTS).

[2]  Jean-Jacques Quisquater,et al.  FPGA Implementations of eSTREAM Phase-2 Focus Candidates with Hardware Profile , 2007 .

[3]  Debdeep Mukhopadhyay,et al.  Scan Based Side Channel Attacks on Stream Ciphers and Their Counter-Measures , 2008, INDOCRYPT.

[4]  Paris Kitsos On the Hardware Implementation of the MICKEY-128 Stream Cipher , 2005, IACR Cryptol. ePrint Arch..

[5]  Serge Vaudenay,et al.  Progress in Cryptology – INDOCRYPT 2013 , 2013, Lecture Notes in Computer Science.

[6]  Stefan Katzenbeisser,et al.  PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon , 2012, CHES.

[7]  Patrick Schaumont,et al.  Cryptographic Hardware and Embedded Systems – CHES 2012 , 2012, Lecture Notes in Computer Science.

[8]  Elmar Tischhauser,et al.  Nonsmooth cryptanalysis, with an application to the stream cipher MICKEY , 2011, J. Math. Cryptol..

[9]  Christophe Clavier,et al.  Susceptibility of eSTREAM Candidates towards Side Channel Analysis , 2008 .

[10]  Ramarathnam Venkatesan,et al.  Progress in Cryptology - INDOCRYPT 2005, 6th International Conference on Cryptology in India, Bangalore, India, December 10-12, 2005, Proceedings , 2005, INDOCRYPT.

[11]  Tor Helleseth,et al.  State space cryptanalysis of the MICKEY cipher , 2013, 2013 Information Theory and Applications Workshop (ITA).

[12]  Woo-Hwan Kim,et al.  TMD-Tradeoff and State Entropy Loss Considerations of Streamcipher MICKEY , 2005, INDOCRYPT.

[13]  Vincent Rijmen,et al.  Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India, Kharagpur, India, December 14-17, 2008. Proceedings , 2008, INDOCRYPT.

[14]  Santanu Sarkar,et al.  Improved differential fault attack on MICKEY 2.0 , 2015, Journal of Cryptographic Engineering.

[15]  Subhadeep Banik,et al.  Improved Scan-Chain Based Attacks and Related Countermeasures , 2013, INDOCRYPT.

[16]  P. Kitsos,et al.  A high-speed hardware implementation of the Hermes8-128 stream cipher , 2007, 2007 18th European Conference on Circuit Theory and Design.

[17]  Debdeep Mukhopadhyay,et al.  Secured Flipped Scan-Chain Model for Crypto-Architecture , 2007, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[18]  Jean-Pierre Seifert,et al.  Cloning Physically Unclonable Functions , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[19]  Ken Mai,et al.  An efficient reliable PUF-based cryptographic key generator in 65nm CMOS , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[20]  Ingrid Verbauwhede,et al.  Power Analysis of Synchronous Stream Ciphers with Resynchronization Mechanism , 2004, IITA 2008.

[21]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004 .

[22]  Ramesh Karri,et al.  Secure Scan: A Design-for-Test Architecture for Crypto Chips , 2006, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..