论文信息 - Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard

Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard

Scan based test is a double edged sword. On one hand, it is a powerful test technique. On the other hand, it is an equally powerful attack tool. We show that scan chains can be used as a side channel to recover secret keys from a hardware implementation of the Data Encryption Standard (DES). By loading pairs of known plaintexts with one-bit difference in the normal mode and then scanning out the internal state in the test mode, we first determine the position of all scan elements in the scan chain. Then, based on a systematic analysis of the structure of the nonlinear substitution boxes, and using three additional plaintexts we discover the DES secret key. Finally, some assumptions in the attack are discussed.

Ramesh Karri | Bo Yang | Kaijie Wu

[1] Don Douglas Josephson,et al. Debug methodology for the McKinley processor , 2001, Proceedings International Test Conference 2001 (Cat. No.01CH37260).

[2] Paul C. Kocher,et al. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[3] Malgorzata Marek-Sadowska,et al. Functional scan chain testing , 1998, DATE.

[4] A. P. Chandrakasan,et al. An energy-efficient reconfigurable public-key cryptography processor , 2001, IEEE J. Solid State Circuits.

[5] Ralph Howard,et al. Data encryption standard , 1987 .

[6] Eli Biham,et al. Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[7] M. Kuhn,et al. The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[8] Patrick Schaumont,et al. Design and performance testing of a 2.29-GB/s Rijndael processor , 2003, IEEE J. Solid State Circuits.