Secure scan: a design-for-test architecture for crypto chips

Scan-based design for test (DFT) is a powerful testing scheme, but it can be used to retrieve the secrets stored in a crypto chip, thus compromising its security. On one hand, sacrificing the security for testability by using a traditional scan-based DFT restricts its use in privacy sensitive applications. On the other hand, sacrificing the testability for security by abandoning the scan-based DFT hurts the product quality. The security of a crypto chip comes from the small secret key stored in a few registers, and the testability of a crypto chip comes from the data path and control path implementing the crypto algorithm. Based on this key observation, the authors propose a novel scan DFT architecture called secure scan that maintains the high test quality of traditional scan DFT without compromising the security. They used a hardware implementation of the advanced encryption standard to show that the traditional scan DFT scheme can compromise the secret key. They then showed that by using secure-scan DFT, neither the secret key nor the testability of the AES implementation is compromised

[1]  Alex Orailoglu,et al.  Circularscan: a scan architecture for test cost reduction , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[2]  Don Douglas Josephson,et al.  Debug methodology for the McKinley processor , 2001, Proceedings International Test Conference 2001 (Cat. No.01CH37260).

[3]  Bruno Rouzeyre,et al.  Test control for secure scan designs , 2005, European Test Symposium (ETS'05).

[4]  Dhiraj K. Pradhan,et al.  IEEE International On-Line Testing Symposium , 2008 .

[5]  M. Renovell,et al.  Scan design and secure chip [secure IC testing] , 2004, Proceedings. 10th IEEE International On-Line Testing Symposium.

[6]  Michel Renovell,et al.  Scan Design and Secure Chip , 2004, IOLTS.

[7]  Wolfgang Fichtner,et al.  A 177 Mb/s VLSI implementation of the International Data Encryption Algorithm , 1994 .

[8]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[9]  Wenjing Rao,et al.  Test application time and volume compression through seed overlapping , 2003, Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451).

[10]  Sandra Dominikus,et al.  A Highly Regular and Scalable AES Hardware Architecture , 2003, IEEE Trans. Computers.

[11]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[12]  Eli Biham,et al.  Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer , 1991, CRYPTO.

[13]  Edward W. Chencinski,et al.  S/390 Parallel Enterprise Server CMOS Cryptographic Coprocessor , 1999, IBM J. Res. Dev..

[14]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004, 2004 International Conferce on Test.

[15]  William M. Daley,et al.  Security Requirements for Cryptographic Modules , 1999 .

[16]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .