Mengqiang Lu
ABSTRACT
Scan chain design can improve the testability of a circuit while it can be used as a side-channel to access the sensitive information inside a cryptographic chip for the crack of cipher key. To secure the scan design while maintaining its testability, this paper proposes a memristor-based secure scan design. A lock and key scheme is introduced. Physical unclonable function (PUF) is used to generate a unique test key for each chip. When an input test key matches the PUF-based key, the scan chain can be used normally for testing. Otherwise, the data in some scan cells are obfuscated by the random bits, which are generated by reading the status of a memristor. As the random bits do not relate to the original test data, an adversary cannot access useful information from scan chain to deduce the cipher key. The experimental results show that the proposed secure scan design can resist all existing attacks while incurring low overhead. Also, the testability of the original design is not affected.
Supplemental Material
- M. L. Bushnell and V. D. Agrawal, Essentials of electronic testing for digital, memory and mixed-signal VLSI circuits, volume 17, Springer Science & Business Media, 2004.Google Scholar
- Bo Y., K. Wu, and R. Karri, "Scan-based side-channel attack on dedicated hardware implementations of data encryption standard," in Proc. of the Int. Test Conf. (ITC), Washington DC, USA, Oct. 2004, pp. 339--344.Google Scholar
- Bo Y., K. Wu, and R. Karri, "Secure scan: A design-for-test architecture for crypto chips," IEEE Trans. CAD Integr. Cir. Syst., vol. 25, no. 10, Oct. 2006, pp. 2287--2293.Google ScholarDigital Library
- R. Nara, K. Satoh, M. Yanagisawa, T. Ohtsuki, and N. Togawa, "Scan-based side-channel attack against RSA cryptosystems using scan signatures," IEICE transactions on fundamentals of electronics, communications and computer sciences, vol. 93, no. 12, pp. 2481--2489, 2010.Google Scholar
- R. Nara, N. Togawa, M. Yanagisawa, and T. Ohtsuki, "Scan-based attack against elliptic curve cryptosystems," in 2010 15th Asia and South Pacific Design Automation Conference (ASP-DAC), Taipei, Taiwan, Jan. 2010, pp. 407--412.Google Scholar
- A. Cui, Y. Luo, H. Li, and G. Qu, "Why current secure scan designs fail and how to fix them?" Integration, vol. 56, 2017, pp. 105--114.Google ScholarDigital Library
- S. Ahlawat, D. Vaghani, and V. Singh, "Preventing scan-based side-channel attacks through key masking," in 2017 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT), Cambridge, UK, Oct. 2017, pp. 1--4.Google Scholar
- J. Lee, M. Tehranipoor, C. Patel, and J. Plusquellic, "Securing designs against scan-based side-channel attacks," IEEE transactions on dependable and secure computing, vol. 4, no. 4, 2007, pp. 325--336.Google Scholar
- Y. Atobe, Y. Shi, M. Yanagisawa, and N. Togawa, "Secure scan design with dynamically configurable connection," in Proc. 19th Pacific Rim Int. Symp. Dependable Computing (PRDC), Vancouver, Canada, Dec. 2013, pp. 256--262.Google Scholar
- X. Wang, D. Zhang, M. He, D. Su and M. Tehranipoor, "Secure Scan and Test Using Obfuscation Throughout Supply Chain," IEEE Trans. Computer-aided Design of Integrated Circuits and Sys-tems, vol. 37, no. 9, 2018, pp. 1867--1880.Google ScholarDigital Library
- M. Da Silva et al., "Scan chain encryption for the test, diagnosis and debug of secure circuits," in Proc. 22nd IEEE Test Symp. (ETS), Limassol, Cyprus, 2017, pp. 1--6.Google Scholar
- Y. Luo, A. Cui, G. Qu, and H. Li, "A new countermeasure against scan-based side-channel attacks," in 2016 IEEE International Symposium on Circuits and Systems (ISCAS), 2016: IEEE, pp. 1722--1725.Google Scholar
- A. Cui, Y. Luo, and C. H. Chang, "Static and Dynamic Obfuscations of Scan Data Against Scan-Based Side-Channel Attacks," IEEE Trans. Inf. Forensic Secur., vol. 12, no. 2, Feb. 2017, pp. 363--376.Google ScholarDigital Library
- A. Cui, C. H. Chang, W. Zhou, and Y. Zheng, "A New PUF Based Lock and Key Solution for Secure In-field Testing of Cryptographic Chips," IEEE Transactions on Emerging Topics in Computing, vol.. 9, no. 2, June 2021, pp. 1095--1105.Google ScholarCross Ref
- A. Cui, M. Li, G. Qu, and H. Li, "A guaranteed secure scan design based on test data obfuscation by cryptographic hash," IEEE Trans. Comput-Aided Des. Integr. Circuits Syst., vol. 39, no. 12, Dec. 2020, pp. 4524--4536.Google ScholarCross Ref
- L. Chua, "Memristor-the missing circuit element," IEEE Transactions on circuit theory, vol. 18, no. 5, 1971, pp. 507--519.Google ScholarCross Ref
- D. B. Strukov, G. S. Snider, D. R. Stewart, and R. S. Williams, "The missing memristor found," nature, vol. 453, no. 7191, 2008, pp. 80--83.Google Scholar
- V. Van der Leest, G.-J. Schrijen, H. Handschuh, and P. Tuyls, "Hardware intrinsic security from D flip-flops," in Proceedings of the fifth ACM workshop on Scalable trusted computing, pp. 53--62, 2010.Google Scholar
- T. Chang, S.-H. Jo, and W. Lu, "Short-term memory to long-term memory transition in a nanoscale memristor," ACS nano, vol. 5, no. 9, pp. 7669--7676, 2011.Google ScholarCross Ref
Index Terms
- A Memristor-based Secure Scan Design against the Scan-based Side-Channel Attacks
Recommendations
Why current secure scan designs fail and how to fix them?
Scan design has become another side channel of leaking confidential information inside cryptographic chips. Methods based on obfuscating scan chain order have been proposed as countermeasures for such scan-based attacks. In this paper, we first analyze ...
Secure Scan Design with Dynamically Configurable Connection
PRDC '13: Proceedings of the 2013 IEEE 19th Pacific Rim International Symposium on Dependable ComputingScan test is a powerful test technique which can control and observe the internal states of the circuit under test through scan chains. However, it has been reported that it's possible to retrieve secret keys from cryptographic LSIs through scan chains. ...
Static and Dynamic Obfuscations of Scan Data Against Scan-Based Side-Channel Attacks
Due to the fallibility of advanced integrated circuit (IC) fabrication processes, scan test has been widely used by cryptographic ICs to provide high fault coverage. Full controllability and observability offered by the scan design also open out the ...
Comments