AES design space exploration new line for scan attack resiliency

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Crypto-chips are vulnerable to side-channel attacks. Scan attack is one such side-channel attack which uses the scan-based DFT test infrastructure to leak the secret information of the crypto-chip. In the presence of scan, an attacker can run the chip in normal mode, and then by switching to the test mode, retrieve the intermediate results of the crypto-chip. Using only a few input-output pairs one can retrieve the entire secret key. Almost all the scan attacks on AES crypto-chip use the same iterative 128-bit AES design where the round register is placed exactly after the round operation. However, the attack potency may vary depending on the design of AES. In this work, we consider various designs of AES. We shed light on the impact of design style on the scan attack. We also consider response compaction in our analysis. We show that certain design decisions deliver inherent resistance to scan attack.

Original languageEnglish (US)
Title of host publicationIEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC
PublisherIEEE Computer Society
Volume2015-January
EditionJanuary
DOIs
StatePublished - Jan 7 2015
Event2014 22nd International Conference on Very Large Scale Integration, VLSI-SoC 2014 - Playa del Carmen, Mexico
Duration: Oct 6 2014Oct 8 2014

Other

Other2014 22nd International Conference on Very Large Scale Integration, VLSI-SoC 2014
CountryMexico
CityPlaya del Carmen
Period10/6/1410/8/14

Fingerprint

Discrete Fourier transforms
Compaction
Side channel attack

Keywords

  • AES Scan Chain
  • Scan Attack
  • Scan-based DFT
  • Security
  • Testability

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software
  • Electrical and Electronic Engineering

Cite this

Ali, S. S., Sinanoglu, O., & Karri, R. (2015). AES design space exploration new line for scan attack resiliency. In IEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC (January ed., Vol. 2015-January). [7004193] IEEE Computer Society. https://doi.org/10.1109/VLSI-SoC.2014.7004193

AES design space exploration new line for scan attack resiliency. / Ali, Sk Subidh; Sinanoglu, Ozgur; Karri, Ramesh.

IEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC. Vol. 2015-January January. ed. IEEE Computer Society, 2015. 7004193.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ali, SS, Sinanoglu, O & Karri, R 2015, AES design space exploration new line for scan attack resiliency. in IEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC. January edn, vol. 2015-January, 7004193, IEEE Computer Society, 2014 22nd International Conference on Very Large Scale Integration, VLSI-SoC 2014, Playa del Carmen, Mexico, 10/6/14. https://doi.org/10.1109/VLSI-SoC.2014.7004193
Ali SS, Sinanoglu O, Karri R. AES design space exploration new line for scan attack resiliency. In IEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC. January ed. Vol. 2015-January. IEEE Computer Society. 2015. 7004193 https://doi.org/10.1109/VLSI-SoC.2014.7004193
Ali, Sk Subidh ; Sinanoglu, Ozgur ; Karri, Ramesh. / AES design space exploration new line for scan attack resiliency. IEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC. Vol. 2015-January January. ed. IEEE Computer Society, 2015.
@inproceedings{ab1089e9f55f41229347fcf59fb64530,
title = "AES design space exploration new line for scan attack resiliency",
abstract = "Crypto-chips are vulnerable to side-channel attacks. Scan attack is one such side-channel attack which uses the scan-based DFT test infrastructure to leak the secret information of the crypto-chip. In the presence of scan, an attacker can run the chip in normal mode, and then by switching to the test mode, retrieve the intermediate results of the crypto-chip. Using only a few input-output pairs one can retrieve the entire secret key. Almost all the scan attacks on AES crypto-chip use the same iterative 128-bit AES design where the round register is placed exactly after the round operation. However, the attack potency may vary depending on the design of AES. In this work, we consider various designs of AES. We shed light on the impact of design style on the scan attack. We also consider response compaction in our analysis. We show that certain design decisions deliver inherent resistance to scan attack.",
keywords = "AES Scan Chain, Scan Attack, Scan-based DFT, Security, Testability",
author = "Ali, {Sk Subidh} and Ozgur Sinanoglu and Ramesh Karri",
year = "2015",
month = "1",
day = "7",
doi = "10.1109/VLSI-SoC.2014.7004193",
language = "English (US)",
volume = "2015-January",
booktitle = "IEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC",
publisher = "IEEE Computer Society",
edition = "January",

}

TY - GEN

T1 - AES design space exploration new line for scan attack resiliency

AU - Ali, Sk Subidh

AU - Sinanoglu, Ozgur

AU - Karri, Ramesh

PY - 2015/1/7

Y1 - 2015/1/7

N2 - Crypto-chips are vulnerable to side-channel attacks. Scan attack is one such side-channel attack which uses the scan-based DFT test infrastructure to leak the secret information of the crypto-chip. In the presence of scan, an attacker can run the chip in normal mode, and then by switching to the test mode, retrieve the intermediate results of the crypto-chip. Using only a few input-output pairs one can retrieve the entire secret key. Almost all the scan attacks on AES crypto-chip use the same iterative 128-bit AES design where the round register is placed exactly after the round operation. However, the attack potency may vary depending on the design of AES. In this work, we consider various designs of AES. We shed light on the impact of design style on the scan attack. We also consider response compaction in our analysis. We show that certain design decisions deliver inherent resistance to scan attack.

AB - Crypto-chips are vulnerable to side-channel attacks. Scan attack is one such side-channel attack which uses the scan-based DFT test infrastructure to leak the secret information of the crypto-chip. In the presence of scan, an attacker can run the chip in normal mode, and then by switching to the test mode, retrieve the intermediate results of the crypto-chip. Using only a few input-output pairs one can retrieve the entire secret key. Almost all the scan attacks on AES crypto-chip use the same iterative 128-bit AES design where the round register is placed exactly after the round operation. However, the attack potency may vary depending on the design of AES. In this work, we consider various designs of AES. We shed light on the impact of design style on the scan attack. We also consider response compaction in our analysis. We show that certain design decisions deliver inherent resistance to scan attack.

KW - AES Scan Chain

KW - Scan Attack

KW - Scan-based DFT

KW - Security

KW - Testability

UR - http://www.scopus.com/inward/record.url?scp=84936867625&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84936867625&partnerID=8YFLogxK

U2 - 10.1109/VLSI-SoC.2014.7004193

DO - 10.1109/VLSI-SoC.2014.7004193

M3 - Conference contribution

AN - SCOPUS:84936867625

VL - 2015-January

BT - IEEE/IFIP International Conference on VLSI and System-on-Chip, VLSI-SoC

PB - IEEE Computer Society

ER -