Scan attack in presence of mode-reset countermeasure

Sk Subidh Ali, Samah Mohamed Saeed, Ozgur Sinanoglu, Ramesh Karri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Design for testability (DFT) is the most common testing technique used in the modern VLSI industries. However, when this technique is incorporated in a cryptographic circuit, it may open a back door to an attacker. The attacker can get access to the internal scan chains by switching the device from the normal mode to the test mode and then observe the chip content. The scan cells which were originally used to enhance the testability, can thus be misused to access the intermediate results of the cryptographic algorithm running inside the chip. One countermeasure against such attacks is to reset the device whenever there is a switch from the normal mode to the test mode. In this work we are going to analyse this countermeasure and show that it is not completely secure against scan attack. We show that an attack is possible using only the test mode which will bypass the countermeasure.

Original languageEnglish (US)
Title of host publicationProceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013
Pages230-231
Number of pages2
DOIs
StatePublished - 2013
Event2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013 - Chania, Crete, Greece
Duration: Jul 8 2013Jul 10 2013

Other

Other2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013
CountryGreece
CityChania, Crete
Period7/8/137/10/13

Fingerprint

Design for testability
Switches
Networks (circuits)
Testing
Industry

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality

Cite this

Ali, S. S., Saeed, S. M., Sinanoglu, O., & Karri, R. (2013). Scan attack in presence of mode-reset countermeasure. In Proceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013 (pp. 230-231). [6604086] https://doi.org/10.1109/IOLTS.2013.6604086

Scan attack in presence of mode-reset countermeasure. / Ali, Sk Subidh; Saeed, Samah Mohamed; Sinanoglu, Ozgur; Karri, Ramesh.

Proceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013. 2013. p. 230-231 6604086.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ali, SS, Saeed, SM, Sinanoglu, O & Karri, R 2013, Scan attack in presence of mode-reset countermeasure. in Proceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013., 6604086, pp. 230-231, 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013, Chania, Crete, Greece, 7/8/13. https://doi.org/10.1109/IOLTS.2013.6604086
Ali SS, Saeed SM, Sinanoglu O, Karri R. Scan attack in presence of mode-reset countermeasure. In Proceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013. 2013. p. 230-231. 6604086 https://doi.org/10.1109/IOLTS.2013.6604086
Ali, Sk Subidh ; Saeed, Samah Mohamed ; Sinanoglu, Ozgur ; Karri, Ramesh. / Scan attack in presence of mode-reset countermeasure. Proceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013. 2013. pp. 230-231
@inproceedings{86a015120f5b44bcb0f12f0da0c8b27b,
title = "Scan attack in presence of mode-reset countermeasure",
abstract = "Design for testability (DFT) is the most common testing technique used in the modern VLSI industries. However, when this technique is incorporated in a cryptographic circuit, it may open a back door to an attacker. The attacker can get access to the internal scan chains by switching the device from the normal mode to the test mode and then observe the chip content. The scan cells which were originally used to enhance the testability, can thus be misused to access the intermediate results of the cryptographic algorithm running inside the chip. One countermeasure against such attacks is to reset the device whenever there is a switch from the normal mode to the test mode. In this work we are going to analyse this countermeasure and show that it is not completely secure against scan attack. We show that an attack is possible using only the test mode which will bypass the countermeasure.",
author = "Ali, {Sk Subidh} and Saeed, {Samah Mohamed} and Ozgur Sinanoglu and Ramesh Karri",
year = "2013",
doi = "10.1109/IOLTS.2013.6604086",
language = "English (US)",
isbn = "9781479906628",
pages = "230--231",
booktitle = "Proceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013",

}

TY - GEN

T1 - Scan attack in presence of mode-reset countermeasure

AU - Ali, Sk Subidh

AU - Saeed, Samah Mohamed

AU - Sinanoglu, Ozgur

AU - Karri, Ramesh

PY - 2013

Y1 - 2013

N2 - Design for testability (DFT) is the most common testing technique used in the modern VLSI industries. However, when this technique is incorporated in a cryptographic circuit, it may open a back door to an attacker. The attacker can get access to the internal scan chains by switching the device from the normal mode to the test mode and then observe the chip content. The scan cells which were originally used to enhance the testability, can thus be misused to access the intermediate results of the cryptographic algorithm running inside the chip. One countermeasure against such attacks is to reset the device whenever there is a switch from the normal mode to the test mode. In this work we are going to analyse this countermeasure and show that it is not completely secure against scan attack. We show that an attack is possible using only the test mode which will bypass the countermeasure.

AB - Design for testability (DFT) is the most common testing technique used in the modern VLSI industries. However, when this technique is incorporated in a cryptographic circuit, it may open a back door to an attacker. The attacker can get access to the internal scan chains by switching the device from the normal mode to the test mode and then observe the chip content. The scan cells which were originally used to enhance the testability, can thus be misused to access the intermediate results of the cryptographic algorithm running inside the chip. One countermeasure against such attacks is to reset the device whenever there is a switch from the normal mode to the test mode. In this work we are going to analyse this countermeasure and show that it is not completely secure against scan attack. We show that an attack is possible using only the test mode which will bypass the countermeasure.

UR - http://www.scopus.com/inward/record.url?scp=84885235108&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84885235108&partnerID=8YFLogxK

U2 - 10.1109/IOLTS.2013.6604086

DO - 10.1109/IOLTS.2013.6604086

M3 - Conference contribution

AN - SCOPUS:84885235108

SN - 9781479906628

SP - 230

EP - 231

BT - Proceedings of the 2013 IEEE 19th International On-Line Testing Symposium, IOLTS 2013

ER -