Scan attack on Elliptic Curve Cryptosystem

Sk Subidh Ali, Ozgur Sinanoglu

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    We present a new scan attack on hardware implementation of Elliptic Curve Cryptography (ECC), a representative public key cipher. The existing scan attacks on ECC exploit the Design for Testability (DfT) infrastructure of the implementation to identify the internal registers used in the scalar multiplication, and leak the secret key based on a bit-flip analysis in the scalar multiplication registers. These attacks assume two internal registers are affected by the secret key in the ECC. In practical implementations, multiple internal registers are affected by the secret key, significantly complicating the identification of the targeted registers. Furthermore, existing scan attacks rely on a switch from normal to test mode, fail against the widely utilized mode-reset countermeasure. The proposed attack identifies the internal registers in a depth-first search fashion, where registers corresponding to the innermost module of the hardware design are identified first. This attack identifies all the registers related to the secret key, and does so by remaining only in the test mode, thus overcoming both limitations of the existing scan attacks.

    Original languageEnglish (US)
    Title of host publicationProceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    Pages115-118
    Number of pages4
    ISBN (Electronic)9781509003129
    DOIs
    StatePublished - Nov 2 2015
    Event28th IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015 - Amherst, United States
    Duration: Oct 12 2015Oct 14 2015

    Other

    Other28th IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015
    CountryUnited States
    CityAmherst
    Period10/12/1510/14/15

    Fingerprint

    Cryptography
    Design for testability
    Computer hardware
    Switches
    Hardware

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering
    • Safety, Risk, Reliability and Quality

    Cite this

    Ali, S. S., & Sinanoglu, O. (2015). Scan attack on Elliptic Curve Cryptosystem. In Proceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015 (pp. 115-118). [7315146] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DFT.2015.7315146

    Scan attack on Elliptic Curve Cryptosystem. / Ali, Sk Subidh; Sinanoglu, Ozgur.

    Proceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. p. 115-118 7315146.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Ali, SS & Sinanoglu, O 2015, Scan attack on Elliptic Curve Cryptosystem. in Proceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015., 7315146, Institute of Electrical and Electronics Engineers Inc., pp. 115-118, 28th IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015, Amherst, United States, 10/12/15. https://doi.org/10.1109/DFT.2015.7315146
    Ali SS, Sinanoglu O. Scan attack on Elliptic Curve Cryptosystem. In Proceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 115-118. 7315146 https://doi.org/10.1109/DFT.2015.7315146
    Ali, Sk Subidh ; Sinanoglu, Ozgur. / Scan attack on Elliptic Curve Cryptosystem. Proceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 115-118
    @inproceedings{037c74b967bd4511aa002e90c6cd8400,
    title = "Scan attack on Elliptic Curve Cryptosystem",
    abstract = "We present a new scan attack on hardware implementation of Elliptic Curve Cryptography (ECC), a representative public key cipher. The existing scan attacks on ECC exploit the Design for Testability (DfT) infrastructure of the implementation to identify the internal registers used in the scalar multiplication, and leak the secret key based on a bit-flip analysis in the scalar multiplication registers. These attacks assume two internal registers are affected by the secret key in the ECC. In practical implementations, multiple internal registers are affected by the secret key, significantly complicating the identification of the targeted registers. Furthermore, existing scan attacks rely on a switch from normal to test mode, fail against the widely utilized mode-reset countermeasure. The proposed attack identifies the internal registers in a depth-first search fashion, where registers corresponding to the innermost module of the hardware design are identified first. This attack identifies all the registers related to the secret key, and does so by remaining only in the test mode, thus overcoming both limitations of the existing scan attacks.",
    author = "Ali, {Sk Subidh} and Ozgur Sinanoglu",
    year = "2015",
    month = "11",
    day = "2",
    doi = "10.1109/DFT.2015.7315146",
    language = "English (US)",
    pages = "115--118",
    booktitle = "Proceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015",
    publisher = "Institute of Electrical and Electronics Engineers Inc.",

    }

    TY - GEN

    T1 - Scan attack on Elliptic Curve Cryptosystem

    AU - Ali, Sk Subidh

    AU - Sinanoglu, Ozgur

    PY - 2015/11/2

    Y1 - 2015/11/2

    N2 - We present a new scan attack on hardware implementation of Elliptic Curve Cryptography (ECC), a representative public key cipher. The existing scan attacks on ECC exploit the Design for Testability (DfT) infrastructure of the implementation to identify the internal registers used in the scalar multiplication, and leak the secret key based on a bit-flip analysis in the scalar multiplication registers. These attacks assume two internal registers are affected by the secret key in the ECC. In practical implementations, multiple internal registers are affected by the secret key, significantly complicating the identification of the targeted registers. Furthermore, existing scan attacks rely on a switch from normal to test mode, fail against the widely utilized mode-reset countermeasure. The proposed attack identifies the internal registers in a depth-first search fashion, where registers corresponding to the innermost module of the hardware design are identified first. This attack identifies all the registers related to the secret key, and does so by remaining only in the test mode, thus overcoming both limitations of the existing scan attacks.

    AB - We present a new scan attack on hardware implementation of Elliptic Curve Cryptography (ECC), a representative public key cipher. The existing scan attacks on ECC exploit the Design for Testability (DfT) infrastructure of the implementation to identify the internal registers used in the scalar multiplication, and leak the secret key based on a bit-flip analysis in the scalar multiplication registers. These attacks assume two internal registers are affected by the secret key in the ECC. In practical implementations, multiple internal registers are affected by the secret key, significantly complicating the identification of the targeted registers. Furthermore, existing scan attacks rely on a switch from normal to test mode, fail against the widely utilized mode-reset countermeasure. The proposed attack identifies the internal registers in a depth-first search fashion, where registers corresponding to the innermost module of the hardware design are identified first. This attack identifies all the registers related to the secret key, and does so by remaining only in the test mode, thus overcoming both limitations of the existing scan attacks.

    UR - http://www.scopus.com/inward/record.url?scp=84962897495&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84962897495&partnerID=8YFLogxK

    U2 - 10.1109/DFT.2015.7315146

    DO - 10.1109/DFT.2015.7315146

    M3 - Conference contribution

    SP - 115

    EP - 118

    BT - Proceedings of the 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, DFTS 2015

    PB - Institute of Electrical and Electronics Engineers Inc.

    ER -