Scan-based attacks on linear feedback shift register based stream ciphers

Yu Liu, Kaijie Wu, Ramesh Karri

Research output: Contribution to journalArticle

Abstract

Stream cipher is an important class of encryption algorithm that encrypts plaintext messages one bit at a time. Various stream ciphers are deployed in wireless telecommunication applications because they have simple hardware circuitry, are generally fast and consume very low power. On the other hand, scan-based Design-for-Test (DFT) is one of the most popular methods to test IC devices. All flip-flops in the Design Under Test are connected to one or more scan chains and the states of the flip-flops can be scanned out through these chains. In this paper, we present an attack on stream cipher implementations by determining the scan chain structure of the Linear Feedback Shift Registers in their implementations. Although scan-based DFT is a powerful testing scheme, we show that it can be used to retrieve the information stored in a crypto chip thus compromising its theoretically proven security.

Original languageEnglish (US)
Article number20
JournalACM Transactions on Design Automation of Electronic Systems
Volume16
Issue number2
DOIs
StatePublished - Mar 2011

Fingerprint

Shift registers
Flip flop circuits
Feedback
Cryptography
Telecommunication
Hardware
Testing

Keywords

  • LFSR
  • RFID
  • Scan-based DFT
  • Side-channel attack
  • Stream Cipher

ASJC Scopus subject areas

  • Computer Science Applications
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering

Cite this

Scan-based attacks on linear feedback shift register based stream ciphers. / Liu, Yu; Wu, Kaijie; Karri, Ramesh.

In: ACM Transactions on Design Automation of Electronic Systems, Vol. 16, No. 2, 20, 03.2011.

Research output: Contribution to journalArticle

@article{66995bdb1c184c64b3bc89a8c2ab3b1f,
title = "Scan-based attacks on linear feedback shift register based stream ciphers",
abstract = "Stream cipher is an important class of encryption algorithm that encrypts plaintext messages one bit at a time. Various stream ciphers are deployed in wireless telecommunication applications because they have simple hardware circuitry, are generally fast and consume very low power. On the other hand, scan-based Design-for-Test (DFT) is one of the most popular methods to test IC devices. All flip-flops in the Design Under Test are connected to one or more scan chains and the states of the flip-flops can be scanned out through these chains. In this paper, we present an attack on stream cipher implementations by determining the scan chain structure of the Linear Feedback Shift Registers in their implementations. Although scan-based DFT is a powerful testing scheme, we show that it can be used to retrieve the information stored in a crypto chip thus compromising its theoretically proven security.",
keywords = "LFSR, RFID, Scan-based DFT, Side-channel attack, Stream Cipher",
author = "Yu Liu and Kaijie Wu and Ramesh Karri",
year = "2011",
month = "3",
doi = "10.1145/1929943.1929952",
language = "English (US)",
volume = "16",
journal = "ACM Transactions on Design Automation of Electronic Systems",
issn = "1084-4309",
publisher = "Association for Computing Machinery (ACM)",
number = "2",

}

TY - JOUR

T1 - Scan-based attacks on linear feedback shift register based stream ciphers

AU - Liu, Yu

AU - Wu, Kaijie

AU - Karri, Ramesh

PY - 2011/3

Y1 - 2011/3

N2 - Stream cipher is an important class of encryption algorithm that encrypts plaintext messages one bit at a time. Various stream ciphers are deployed in wireless telecommunication applications because they have simple hardware circuitry, are generally fast and consume very low power. On the other hand, scan-based Design-for-Test (DFT) is one of the most popular methods to test IC devices. All flip-flops in the Design Under Test are connected to one or more scan chains and the states of the flip-flops can be scanned out through these chains. In this paper, we present an attack on stream cipher implementations by determining the scan chain structure of the Linear Feedback Shift Registers in their implementations. Although scan-based DFT is a powerful testing scheme, we show that it can be used to retrieve the information stored in a crypto chip thus compromising its theoretically proven security.

AB - Stream cipher is an important class of encryption algorithm that encrypts plaintext messages one bit at a time. Various stream ciphers are deployed in wireless telecommunication applications because they have simple hardware circuitry, are generally fast and consume very low power. On the other hand, scan-based Design-for-Test (DFT) is one of the most popular methods to test IC devices. All flip-flops in the Design Under Test are connected to one or more scan chains and the states of the flip-flops can be scanned out through these chains. In this paper, we present an attack on stream cipher implementations by determining the scan chain structure of the Linear Feedback Shift Registers in their implementations. Although scan-based DFT is a powerful testing scheme, we show that it can be used to retrieve the information stored in a crypto chip thus compromising its theoretically proven security.

KW - LFSR

KW - RFID

KW - Scan-based DFT

KW - Side-channel attack

KW - Stream Cipher

UR - http://www.scopus.com/inward/record.url?scp=79953889852&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79953889852&partnerID=8YFLogxK

U2 - 10.1145/1929943.1929952

DO - 10.1145/1929943.1929952

M3 - Article

AN - SCOPUS:79953889852

VL - 16

JO - ACM Transactions on Design Automation of Electronic Systems

JF - ACM Transactions on Design Automation of Electronic Systems

SN - 1084-4309

IS - 2

M1 - 20

ER -