Scan-based attacks on linear feedback shift register based stream ciphers

Authors:
Yu Liu;Kaijie Wu;Ramesh Karri
Affiliations:
University of Illinois at Chicago, IL;University of Illinois at Chicago, IL;Polytechnic Institute of New York University, Brooklyn, NY
Venue:
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Year:
2011

Citing 8
Cited 2

Handbook of Applied Cryptography

Handbook of Applied Cryptography
The LILI-II Keystream Generator

ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Debug methodology for the McKinley processor

Proceedings of the IEEE International Test Conference 2001
Scan Design and Secure Chip

IOLTS '04 Proceedings of the International On-Line Testing Symposium, 10th IEEE
Secure scan: a design-for-test architecture for crypto chips

Proceedings of the 42nd annual Design Automation Conference
Securing Scan Design Using Lock and Key Technique

DFT '05 Proceedings of the 20th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems
A Low-Cost Solution for Protecting IPs Against Scan-Based Side-Channel Attacks

VTS '06 Proceedings of the 24th IEEE VLSI Test Symposium
Secure Scan: A Design-for-Test Architecture for Crypto Chips

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

A new scan attack on RSA in presence of industrial countermeasures

COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
A novel differential scan attack on advanced DFT structures

ACM Transactions on Design Automation of Electronic Systems (TODAES) - Special Section on Networks on Chip: Architecture, Tools, and Methodologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

Stream cipher is an important class of encryption algorithm that encrypts plaintext messages one bit at a time. Various stream ciphers are deployed in wireless telecommunication applications because they have simple hardware circuitry, are generally fast and consume very low power. On the other hand, scan-based Design-for-Test (DFT) is one of the most popular methods to test IC devices. All flip-flops in the Design Under Test are connected to one or more scan chains and the states of the flip-flops can be scanned out through these chains. In this paper, we present an attack on stream cipher implementations by determining the scan chain structure of the Linear Feedback Shift Registers in their implementations. Although scan-based DFT is a powerful testing scheme, we show that it can be used to retrieve the information stored in a crypto chip thus compromising its theoretically proven security.