Secure scan: a design-for-test architecture for crypto chips
Proceedings of the 42nd annual Design Automation Conference
Proceedings of the conference on Design, automation and test in Europe: Designers' forum
A secure scan design methodology
Proceedings of the conference on Design, automation and test in Europe: Proceedings
Securing Scan Control in Crypto Chips
Journal of Electronic Testing: Theory and Applications
Securing Designs against Scan-Based Side-Channel Attacks
IEEE Transactions on Dependable and Secure Computing
CASP: concurrent autonomous chip self-test using stored test patterns
Proceedings of the conference on Design, automation and test in Europe
Scan Based Side Channel Attacks on Stream Ciphers and Their Counter-Measures
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
A Secure Test Technique for Pipelined Advanced Encryption Standard
IEICE - Transactions on Information and Systems
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
A logic built-in self-test architecture that reuses manufacturing compressed scan test patterns
Proceedings of the 22nd Annual Symposium on Integrated Circuits and System Design: Chip on the Dunes
Self-test techniques for crypto-devices
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Detecting/preventing information leakage on the memory bus due to malicious hardware
Proceedings of the Conference on Design, Automation and Test in Europe
Scan-based attack against elliptic curve cryptosystems
Proceedings of the 2010 Asia and South Pacific Design Automation Conference
Secure and testable scan design using extended de Bruijn graphs
Proceedings of the 2010 Asia and South Pacific Design Automation Conference
Secure scan design using shift register equivalents against differential behavior attack
Proceedings of the 16th Asia and South Pacific Design Automation Conference
Balanced Secure Scan: Partial Scan Approach for Secret Information Protection
Journal of Electronic Testing: Theory and Applications
An exploration of mechanisms for dynamic cryptographic instruction set extension
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
SPONGENT: a lightweight hash function
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
STEP: a unified design methodology for secure test and IP core protection
Proceedings of the great lakes symposium on VLSI
A new scan attack on RSA in presence of industrial countermeasures
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
PUF-based secure test wrapper design for cryptographic SoC testing
DATE '12 Proceedings of the Conference on Design, Automation and Test in Europe
A novel differential scan attack on advanced DFT structures
ACM Transactions on Design Automation of Electronic Systems (TODAES) - Special Section on Networks on Chip: Architecture, Tools, and Methodologies
| Hi-index | 0.00 |
Scan based test is a double edged sword. On one hand, it is a powerful test technique. On the other hand, it is an equally powerful attack tool. In this paper we show that scan chains can be used as a side channel to recover secret keys from a hardware implementation of the Data Encryption Standard (DES). By loading pairs of known plaintexts with one-bit difference in the normal mode and then scanning out the internal state in the test mode, we first determine the position of all scan elements in the scan chain. Then, based on a systematic analysis of the structure of the nonlinear substitution boxes, and using three additional plaintexts we discover the DES secret key. Finally, some assumptions in the attack are discussed.