Secure scan: a design-for-test architecture for crypto chips

Bo Yang, Kaijie Wu, R. Karri
2005 Proceedings. 42nd Design Automation Conference, 2005.  
Scan-based Design-for-Test (DFT) is a powerful testing scheme, but it can be used to retrieve the secrets stored in a crypto chip thus compromising its security. On one hand, sacrificing security for testability by using traditional scan-based DFT restricts its use in privacy sensitive applications. On the other hand, sacrificing testability for security by abandoning scan-based DFT hurts product quality. The security of a crypto chip comes from the small secret key stored in a few registers
more » ... the testability of a crypto chip comes from the data path and control path implementing the crypto algorithm. Based on this key observation, we propose a novel scan DFT architecture called secure scan that maintains the high test quality of traditional scan DFT without compromising the security. We used a hardware implementation of the Advanced Encryption Standard (AES) to show that the traditional Scan DFT scheme can compromise the secret key. We then showed that by using secure scan DFT, neither the secret key nor the testability of the AES implementation is compromised.
doi:10.1109/dac.2005.193787 fatcat:rxs6mccfbrg3jbhuz3gobuawje