Test Versus Security: Past and Present

Jean Da Rolt, Amitabh Das, Giorgio Di Natale, Marie-Lise Flottes, Bruno Rouzeyre, Ingrid Verbauwhede
2014 IEEE Transactions on Emerging Topics in Computing  
Cryptographic circuits need to be protected against side-channel attacks, which target their physical attributes while the cryptographic algorithm is in execution. There can be various side-channels, such as power, timing, electromagnetic radiation, fault response, and so on. One such important side-channel is the design-for-testability (DfT) infrastructure present for effective and timely testing of VLSI circuits. The attacker can extract secret information stored on the chip by scanning out
more » ... st responses against some chosen plaintext inputs. The purpose of this paper is to first present a detailed survey on the state-of-the-art in scan-based side-channel attacks on symmetric and public-key cryptographic hardware implementations, both in the absence and presence of advanced DfT structures, such as test compression and X-masking, which may make the attack difficult. Then, the existing scan attack countermeasures are evaluated for determining their security against known scan attacks. In addition, JTAG vulnerability and security countermeasures are also analyzed as part of the external test interface. A comparative area-timing-security analysis of existing countermeasures at various abstraction levels is presented in order to help an embedded security designer make an informed choice for his intended application. INDEX TERMS Hardware security, scan-based attacks, test interface misuse, scan attack countermeasures, comparative area-timing-security analysis. 50 2168-6750 2014 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information. VOLUME 2, NO. 1, MARCH 2014 Da Rolt et al.: Test Versus Security: Past and Present IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTING sures are presented. section III describes the misuse of JTAG and IEEE 1500 interfaces. The overview of the state-of-art countermeasures for both threats is presented in section IV and the conclusion is drawn in section V.
doi:10.1109/tetc.2014.2304492 fatcat:25d4g3gyn5cmjmfli7loklb26i