Abstract
Scan chains, a design for testability feature, are included in most modern-day ICs. But, it opens a side channel for attacking cryptographic chips. We propose a methodology by which we can recover internal states of any stream cipher using scan chains. We consider conventional scan chain design which is normally not scrambled or protected in any other way. In this scenario, the challenge of the adversary is to obtain the correspondence of output of the scan chain and the internal state registers of the stream cipher. We present a mathematical model of the attack and the correspondence between the scan chain-outputs and the internal state bits have been proved under this model. We propose an algorithm that through offline and online simulation forms bijection between the above-mentioned sets and thus finds the required correspondence. We also give an estimate of the number of offline simulations necessary for finding the correspondence. The proposed strategy is successfully applied to eStream hardware based winners MICKEY-128 2.0, Trivium and Grain-128.
Similar content being viewed by others
References
Agrawal, M., Karmakar, S., Saha, D., Mukhopadhayay, D.: Scan based side channel attacks on stream ciphers and their counter-measures. Prog. Cryptol. INDOCRYPT 2008 5368/2008, 226–238 (2008)
Arslan, B., Orailoglu, A.: Circularscan: A scan architecture for test cost reduction. In: DATE 2002 (2004)
Babbage, S., Canniere, C.D., Canteaut, A., Cid, C., Gilbert, H., Johansson, T., Parker, M., Preneel, B., Rijmen, V., Robshaw, M.: The eSTREAM portfolio. http://www.ecrypt.eu.org/stream/portfolio.pdf (2009). Accessed 10 June 2016
Babbage, S., Dodd, M.: The stream cipher MICKEY 2.0. eSTREAM, ECRYPT stream cipher project, vol. 2006 (2006)
Berzati, A., Canovas, C., Castagnos, G., Debraize, B., Goubin, L., Gouget, A., Paillier, P., Salgado, S.: Fault analysis of GRAIN-128. In: IEEE International Workshop on Hardware-Oriented Security and Trust, vol. 0, pp. 7–14 (2009)
Canniere, C.D., Preneel, B.: TRIVIUM specifications. eSTREAM, ECRYPT stream cipher project (2006)
Chaudhuri, P.P., Chowdhury, D.R., Nandi, S., Chattopadhyay, S.: A Brief Survey. Additive Cellular Automata—Theory and Applications. IEEE, Los Alamitos (1997)
Hell, M., Johansson, T., Meier, W.: A stream cipher proposal: Grain-128. eSTREAM, ECRYPT stream cipher project, vol. 2006 (2006)
Hely, D., Bancel, F., Flottes, M.L., Rouzeyre, B.: Test control for secure scan designs. In: Proceedings of the 10th IEEE European Symposium on Test, ETS 2005, pp. 190–195. Washington (2005)
Hely, D., Bancel, F., Flottes, M.L., Rouzeyre, B.: A secure scan design methodology. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE 2006, pp. 1177–1178. 3001 Leuven (2006)
Hely, D., Bancel, F., Flottes, M.L., Rouzeyre, B.: Secure scan techniques: a comparison. In: Proceedings of the 12th IEEE International Symposium on On-Line Testing, IOLTS 2006, pp. 119–124. Washington (2006)
Hely, D., Flottes, M.L., Bancel, F., Rouzeyre, B., Berard, N., Renovell, M.: Scan design and secure chip. In: Proceedings of the 10th IEEE International On-Line Testing Symposium, IOLTS 2004, p. 219. Washington (2004)
Karmakar, S., Mukhopadhyay, D., Chowdhury, D.R.: d-monomial tests on cellular automata for cryptographic design. In: ACRI 2010 (2010)
Karmakar, S., Mukhopadhyay, D., Chowdhury, D.R.: CAVium-strengthening Trivium using cellular automata. J. Cell. Autom. 7, 179 (2011)
Lee, J., Tehranipoor, M., Patel, C., Plusquellic, J.: Securing scan design using lock and key technique. In: Proceedings of the 20th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, DFT 2005, pp. 51–62. Washington (2005)
Liu, Y., Wu, K., Karri, R.: Scan-based attacks on linear feedback shift register based stream ciphers. ACM Trans. Des. Autom. Electron. Syst. 16(2), 20:1–20:15 (2011). https://doi.org/10.1145/1929943.1929952
Mukhopadhyay, D., Banerjee, S., Chowdhury, D.R., Bhattacharya, B.B.: Cryptoscan: a secured scan chain architecture. In: Proceedings of the 14th Asian Test Symposium on Asian Test Symposium, ATS 2005, pp. 348–353. Washington (2005)
Paterson, K.G., Blackburn, S.R., Murphy, S.: Comments to theory and applications of cellular automata in cryptography. IEEE Trans. Comput. 46(5), 637 (1997)
Rolt, J.D., Natale, G.D., Flottes, M.L., Rouzeyre, B.: A novel differential scan attack on advanced DFT structures. ACM Trans. Des. Autom. Electron. Syst. 18(4), 58:1–58:22 (2013). https://doi.org/10.1145/2505014
Saarinen, M.O.: Chosen-IV statistical attacks on eSTREAM stream ciphers. http://www.ecrypt.eu.org/stream. Accessed 10 June 2016
Sengar, G., Mukhopadhyay, D., Chowdhury, D.R.: Secured flipped scan-chain model for crypto-architecture. IEEE Trans. CAD Integr. Circuits Syst. 26(11), 2080–2084 (2007)
The eSTREAM project. http://www.ecrypt.eu.org/stream/ (2004). Accessed 10 June 2016
Wolfram, S.: Random sequence generation by cellular automata. Adv. Appl. Math. 7, 123–169 (1986)
Yang, B., Wu, K., Karri, R.: Scan based side channel attack on dedicated hardware implementations of data encryption standard. In: Proceedings of the International Test Conference, ITC 2004, pp. 339–344. Washington (2004)
Yang, B., Wu, K., Karri, R.: Secure scan: a design-for-test architecture for crypto chips. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 25(10), 2287–2293 (2006)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Karmakar, S., Chowdhury, D.R. Scan-based side channel attack on stream ciphers and its prevention. J Cryptogr Eng 8, 327–340 (2018). https://doi.org/10.1007/s13389-017-0178-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-017-0178-1