Secure scan: A design-for-test architecture for crypto chips

Bo Yang, Kaijie Wu, Ramesh Karri

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Scan-based Design-for-Test (DFT) is a powerful testing scheme, but it can be used to retrieve the secrets stored in a crypto chip thus compromising its security. On one hand, sacrificing security for testability by using traditional scan-based DFT restricts its use in privacy sensitive applications. On the other hand, sacrificing testability for security by abandoning scan-based DFT hurts product quality. The security of a crypto chip comes from the small secret key stored in a few registers and the testability of a crypto chip comes from the data path and control path implementing the crypto algorithm. Based on this key observation, we propose a novel scan DFT architecture called secure scan that maintains the high test quality of traditional scan DFT without compromising the security. We used a hardware implementation of the Advanced Encryption Standard (AES) to show that the traditional Scan DFT scheme can compromise the secret key. We then showed that by using secure scan DFT, neither the secret key nor the testability of the AES implementation is compromised.

Original languageEnglish (US)
Title of host publicationProceedings - Design Automation Conference
Number of pages6
StatePublished - 2005
Event42nd Design Automation Conference, DAC 2005 - Anaheim, CA, United States
Duration: Jun 13 2005Jun 17 2005


Other42nd Design Automation Conference, DAC 2005
Country/TerritoryUnited States
CityAnaheim, CA


  • Crypto Hardware
  • Scan-based DFT
  • Security
  • Testability

ASJC Scopus subject areas

  • Hardware and Architecture
  • Control and Systems Engineering


Dive into the research topics of 'Secure scan: A design-for-test architecture for crypto chips'. Together they form a unique fingerprint.

Cite this