Secure Scan: A design-for-test architecture for crypto chips

Bo Yang, Kaijie Wu, Ramesh Karri

Research output: Contribution to journalArticlepeer-review


Scan-based design for test (DFT) is a powerful testing scheme, but it can be used to retrieve the secrets stored in a crypto chip, thus compromising its security. On one hand, sacrificing the security for testability by using a traditional scan-based DFT restricts its use in privacy sensitive applications. On the other hand, sacrificing the testability for security by abandoning the scan-based DFT hurts the product quality. The security of a crypto chip comes from the small secret key stored in a few registers, and the testability of a crypto chip comes from the data path and control path implementing the crypto algorithm. Based on this key observation, the authors propose a novel scan DFT architecture called secure scan that maintains the high test quality of traditional scan DFT without compromising the security. They used a hardware implementation of the advanced encryption standard to show that the traditional scan DFT scheme can compromise the secret key. They then showed that by using secure-scan DFT, neither the secret key nor the testability of the AES implementation is compromised.

Original languageEnglish (US)
Article number1677712
Pages (from-to)2287-2293
Number of pages7
JournalIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Issue number10
StatePublished - Oct 2006


  • Crypto hardware
  • Scan-based design for test (DFT)
  • Security
  • Testability

ASJC Scopus subject areas

  • Software
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering


Dive into the research topics of 'Secure Scan: A design-for-test architecture for crypto chips'. Together they form a unique fingerprint.

Cite this