TY - GEN
T1 - Test-mode-only scan attack using the boundary scan chain
AU - Ali, Sk Subidh
AU - Sinanoglu, Ozgur
AU - Karri, Ramesh
PY - 2014
Y1 - 2014
N2 - Boundary-scan is a very popular technology with wide applications in product life cycle that ranges from product design, prototype debugging, production to field service. However, when it comes to securing a product such as smart card, RFID tag, set-top-box, etc., the technology can be targeted by an attacker to reveal the secret information of the chip. In this paper, for the first time, we will show that the boundary scan chain can be used to bypass the mode-reset countermeasure, which is used to thwart all the scan attacks that rely on switching between the normal mode and the test mode of the chip. We propose two attacks on the AES core. The first attack uses the boundary scan chain to apply input plaintexts to the first round of AES, whereas the second attack targets the final round by applying the inputs through the internal scan chain(s) and the round output is captured in the boundary scan chain. The attacks not only bypass the mode-reset countermeasure but also circumvent the affect of stimulus decompressor (first attack) or the response compactor (second attack). Both attacks retrieve the 128-bit secret key within one minute of execution.
AB - Boundary-scan is a very popular technology with wide applications in product life cycle that ranges from product design, prototype debugging, production to field service. However, when it comes to securing a product such as smart card, RFID tag, set-top-box, etc., the technology can be targeted by an attacker to reveal the secret information of the chip. In this paper, for the first time, we will show that the boundary scan chain can be used to bypass the mode-reset countermeasure, which is used to thwart all the scan attacks that rely on switching between the normal mode and the test mode of the chip. We propose two attacks on the AES core. The first attack uses the boundary scan chain to apply input plaintexts to the first round of AES, whereas the second attack targets the final round by applying the inputs through the internal scan chain(s) and the round output is captured in the boundary scan chain. The attacks not only bypass the mode-reset countermeasure but also circumvent the affect of stimulus decompressor (first attack) or the response compactor (second attack). Both attacks retrieve the 128-bit secret key within one minute of execution.
UR - http://www.scopus.com/inward/record.url?scp=84904480328&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84904480328&partnerID=8YFLogxK
U2 - 10.1109/ETS.2014.6847798
DO - 10.1109/ETS.2014.6847798
M3 - Conference contribution
AN - SCOPUS:84904480328
SN - 9781479934157
T3 - Proceedings - 2014 19th IEEE European Test Symposium, ETS 2014
BT - Proceedings - 2014 19th IEEE European Test Symposium, ETS 2014
PB - IEEE Computer Society
T2 - 19th IEEE European Test Symposium, ETS 2014
Y2 - 26 May 2014 through 30 May 2014
ER -