Secure Scan Design Using Redundant Scan Register

ACEEE Int. J. on Signal & Image Processing, Vol. 03, No. 01, Jan 2012

Secure Scan Design Using Redundant Scan Register
Sabyasasachee Banerjee1, Pranay Kumar Saha2
1
Department of Computer Science & Engineering,
Heritage Institute of Technology, Anandapur, Kolkata, W.B., India,
E-mail: sabyasasachee.banerjee@gmail.com
2
Department of Computer Science & Technology,
B. P. C. Institute of Technology, Krishnagar, Nadia, W.B., India,
E-mail: pranay.kumar.saha@gmail.com

Abstract— Cryptographic VLSI chip has a significant role to The switching between insecure mode and secure mode at
resist the attacks which is the growing customer concern of any time can be done through a power off reset. But this
hardware security. Redundancy introduces a great amount of method has the following shortcomings:
randomness & non linearity in any kind circuitry a) There are certain devices (example credit cards, cell-phone
(combinational or sequential). We introduce a new type of sim-cards, and access cards) where even after turning the
redundancy in sequential circuits to make redundant scan
power off the information exists inside the chip. This
registers that are indistinguishable with the original scan
registers. They are sequentially undetectable as well as information can be extracted from those devices having in
redundant, which makes it highly secured. The approach is the insecure mode.
only to replace the original scan registers to modified b) Speed testing or on-line testing is not possible.
redundant scan registers called RScR. c) There are critical systems that remain on continuously
(like satellite monitoring system). In such cases device’s
Keywords— Functional equivalence, Isomorphic redundancy, power-off is not possible. Hence testing in such a scenario
RScR requires alternative solutions.
Karri’s method of secure scan design:
I. INTRODUCTION Consisting two copies of the secret key:
· Secure key: hardwired or in secure memory.
In the modern era, security of crypto-chips is a major · Mirror Key (MKR): used for testing.
concern. Currently, all communication, networking, database &Two modes of operation: Insecure and Secure
management systems and financial application use Insecure mode: secure key is isolated, MKR [1] is used and
cryptographic methods. In crypto chips generally the keys debug allowed. Secure mode: secure key is used and debug
are stored in the sequential circuits. In order to improve the disabled. To support the secure-scan DFT architecture, here
testability of sequential circuits scan chains are popularly MKRs are used to isolate the secret key from the data path
used. But scan chains open side channel for cryptanalysis. and control path performing the crypto algorithm. Such
With improved control and access to the chip, vulnerability MKRs work like normal registers during insecure mode, and
to attacks also increases. Due to this, scan chains can be test vectors can be scanned in and the test result can be
used to steal important information such as intellectual scanned out. When the circuit is in the secure mode, the
property (IP) and secret keys of cryptographic chips [2, 3]. MKRs load the secret-key information and the contents of
The possibility of scan-based side-channel attacks adds to MKRs cannot be scanned out until being reset. Here a test
an already growing customer concern of hardware security. access port (TAP) controller controls the working mode of
Fundamentally, the problem lies on the inherent contradiction the crypto chip.
between testability and security for digital circuits. Hence, Partial scan technique using balanced structure: The
there’s a need for an efficient solution such that both balanced structure [9] is a structure for testable sequential
testability and security are satisfied. circuits. We adopt a partial scan to make a kernel balanced,
where a kernel is the portion of the circuit excluding the scan
II. REVIEW WORK chains. The partial scan protects non-scan registers
In order to solve this tricky problem of efficiently testing completely from scan-based attacks. In addition, we introduce
without compromising the security, some techniques have a mechanism to confuse the kernel logic in test mode to protect
been proposed. scan registers. The method makes the circuit behavior in test
Lock and Key Technique: In this proposed method [7] scan mode completely different from normal mode.
chain architecture with mirror key register was used to provide Vlm-Scan Technique: It is a Vlm-Scan [10] that utilizes some
both testability and security. Two modes of operations flip-flops in a scan chain for authentication to move to test
introduced, insecure mode and secured mode. In the insecure mode. The circuit can proceed to test mode only if the proper
mode, crypto chip can be switched between the test mode sequence of test keys are scanned in to the used flip-flops. It
and the normal mode. However, when a crypto chip is in the is better because the test controller can be tested; however,
secure mode, it can only stay in the normal mode. a long test key sequence is still needed.
© 2012 ACEEE 21
DOI: 01.IJSIP.03.01.81


III. PRELEMINARIES
A. de Bruijn graph:
A de Bruijn graph represents a state transition graph of a
shift register. Shown in Fig.1

Fig.4 Isomorphic Redundancy
Fig1. abc1 Scan register As in Fig.4 state S1 is just swapped by the S0 state but input
The corresponding de Bruijn graph and state table are shown and output assignments remains as it is same so this is an
in Fig. 2 and Table 1 respectively example of isomorphic redundancy. So an isomorphic
redundant circuit is functionally equivalent also.
TABLEI . STATE TABLE OF FIG.1

IV. PROPOSED WORK
We proposed a new type of redundancy in the shift
register. Here not only swapping of sates is achieved but
also all the original sequences are negated keeping all the
input & output assignments same. That is we will get same
output as original scan registers providing the same
corresponding Input. Later one much more randomized
redundancy is introduced, where the swapping of all the states
is randomized to some extent & similarly all the input output
assignments remains as it is same as original scan register.
The scan registers where these type redundancies are
implemented are called as redundant shift registers (RSR)
Fig2. de Bruijn graph that are functionally equivalent but not structurally equivalent
to original scan registers. Using the redundant scan registers
B. Functional Equivalence:
(RScR), we present a new secure and testable scan design
A k-stage modified shift register is called functionally
approach which satisfies both testability and security of
equivalent [6] to the k-stage shift register if the de Bruijn
digital circuits. The approach is only to replace the original
graph of the modified shift register is isomorphic to that of
scan registers to modified scan registers called redundant
the shift register and the input and output assignments are
scan registers (RScR).It also have two modes in which the
the same as those of the shift register. (State assignment is
circuitry is operated. One is test mode and another one is
not necessarily the same.) The functional equivalent de Bruijn
system mode, by adding an extra input called control input
graph of Fig. 2 is shown in Fig. 3
which switches the circuit between test mode and system
mode .When set 0 to control input the circuitry switches to
test mode and a tester can check the original sequences of
the scan register and when set 1 to control input circuitry
switches to system mode and the circuitry transferred to be
redundant, states are swapped and the original sequences of
the scan registers are negated.
A.R EDUNDANCY & RSCR (REDUNDANT SCAN REGISTER)

Fig3. Functional equivalent de Bruijn graph
C. Isomorphic redundancy: Fig5. abc2 Scan register
An isomorphic redundancy can be easily designed by a
simple permutation of the states in the state table of a Fig.5 shows the Redundant Scan register (RScR) which is
sequential circuit. It will be functionally identical to that of functionally equivalent to the Scan register shown in Fig.1.
the original register but structurally different [4]. As a result states will be swapped & sequences of original

© 2012 ACEEE 22
DOI: 01.IJSIP.03.01.81


scan registers are negated which we have implemented in so then we propose another type of improved redundant
system mode and in test mode sequence remains as it is same design which increases the randomness of the changing of
as original scan register of Fig. 1 is represented by the de the sequences of scan registers. Like previous design it
Bruijn graph. Where the state in test mode and system mode also consist two types of inputs depending on the control
are shown in Fig. 6 as state in test mode /state in system mode input, it switches between testing mode and system mode,
fashion. when control input (Y) is 0 this circuit moves to the testing
mode and when control input (Y) is 1 it moves to system
mode is shown in Fig. 7.

Fig7. abc3 Scan register

The corresponding de Bruijn graph of this RScR is in Fig.8.
Fig.6 de Bruijn graph of fig. 5 in test mode/system mode fashion
The state in test mode and system mode are shown in Fig.8
The corresponding state table in test mode and system mode State as in test mode /state in system mode fashion.
are illustrated in Table 2 and Table 3.
TABLEII. STATE TABLE IN TEST MODE

Fig8. de Bruijn graph of fig7. in test mode/system mode fashion
TABLEIII. STATE TABLE IN SYSTEM MODE The state table in test mode and system mode illustrated in
Table 4 and Table 5 respectively.
TABLE IV: STATE TABLE IN TEST MODE

But from security point of view it seems to be not so secured
as if an intelligent hacker goes through the statistics of the
state table for large number of times then he can eventually
find that states are changed as the first two bits are negated,
© 2012 ACEEE 23
DOI: 01.IJSIP.03.01.81


TABLE V: STATE TABLE IN SYSTEM MODE

So in the test mode the circuit operates as the original Fig10. Implementation of RScR
normal shift register circuit in Fig. 1, so a tester can effectively The scan register with the redundant shift register as shown
check the circuit for testing. Now from Fig. 8 it is obseved in fig. 10 is called the redundant scan register (RScR). Scan
that the sequences of the sequential circuit is one bit or in chains are proven to be effective in improvingthe testability
some cases two bit differnciating means often first one bit is of digital circuits. But as it possesses full controllability and
negated or two bit is negated and from the state table we can observability on the circuit, which allow attackers to exploit
find that swaping is also randomized , there is no certain rule this opportunity to extract key streams and even, manipulate
for swaping the sequences of the shift register, so an the circuit. This makes it difficult for scan chains to be used
intelligent hacker can never get any chance to hack in the especially in special cryptographic circuits where secret key
scan chain. streams are stored in internal registers, thus a problem in
B. RScR Added Scan Tree testing these types of circuits is imminent. However, quality
of these circuits is highly in demand currently due to the
Now as we know any scan chain can be represented by a tree
increasing need of secure systems. Thus secure scan design
shaped structure [5].
through (RScR) provides both security and testability. With
the same effectiveness and efficiency of conventional scan
design and with very minimal overhead, any digital circuit
can be both easily testable and secure against attackers.
When we consider a secure scan design, we need to assume
what the attacker knows and how he can potentially make
the attack. Here, we assume the following.
A. ATTACKER’S KNOWLEDGE
a) The attacker does not know the detailed information in the
Fig9. Tree shaped scan chain
gate-level design.
If we replace the circled 3 state scan register of fig. 9 by RScR b) The attacker knows the cryptographic algorithm
(abc3 scan register) as a result randomness and nonlinearity implemented in the circuit. So he can make bit-change
both will be introduced. The modified scan tree structure insertion attack or differential values attack [1].
consists of both redundant and normal Scan D-flip-flops. c) The attacker knows the presence of test pins (scan-in/out,
The new scan tree continues to provide same amount of scan, and reset) and scan chains. However, he does not know
controllability and observability to the designer but not to the structure of RScR (the connection information, positions
the attacker. As the structure of the RScR and the structure of of XOR and NOT, and the size) and the presence of the control
the scan tree are not known to the attacker. This makes it pin .Based on the above assumptions, we define the security
hard for the attacker to comprehend the structure of the tree. to prevent scan-based side-channel attacks.
Further the new scan tree does not require an on-chip source The structure of the RScR is important to the attacker in order
or sink. to understand the scanned out values from the registers,
V. SECURITY & TESTABILITY which can reveal the key stream or the initial values of the
A circuit may consist of a single or multiple scan registers internal registers, once computed. Thus, the level of security
and the remaining combinational logic circuit (kernel) [9]. A is dependent on the difficulty of determining the RScR
scan register is nothing but a shift register with multiplexers structure. If the attacker cannot identify the structure of the
that select the normal data from the combinational logic circuit RScR, the internal register values cannot be retrieved as
and the shifting data from the preceding flip-flop. Here, we output would remain the same as it would for conventional
have replaced the shift register with a redundant shift register scan fig. 6 and fig. 8 shows the de Bruijn graph of two
(RSR). different types of RScR (abc2, abc3). that are all functionally
© 2012 ACEEE 24
DOI: 01.IJSIP.03.01. 81


equivalent to the 3-stage shift register but their state byte. From the number of 1’s in the XOR of the scanned out
assignments are different and hence the content of each values of the register R and differential property of the AES
register cannot be observed from the input/output se- algorithm, the values of register b was computed. Finally,
quence in system mode while served to the customers. using value of a and the register b the key value was
calculated using: RK0=B Å A. In our RScR added scan chain
B. SECURITY ANALYSIS OF STREAM CIPHER WITH RSR ADDED-SCAN
architecture such an attack is not viable because of the
TREE :
presence of the RScR and the nonlinear scan tree. The
Now in case of stream cipher the structure of scan chain can
security of the structure is due to the following reasons:
be determined only if the user feeds in values of his choice
Attacker cannot ascertain the position of register R due to
and analyze the scan out data. Now with RSR added scan
the unknown linear structure of the scan tree. The presence
tree structure the attacker is deprived of knowing the
of RSR in the scan path does not allow ascertaining the
sequences of the scan chain.
structure of the tree. This is because the attacker has no
C. SECURITY A NALYSIS OF AES WITH RSR ADDED-SCAN TREE : control over the input to the internal structures of the design
AES is an encryption standard used by the U.S. government until he knows the full structure of the RSR added scan tree.
since 2001. It is now one of the most popular block cipher Since step 1 fails, step 2 cannot be performed. Also, it may be
techniques due to its simple implementation in hardware. Each noted that step 2 is also not possible. This is because the
AES [8] encryption includes several rounds, and each round attacker requires computing differences in the scanned out
consists of four basic operations: values of register R, which is now obscured by the non-
a) The Byte Sub Transformation; linear property of the RSR added-scan tree. Hence the system
b) Shift Row Transformation; is secure against the known scan chain based attacks.
c) Mix Column Transformation and
d) Add Round Key. VI. THE ADVANTAGES OF RSCR ADDED SCAN TREE
In the last operation, Add Round Key, data is exclusive- ORed
Apart from providing high securities to the designs, following
with a predefined encryption key. The length of the encryption
are enlisted the other advantages of the RScR added scan
key can be chosen as 128, 196, or 256 bits. AES algorithm is a
tree.
private key encryption, which means the encryption key
Fast Testing: Due to the tree structure the testing is fast.
(same as the decryption key) is between the transmitter and
High Fault coverage: The RScR added scan chain has the
the receiver only. Any leakage of the encryption key results
same amount of controllability and observability as
in a serious security problem. Conventional block ciphers
conventional scan chain for the designer. Since the designer
like AES are insecure under scan chain based attacks [1]. In
don’t have to aware of the positions of the RScR in the RScR
order to prevent scan based attacks on AES, we have inserted
added scan tree structure as in test mode he will get the
the RScR added scan tree for registers that need to be secured
original sequences as an original shift register, he can easily
in AES hardware. In the following we show that the RScR
feed in patterns and observe the intermediate values of the
added scan tree architecture provides high security with very
system and thereby test the system accurately.
low overhead.
On-line testing is possible: There is no need of turning off
the system before testing the circuit unlike in the case of
secure scan architecture
Testing of additional circuits or inverters is easy: Since the
additional circuitry involves combinational units, testing can
be easily performed.

VII.THE PROBABILITY OF DETERMINING THE STRUCTURE OF THE
RSR ADDED SCAN TREE
The probability of guessing the correct structure of the scan
tree is [5]

Fig.11 Round Operation of AES encryption
Now the attack on AES by [6] only can crack if it gets the
following information: The first step is to guess the position The probability of guessing the correct structure of the RScR
of the registers to obtain intermediate values of each step. is
The main motive is to find the position of the register R in the
above figure by exploiting the property of Avalanche effect
in good ciphers. Once, the position of register R was as the hacker knows nothing about length of our RScR or
ascertained the second step comes to play. In this step, two about the degree of RScR , then he has to try exhaustively all
values of input plaintext were chosen which differs in one bit sequences of lengths 1 to K .

© 2012 ACEEE 25
DOI: 01.IJSIP.03.01.81


Hence the total probability of guessing the correct structure REFERENCES
of the RScR added scan tree is
[1] Bo Yang, Kaijie Wu, and Ramesh Karri “Secure Scan: A Design-
for-Test Architecture for Crypto Chips” Publication Year: 2006,
Page(s): 2287 - 2293.
[2] David Hély1&2, Frédéric Bancel1, Marie-Lise Flottes2, Bruno
Rouzeyre 2 “Test Control for Secure Scan Designs” Publication
Where Year: 2005, Page(s): 190 – 195.
N: Is the number of scan output pins [3] David Hély1, Marie-Lise Flottes2, Frédéric Bancel1, Bruno
L: Is the depth of the scan tree Rouzeyre2, Nicolas Bérard1, and MichelRenovell2.”Scan Design
r: Is the number of nodes and Secure Chip” Publication Year: 2004, Page(s): 219 – 224.
K: Is the K stage shift register [4] Debesh K. Das, Uttam K. Bhattacharya, andBhargab B.
Bhattacharya,”Isomorph-Redundancy in Sequential Circuits”
VIII. AREA COST & TEST POWER Publication Year: 2000 , Page(s): 992 - 997.
[5] Gaurav Sengar, Debdeep Mukhopadhayay, D Roy Chowdhury
To reduce the overhead due to many feed-forwards and “An Efficient Approach to Develop Secure Scan Tree for Crypto-
feedbacks in a long scan chain, we can use a shift register Hardware” Publication Year: 2007, Page(s): 21 – 26.
(standard scan register) for the non-secure part that is not [6] Hideo Fujiwara and Marie Engelene J. Obien “Secure and
required to be scan-secure. As for the influence on test power Testable Scan Design Using Extended de Bruijn Graphs” Publication
due to shift register modification, the insertion of inverters Year: 2010, Page(s): 413 – 418.
[7] Jeremy Lee, Mohammed Tehranipoor, Chintan Patel, and Jim
AND/OR/ XOR gates can reduce test power even more than
Plusquellic “Securing Scan Design Using Lock & Key Technique”
standard scan design if they are inserted appropriately as
Publication Year: 2005, Page(s): 51 – 62.
mentioned. [8] J. Daemen and R. Rijmen, “The Design of Rijndael: AES—The
Advance Encryption Standard.” Berlin, Germany: Springer-Verlag,
CONCLUSION 2002, pp. 31–62.
[9] Michiko Inoue Tomokazu Yoneda Muneo Hasegawa Hideo
A new secure scan design has been introduced. It involves
Fujiwara “Partial Scan Approach for Secret Information Protection
modification of original scan registers of scan design to “ Publication Year: 2009, Page(s): 143 – 148.
redundant scan registers (RScR). One type has been analyzed [10] Somnath Paul, Rajat Subhra Chakraborty and Swarup Bhunia
for scan-testability and scan-security.RScR added scan tree “VIm-Scan: A Low Overhead Scan Design Approach for Protection
of a shift register can be both scan-testable and –secure by of Secret Key in Scan-Based Secure Chips” Publication Year: 2007,
adding one extra control line input. A long secure scan chain Page(s): 455 – 460.
can be easily constructed by cascading short scan-testable
and scan-secure redundant shift registers. It also does not
involve the use of additional key streams. Therefore, it
provides an efficient solution to satisfy both testability and
security with lesser cost.

© 2012 ACEEE 26
DOI: 01.IJSIP.03.01.81

Secure Scan Design Using Redundant Scan Register

More Related Content

What's hot (9)

Viewers also liked (20)

Similar to Secure Scan Design Using Redundant Scan Register (20)

More from IDES Editor (20)

Recently uploaded (20)

Secure Scan Design Using Redundant Scan Register