Test versus security @ IEEE Concept
Download as PPTX, PDF•1 like•309 views
This document discusses security risks related to testing integrated circuits. It describes how scan-based side-channel attacks can exploit design-for-testability infrastructure to reveal confidential information by observing scan chains. The document also covers different types of attackers, common attack procedures, and known attacks against cryptographic primitives. Finally, it discusses how test interfaces like JTAG can be misused to facilitate scan-based attacks or upload malicious firmware.
![References
[1] (1994). Federal Information Processing Standards Publication 140-2:
Security Requirements for Cryptographic Modules [Online]. Available:
http://csrc.nist.gov/publications/ps/ps140-2/ps1402.pdf
[2] D. Hely, M.-L. Flottes, F. Bancel, B. Rouzeyre, N. Berard, and
M. Renovell, ``Scan design and secure chip [secure IC testing],'' in
Proc.
10th IEEE IOLTS, Jul. 2004, pp. 219224.
[3] J. Lee, M. Tehranipoor, C. Patel, and J. Plusquellic, ``Securing designs
against scan-based side-channel attacks,'' IEEE Trans. Dependable
Secure
Comput., vol. 4, no. 4, pp. 325336, Oct. 2007.
[4] J. Da Rolt, G. Di Natale, M. Flottes, and B. Rouzeyre, ``A novel
differential
scan attack on advanced DFT structures,'' ACM Trans. Des. Autom.
Electron. Syst., vol. 18, no. 4, p. 58, Oct. 2013.](https://image.slidesharecdn.com/testversussecurity-141217103324-conversion-gate02/85/Test-versus-security-IEEE-Concept-19-320.jpg)
Test versus security @ IEEE Concept
- 2. Agenda Abstract Introduction What is Security Testing Purpose of Security Testing Scan-Based Attacks Types of Attacks Content of Attackers Misuse of Test Interfaces Conclusion References
- 3. Abstract Cryptographic circuits need to be protected against side- channel attacks, which target their physical attributes while the cryptographic algorithm is in execution. There can be various side-channels, such as power, timing, electromagnetic radiation, fault response, and so on. One such important side- channel is the design-for-testability (DfT) infrastructure present for effective and timely testing of VLSI circuits.The purpose of this paper is to rst present a detailed survey on the state-of- the-art in scan-based side-channel attacks on symmetric and public-key cryptographic hardware implementations, both in the absence and presence of advanced DfT structures, such as test compression and X-masking, which may make the attack diffcult.
- 4. Introduction Structural testing is one important step in the production of integrated circuits. Indeed, the fabrication of CMOS devices is not a totally controlled process and some of the manufactured Chips may not work properly. Testing is therefore essential to Sort faulty and good circuits and thus ensure the quality of the products. The increasing test cost of new technologies demands the insertion of test-oriented structures early in the integrated circuit (IC) design cycle, which is called Design-for-Testabilit (DfT). These structures aims at improving the testability (mainl the capacity to detect the presence of faults), diagnostics, test time and reducing the number of required test pins.
- 5. What is Security Testing Security testing is a process to determine that an information system protects data and maintains functionality. To check whether there is any information leakage. To test the application whether it has unauthorized access and having the encoded security code. To finding out all the potential loopholes and weaknesses of the system.
- 6. Purpose of Security Testing Primary purpose of security testing is to identify the vulnerabilities and subsequently repairing them. Security Testing helps in improving the current system and also helps in ensuring that the system will work for longer time. Security test helps in finding out loopholes that can cause loss of important information.
- 7. Scan-Based Attacks The insertion of scan chains consists of replacing the flip-flops (FFs) of the design by scan flip-flops (SFFs) and connecting these SFFs into a shift-register, called scan chain. The scan chain is bound to a input pin (scan-in) and to an output pin (scan-out). An extra pin called scan-enable should be added to control the scan chain's data shifting. If the scanenable is set to 0, the SFFs are connected to the circuit to behave as functionally expected (functional mode). When the scan-enable is set to 1, the SFFs are connected to the scan chain, and the bitstream at the scan-in is shifted in while the data stored in the SFFs is shifted out through the scan-out pin.
- 8. Scan-Based Attacks By controlling the scan-in and scan-enable inputs and observing the scan-out pin, and attacker can observe confidential data or corrupt internal states. Then the below Fig. 1 illustrates the duality between test and security.
- 9. Types of Attacks: Attack Basic Procedure Attacking Cryptographic Primitives Attacker Model Known Scan-Based Attacks
- 10. Attack Basic Procedure As depicted in Fig. 1, the attacker can use the shift operation maliciously, switching from functional to test mode at will. Even if the attacker uses the shift operation as the test engineer, the attack's procedure is different from the standard test procedure. For instance, suppose that some of the flip-flops inserted on the scan chain contain confidential Information . An observability attack would consist of the following steps: a. reset the circuit b. load the chosen input at the cipher's input c. run part of the encryption d. switch to test e. mode when the intermediate flip-flops contain data related to the secret and shift out the scan contents containing this confidential information f. analyze the observed contents and try to uncover the secret key.
- 11. Attacking Cryptographic Primitives The science of coding and decoding messages so as to keep these messages secure. Coding takes place using a key that ideally is known only by the sender and intended recipient of the message. In computer programming, a primitive is a basic interface or segment of code that can be used to build more sophisticated program elements or interfaces. The below Fig. 2 shows an example of how the scan- based attacks can compromise the security of symmetric-key or public-key cryptography.
- 12. Both symmetric-key and public-key algorithms usually have structures that repeat the same operations for multiple iterations. The more iterations, the harder for attackers to nd out the secret by only observing the plaintext/input and the ciphertext/output.
- 13. Attacker Model In this model we classify into 4 classes. They are: Class 1: Amateur, Class 2: Expert, Class 3: Insider, Class 4: Expert with advanced equipment
- 14. Attacker Model Class 1: Amateur Knows the cipher algorithm implementation, as well as timing diagrams for correctly operating the circuit (this information is usually present in the circuit datasheet). Class 2: Expert Can uncover design details with the help of DPA or timing analysis, consisting mainly of input/output register buffers and additional registers that may be affected by plaintext (DFF storage elements). These DFFs may complicate the observation of data related to the secret.
- 15. Attacker Model Class 3: Insider Knows the correspondence between the circuit flip-flops and their position within the scan chain. Class 4: Expert with advanced equipment Can remove the chip package and probe internal signals. This is important in cases where the scan chains are disconnected after manufacturing test by means of anti-fuses. This class of attackers can still probe unconnected scan chains. It must be noted that a Class 3 or 4 attacker have of course all the abilities of the lower class attackers.
- 16. Known Scan-Based Attacks The rst scan attack proposed in the literature was conceived to break a Data Encryption Standard (DES) block cipher. Yang et al. described a two-phase procedure that consists in first finding the position of the intermediate registers in the scan chain, and then retrieving the DES first round key. In order to find the position, 64 pairs of plaintexts are loaded. Two plaintexts are loaded. Two plaintexts of any of these pairs have a single-bit difference and each pair has a difference in a different location. Using the procedure described in subsection II-A, the attacker shifts out internal states when the plaintexts are loaded into the registers that store the intermediate values and then these register's flip-flops are localized. Then the attacker applies three chosen plaintexts and shifts out the scan data to recover the first round key.
- 17. Misuse of Test Interfaces Test interfaces such as JTAG and IEEE 1500 have two security drawbacks: they make scan-based attacks easier and They can be used to upload corrupted firmware in non- volatile memories or read out internal contents. The first issue comes from the fact that they provide access to individual components(chips on board or cores on SoCs). It implies that malicious users can apply scan-based attacks on the cryptographic blocks only, which makes the analysis phase of the attack easier.
- 18. Conclusion In this paper we described two main issues related to the test and security domain: scan-based attacks and misuse of JTAG interfaces. Both threats exploit security issues present in structures that implemented test and debug of digital ICs. To help the understanding of scan-based attacks, we have described the principles of these attacks. Then we presented a survey of the known scan-based attacks so that designers can take them into account when building new circuits. Additionally, we described some well known issues related to the misuse of JTAG and IEEE 1500 test interfaces.
- 19. References [1] (1994). Federal Information Processing Standards Publication 140-2: Security Requirements for Cryptographic Modules [Online]. Available: http://csrc.nist.gov/publications/ps/ps140-2/ps1402.pdf [2] D. Hely, M.-L. Flottes, F. Bancel, B. Rouzeyre, N. Berard, and M. Renovell, ``Scan design and secure chip [secure IC testing],'' in Proc. 10th IEEE IOLTS, Jul. 2004, pp. 219224. [3] J. Lee, M. Tehranipoor, C. Patel, and J. Plusquellic, ``Securing designs against scan-based side-channel attacks,'' IEEE Trans. Dependable Secure Comput., vol. 4, no. 4, pp. 325336, Oct. 2007. [4] J. Da Rolt, G. Di Natale, M. Flottes, and B. Rouzeyre, ``A novel differential scan attack on advanced DFT structures,'' ACM Trans. Des. Autom. Electron. Syst., vol. 18, no. 4, p. 58, Oct. 2013.
- 20. Any