Dipojjwal Ray, Yogendra Sao, S. Biswas, Sk Subidh Ali
{"title":"保护加密ic免受基于扫描的攻击:一个汉明权重分布的观点","authors":"Dipojjwal Ray, Yogendra Sao, S. Biswas, Sk Subidh Ali","doi":"10.1145/3577215","DOIUrl":null,"url":null,"abstract":"Scan chain-based Design for Testability is the industry standard in use for testing manufacturing defects in the semiconductor industry to ensure the structural and functional correctness of chips. Fault coverage is significantly enhanced due to the higher observability and controllability of the internal latches. These ensuing benefits to testing, if misused, expose vulnerabilities that can be detrimental to the security aspects, especially in the context of crypto-chips that contain a secret key. Hence, it remains of paramount importance for a chip designer to secure crypto-chips against various scan attacks. A countermeasure is proposed in this article that preserves the secrecy of an embedded key in a cryptographic integrated circuit running an Advanced Encryption Standard (AES) implementation. A novel design involving a hardware unit is illustrated that circumvents differential scan attacks by essentially performing bit flips deterministically, using a pre-computed mask value. This helps secure the chip while retaining full testability. The controller logic directly depends on a mask determination algorithm that can defend against any scan attack with 𝒪 theoretical complexity. Security analysis of our proposed defense procedure is performed in the framework of Discrete Event Systems (DES). The sequential scan circuit of an AES cryptosystem is modeled as a DES using Finite State Automata. A security notion, Opacity, is used to quantify and formally verify the security aspects of our controlled system, which shows that the entropy of the secret key is preserved. A case study is performed that shows to mitigate state-of-the-art differential scan attacks successfully at a nominal extra overhead of 1.78%.","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":" ","pages":"1 - 20"},"PeriodicalIF":2.1000,"publicationDate":"2022-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"On Securing Cryptographic ICs against Scan-based Attacks: A Hamming Weight Distribution Perspective\",\"authors\":\"Dipojjwal Ray, Yogendra Sao, S. Biswas, Sk Subidh Ali\",\"doi\":\"10.1145/3577215\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Scan chain-based Design for Testability is the industry standard in use for testing manufacturing defects in the semiconductor industry to ensure the structural and functional correctness of chips. Fault coverage is significantly enhanced due to the higher observability and controllability of the internal latches. These ensuing benefits to testing, if misused, expose vulnerabilities that can be detrimental to the security aspects, especially in the context of crypto-chips that contain a secret key. Hence, it remains of paramount importance for a chip designer to secure crypto-chips against various scan attacks. A countermeasure is proposed in this article that preserves the secrecy of an embedded key in a cryptographic integrated circuit running an Advanced Encryption Standard (AES) implementation. A novel design involving a hardware unit is illustrated that circumvents differential scan attacks by essentially performing bit flips deterministically, using a pre-computed mask value. This helps secure the chip while retaining full testability. The controller logic directly depends on a mask determination algorithm that can defend against any scan attack with 𝒪 theoretical complexity. Security analysis of our proposed defense procedure is performed in the framework of Discrete Event Systems (DES). The sequential scan circuit of an AES cryptosystem is modeled as a DES using Finite State Automata. A security notion, Opacity, is used to quantify and formally verify the security aspects of our controlled system, which shows that the entropy of the secret key is preserved. A case study is performed that shows to mitigate state-of-the-art differential scan attacks successfully at a nominal extra overhead of 1.78%.\",\"PeriodicalId\":50924,\"journal\":{\"name\":\"ACM Journal on Emerging Technologies in Computing Systems\",\"volume\":\" \",\"pages\":\"1 - 20\"},\"PeriodicalIF\":2.1000,\"publicationDate\":\"2022-12-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Journal on Emerging Technologies in Computing Systems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1145/3577215\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Journal on Emerging Technologies in Computing Systems","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3577215","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
On Securing Cryptographic ICs against Scan-based Attacks: A Hamming Weight Distribution Perspective
Scan chain-based Design for Testability is the industry standard in use for testing manufacturing defects in the semiconductor industry to ensure the structural and functional correctness of chips. Fault coverage is significantly enhanced due to the higher observability and controllability of the internal latches. These ensuing benefits to testing, if misused, expose vulnerabilities that can be detrimental to the security aspects, especially in the context of crypto-chips that contain a secret key. Hence, it remains of paramount importance for a chip designer to secure crypto-chips against various scan attacks. A countermeasure is proposed in this article that preserves the secrecy of an embedded key in a cryptographic integrated circuit running an Advanced Encryption Standard (AES) implementation. A novel design involving a hardware unit is illustrated that circumvents differential scan attacks by essentially performing bit flips deterministically, using a pre-computed mask value. This helps secure the chip while retaining full testability. The controller logic directly depends on a mask determination algorithm that can defend against any scan attack with 𝒪 theoretical complexity. Security analysis of our proposed defense procedure is performed in the framework of Discrete Event Systems (DES). The sequential scan circuit of an AES cryptosystem is modeled as a DES using Finite State Automata. A security notion, Opacity, is used to quantify and formally verify the security aspects of our controlled system, which shows that the entropy of the secret key is preserved. A case study is performed that shows to mitigate state-of-the-art differential scan attacks successfully at a nominal extra overhead of 1.78%.
期刊介绍:
The Journal of Emerging Technologies in Computing Systems invites submissions of original technical papers describing research and development in emerging technologies in computing systems. Major economic and technical challenges are expected to impede the continued scaling of semiconductor devices. This has resulted in the search for alternate mechanical, biological/biochemical, nanoscale electronic, asynchronous and quantum computing and sensor technologies. As the underlying nanotechnologies continue to evolve in the labs of chemists, physicists, and biologists, it has become imperative for computer scientists and engineers to translate the potential of the basic building blocks (analogous to the transistor) emerging from these labs into information systems. Their design will face multiple challenges ranging from the inherent (un)reliability due to the self-assembly nature of the fabrication processes for nanotechnologies, from the complexity due to the sheer volume of nanodevices that will have to be integrated for complex functionality, and from the need to integrate these new nanotechnologies with silicon devices in the same system.
The journal provides comprehensive coverage of innovative work in the specification, design analysis, simulation, verification, testing, and evaluation of computing systems constructed out of emerging technologies and advanced semiconductors