SlideShare a Scribd company logo

Test versus security @ IEEE Concept

Download as PPTX, PDF
kodela3
kodela3

My Second Saminar Topic...

Design
1 of 21
Kodela.Jagadeesh
Agenda  Abstract  Introduction What is Security Testing Purpose of Security Testing Scan-Based Attacks Types of Attacks  Content of Attackers Misuse of Test Interfaces Conclusion References
Abstract Cryptographic circuits need to be protected against side- channel attacks, which target their physical attributes while the cryptographic algorithm is in execution. There can be various side-channels, such as power, timing, electromagnetic radiation, fault response, and so on. One such important side- channel is the design-for-testability (DfT) infrastructure present for effective and timely testing of VLSI circuits.The purpose of this paper is to rst present a detailed survey on the state-of- the-art in scan-based side-channel attacks on symmetric and public-key cryptographic hardware implementations, both in the absence and presence of advanced DfT structures, such as test compression and X-masking, which may make the attack diffcult.
Introduction Structural testing is one important step in the production of integrated circuits. Indeed, the fabrication of CMOS devices is not a totally controlled process and some of the manufactured Chips may not work properly. Testing is therefore essential to Sort faulty and good circuits and thus ensure the quality of the products. The increasing test cost of new technologies demands the insertion of test-oriented structures early in the integrated circuit (IC) design cycle, which is called Design-for-Testabilit (DfT). These structures aims at improving the testability (mainl the capacity to detect the presence of faults), diagnostics, test time and reducing the number of required test pins.
What is Security Testing Security testing is a process to determine that an information system protects data and maintains functionality. To check whether there is any information leakage. To test the application whether it has unauthorized access and having the encoded security code. To finding out all the potential loopholes and weaknesses of the system.
Purpose of Security Testing Primary purpose of security testing is to identify the vulnerabilities and subsequently repairing them. Security Testing helps in improving the current system and also helps in ensuring that the system will work for longer time. Security test helps in finding out loopholes that can cause loss of important information.
Scan-Based Attacks The insertion of scan chains consists of replacing the flip-flops (FFs) of the design by scan flip-flops (SFFs) and connecting these SFFs into a shift-register, called scan chain. The scan chain is bound to a input pin (scan-in) and to an output pin (scan-out). An extra pin called scan-enable should be added to control the scan chain's data shifting. If the scanenable is set to 0, the SFFs are connected to the circuit to behave as functionally expected (functional mode). When the scan-enable is set to 1, the SFFs are connected to the scan chain, and the bitstream at the scan-in is shifted in while the data stored in the SFFs is shifted out through the scan-out pin.
Scan-Based Attacks By controlling the scan-in and scan-enable inputs and observing the scan-out pin, and attacker can observe confidential data or corrupt internal states. Then the below Fig. 1 illustrates the duality between test and security.
Types of Attacks: Attack Basic Procedure Attacking Cryptographic Primitives Attacker Model Known Scan-Based Attacks
Attack Basic Procedure  As depicted in Fig. 1, the attacker can use the shift operation maliciously, switching from functional to test mode at will.  Even if the attacker uses the shift operation as the test engineer, the attack's procedure is different from the standard test procedure.  For instance, suppose that some of  the flip-flops inserted on the scan chain contain confidential Information .  An observability attack would consist of the following steps: a. reset the circuit b. load the chosen input at the cipher's input c. run part of the encryption d. switch to test e. mode when the intermediate flip-flops contain data related to the secret and shift out the scan contents containing this confidential information f. analyze the observed contents and try to uncover the secret key.
Attacking Cryptographic Primitives  The science of coding and decoding messages so as to keep these messages secure. Coding takes place using a key that ideally is known only by the sender and intended recipient of the message.  In computer programming, a primitive is a basic interface or segment of code that can be used to build more sophisticated program elements or interfaces.  The below Fig. 2 shows an example of how the scan- based attacks can compromise the security of symmetric-key or public-key cryptography.
 Both symmetric-key and public-key algorithms usually have structures that repeat the same operations for multiple iterations.  The more iterations, the harder for attackers to nd out the secret by only observing the plaintext/input and the ciphertext/output.
Attacker Model  In this model we classify into 4 classes.  They are: Class 1: Amateur, Class 2: Expert, Class 3: Insider, Class 4: Expert with advanced equipment
Attacker Model  Class 1: Amateur Knows the cipher algorithm implementation, as well as timing diagrams for correctly operating the circuit (this information is usually present in the circuit datasheet).  Class 2: Expert Can uncover design details with the help of DPA or timing analysis, consisting mainly of input/output register buffers and additional registers that may be affected by plaintext (DFF storage elements). These DFFs may complicate the observation of data related to the secret.
Attacker Model  Class 3: Insider Knows the correspondence between the circuit flip-flops and their position within the scan chain.  Class 4: Expert with advanced equipment Can remove the chip package and probe internal signals. This is important in cases where the scan chains are disconnected after manufacturing test by means of anti-fuses. This class of attackers can still probe unconnected scan chains.  It must be noted that a Class 3 or 4 attacker have of course all the abilities of the lower class attackers.
Known Scan-Based Attacks  The rst scan attack proposed in the literature was conceived to break a Data Encryption Standard (DES) block cipher.  Yang et al. described a two-phase procedure that consists in first finding the position of the intermediate registers in the scan chain, and then retrieving the DES first round key.  In order to find the position, 64 pairs of plaintexts are loaded. Two plaintexts are loaded.  Two plaintexts of any of these pairs have a single-bit difference and each pair has a difference in a different location.  Using the procedure described in subsection II-A, the attacker shifts out internal states when the plaintexts are loaded into the registers that store the intermediate values and then these register's flip-flops are localized.  Then the attacker applies three chosen plaintexts and shifts out the scan data to recover the first round key.
Misuse of Test Interfaces  Test interfaces such as JTAG and IEEE 1500 have two security drawbacks:  they make scan-based attacks easier and  They can be used to upload corrupted firmware in non- volatile  memories or read out internal contents.  The first issue comes from the fact that they provide access to individual components(chips on board or cores on SoCs).  It implies that malicious users can apply scan-based attacks on the cryptographic blocks only, which makes the analysis phase of the attack easier.
Conclusion In this paper we described two main issues related to the test and security domain: scan-based attacks and misuse of JTAG interfaces. Both threats exploit security issues present in structures that implemented test and debug of digital ICs. To help the understanding of scan-based attacks, we have described the principles of these attacks. Then we presented a survey of the known scan-based attacks so that designers can take them into account when building new circuits. Additionally, we described some well known issues related to the misuse of JTAG and IEEE 1500 test interfaces.
References [1] (1994). Federal Information Processing Standards Publication 140-2: Security Requirements for Cryptographic Modules [Online]. Available: http://csrc.nist.gov/publications/ps/ps140-2/ps1402.pdf [2] D. Hely, M.-L. Flottes, F. Bancel, B. Rouzeyre, N. Berard, and M. Renovell, ``Scan design and secure chip [secure IC testing],'' in Proc. 10th IEEE IOLTS, Jul. 2004, pp. 219224. [3] J. Lee, M. Tehranipoor, C. Patel, and J. Plusquellic, ``Securing designs against scan-based side-channel attacks,'' IEEE Trans. Dependable Secure Comput., vol. 4, no. 4, pp. 325336, Oct. 2007. [4] J. Da Rolt, G. Di Natale, M. Flottes, and B. Rouzeyre, ``A novel differential scan attack on advanced DFT structures,'' ACM Trans. Des. Autom. Electron. Syst., vol. 18, no. 4, p. 58, Oct. 2013.
Any
Test versus security @ IEEE Concept

Recommended

HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREHARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
VLSICS Design
 
Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...
eSAT Publishing House
 
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT KharagpurSneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Priyanka Aash
 
Signature Free Virus Blocking Method to Detect Software Code Security (Intern...
Signature Free Virus Blocking Method to Detect Software Code Security (Intern...Signature Free Virus Blocking Method to Detect Software Code Security (Intern...
Signature Free Virus Blocking Method to Detect Software Code Security (Intern...
Student
 
Hardware trojan detection technique using side channel analysis for hardware ...
Hardware trojan detection technique using side channel analysis for hardware ...Hardware trojan detection technique using side channel analysis for hardware ...
Hardware trojan detection technique using side channel analysis for hardware ...
Ashish Maurya
 
Fault Attacks on Cryptosystems
Fault Attacks on CryptosystemsFault Attacks on Cryptosystems
Fault Attacks on Cryptosystems
Sayan Chaudhuri
 
Hardware Trojan Identification and Detection
Hardware Trojan Identification and DetectionHardware Trojan Identification and Detection
Hardware Trojan Identification and Detection
ijcisjournal
 
Layered approach
Layered approachLayered approach
Layered approach
ingenioustech
 

Recommended

HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREHARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
VLSICS Design
 
Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...
eSAT Publishing House
 
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT KharagpurSneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Priyanka Aash
 
Signature Free Virus Blocking Method to Detect Software Code Security (Intern...
Signature Free Virus Blocking Method to Detect Software Code Security (Intern...Signature Free Virus Blocking Method to Detect Software Code Security (Intern...
Signature Free Virus Blocking Method to Detect Software Code Security (Intern...
Student
 
Hardware trojan detection technique using side channel analysis for hardware ...
Hardware trojan detection technique using side channel analysis for hardware ...Hardware trojan detection technique using side channel analysis for hardware ...
Hardware trojan detection technique using side channel analysis for hardware ...
Ashish Maurya
 
Fault Attacks on Cryptosystems
Fault Attacks on CryptosystemsFault Attacks on Cryptosystems
Fault Attacks on Cryptosystems
Sayan Chaudhuri
 
Hardware Trojan Identification and Detection
Hardware Trojan Identification and DetectionHardware Trojan Identification and Detection
Hardware Trojan Identification and Detection
ijcisjournal
 
Layered approach
Layered approachLayered approach
Layered approach
ingenioustech
 
Reconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatformsReconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatforms
Abdullah Deeb
 
Finding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection ExploitsFinding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection Exploits
amiable_indian
 
Testbed For Ids
Testbed For IdsTestbed For Ids
Testbed For Ids
amiable_indian
 
IDS - Fact, Challenges and Future
IDS - Fact, Challenges and FutureIDS - Fact, Challenges and Future
IDS - Fact, Challenges and Future
amiable_indian
 
Jurassic Pcap
Jurassic PcapJurassic Pcap
Jurassic Pcap
Jairo Alonso Ortiz
 
A fast static analysis approach to detect exploit code inside network flows
A fast static analysis approach to detect exploit code inside network flowsA fast static analysis approach to detect exploit code inside network flows
A fast static analysis approach to detect exploit code inside network flows
UltraUploader
 
Chapter 7 security tools i
Chapter 7 security tools iChapter 7 security tools i
Chapter 7 security tools i
Syaiful Ahdan
 
Deep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection systemDeep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection system
Avinash Kumar
 
Anomaly detection final
Anomaly detection finalAnomaly detection final
Anomaly detection final
Akshay Bansal
 
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
IJNSA Journal
 
Bypassing firewalls
Bypassing firewallsBypassing firewalls
Bypassing firewalls
Kumar
 
De-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali LinuxDe-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali Linux
IRJET Journal
 
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
a001
 
M phil-computer-science-cryptography-projects
M phil-computer-science-cryptography-projectsM phil-computer-science-cryptography-projects
M phil-computer-science-cryptography-projects
Vijay Karan
 
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSSHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
ijwmn
 
Intrusion Alert Correlation
Intrusion Alert CorrelationIntrusion Alert Correlation
Intrusion Alert Correlation
amiable_indian
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the Network
IOSR Journals
 
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
ijcsit
 
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET Journal
 
Software libre y software privativo
Software libre y software privativo Software libre y software privativo
Software libre y software privativo
Marcelo Tellechea
 
Blogs en el aprendizaje
Blogs en el aprendizajeBlogs en el aprendizaje
Blogs en el aprendizaje
tania castro
 
Social watch workshop summary of day 1
Social watch workshop summary of day 1Social watch workshop summary of day 1
Social watch workshop summary of day 1
Sonnie Kibz
 

More Related Content

What's hot

A fast static analysis approach to detect exploit code inside network flows
A fast static analysis approach to detect exploit code inside network flowsA fast static analysis approach to detect exploit code inside network flows
A fast static analysis approach to detect exploit code inside network flows
UltraUploader
 
Anomaly detection final
Anomaly detection finalAnomaly detection final
Anomaly detection final
Akshay Bansal
 
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
IJNSA Journal
 
Bypassing firewalls
Bypassing firewallsBypassing firewalls
Bypassing firewalls
Kumar
 
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
a001
 
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSSHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
ijwmn
 
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
ijcsit
 

What's hot (19)

Reconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatformsReconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatforms
 
Finding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection ExploitsFinding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection Exploits
 
Testbed For Ids
Testbed For IdsTestbed For Ids
Testbed For Ids
 
IDS - Fact, Challenges and Future
IDS - Fact, Challenges and FutureIDS - Fact, Challenges and Future
IDS - Fact, Challenges and Future
 
Jurassic Pcap
Jurassic PcapJurassic Pcap
Jurassic Pcap
 
A fast static analysis approach to detect exploit code inside network flows
A fast static analysis approach to detect exploit code inside network flowsA fast static analysis approach to detect exploit code inside network flows
A fast static analysis approach to detect exploit code inside network flows
 
Chapter 7 security tools i
Chapter 7 security tools iChapter 7 security tools i
Chapter 7 security tools i
 
Deep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection systemDeep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection system
 
Anomaly detection final
Anomaly detection finalAnomaly detection final
Anomaly detection final
 
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
A Test-Bed Implementation for Securing OLSR In Mobile Ad-Hoc Networks
 
Bypassing firewalls
Bypassing firewallsBypassing firewalls
Bypassing firewalls
 
De-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali LinuxDe-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali Linux
 
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
Deliberately Un-Dependable Applications: the Role of Dependability Metrics in...
 
M phil-computer-science-cryptography-projects
M phil-computer-science-cryptography-projectsM phil-computer-science-cryptography-projects
M phil-computer-science-cryptography-projects
 
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSSHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKS
 
Intrusion Alert Correlation
Intrusion Alert CorrelationIntrusion Alert Correlation
Intrusion Alert Correlation
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the Network
 
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
INTRUSION DETECTION SYSTEM CLASSIFICATION USING DIFFERENT MACHINE LEARNING AL...
 
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
 

Viewers also liked

Blogs en el aprendizaje
Blogs en el aprendizajeBlogs en el aprendizaje
Blogs en el aprendizaje
tania castro
 
Social watch workshop summary of day 1
Social watch workshop summary of day 1Social watch workshop summary of day 1
Social watch workshop summary of day 1
Sonnie Kibz
 
03.[슬라이드]브래그피크 v20160224(ch)
03.[슬라이드]브래그피크 v20160224(ch)03.[슬라이드]브래그피크 v20160224(ch)
03.[슬라이드]브래그피크 v20160224(ch)
Samsung Medical Center
 

Viewers also liked (14)

Software libre y software privativo
Software libre y software privativo Software libre y software privativo
Software libre y software privativo
 
Blogs en el aprendizaje
Blogs en el aprendizajeBlogs en el aprendizaje
Blogs en el aprendizaje
 
Social watch workshop summary of day 1
Social watch workshop summary of day 1Social watch workshop summary of day 1
Social watch workshop summary of day 1
 
kgl-315 200мвт Зеленая лазерная указка http://www.lasersru.com/kgl-315-200mw-...
kgl-315 200мвт Зеленая лазерная указка http://www.lasersru.com/kgl-315-200mw-...kgl-315 200мвт Зеленая лазерная указка http://www.lasersru.com/kgl-315-200mw-...
kgl-315 200мвт Зеленая лазерная указка http://www.lasersru.com/kgl-315-200mw-...
 
Citar Fuentes electronicas
Citar Fuentes electronicasCitar Fuentes electronicas
Citar Fuentes electronicas
 
03.[슬라이드]브래그피크 v20160224(ch)
03.[슬라이드]브래그피크 v20160224(ch)03.[슬라이드]브래그피크 v20160224(ch)
03.[슬라이드]브래그피크 v20160224(ch)
 
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
 
Instalación de Windows 7 usando virtualbox
Instalación de Windows 7 usando virtualboxInstalación de Windows 7 usando virtualbox
Instalación de Windows 7 usando virtualbox
 
Presentation + Template Samples
Presentation + Template SamplesPresentation + Template Samples
Presentation + Template Samples
 
Escritorio2do
Escritorio2doEscritorio2do
Escritorio2do
 
Trastorno obsesivo compulsivo
Trastorno obsesivo compulsivoTrastorno obsesivo compulsivo
Trastorno obsesivo compulsivo
 
Windows 7, 8 y 10
Windows 7, 8 y 10Windows 7, 8 y 10
Windows 7, 8 y 10
 
Ryan Markel - WordCamp StL 2016 - Code Review
Ryan Markel - WordCamp StL 2016 - Code ReviewRyan Markel - WordCamp StL 2016 - Code Review
Ryan Markel - WordCamp StL 2016 - Code Review
 
IOS Swift Language 3rd tutorial
IOS Swift Language 3rd tutorialIOS Swift Language 3rd tutorial
IOS Swift Language 3rd tutorial
 

Similar to Test versus security @ IEEE Concept

Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...
eSAT Journals
 
Vishwanath rakesh ece 561
Vishwanath rakesh ece 561Vishwanath rakesh ece 561
Vishwanath rakesh ece 561
RAKESH_CSU
 
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREHARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
VLSICS Design
 
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREHARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
VLSICS Design
 
Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...
Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...
Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...
idescitation
 
Final_year_project_documentation
Final_year_project_documentationFinal_year_project_documentation
Final_year_project_documentation
Ushnish Chowdhury
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...
EditorJST
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
David Sweigert
 
SECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATION
SECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATIONSECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATION
SECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATION
Editor IJMTER
 
Secure Checkpointing Approach for Mobile Environment
Secure Checkpointing Approach for Mobile EnvironmentSecure Checkpointing Approach for Mobile Environment
Secure Checkpointing Approach for Mobile Environment
idescitation
 

Similar to Test versus security @ IEEE Concept (20)

Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...Design and implementation of secured scan based attacks on ic’s by using on c...
Design and implementation of secured scan based attacks on ic’s by using on c...
 
Vishwanath rakesh ece 561
Vishwanath rakesh ece 561Vishwanath rakesh ece 561
Vishwanath rakesh ece 561
 
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREHARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
 
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWAREHARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
 
Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...
Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...
Breaching of Ring Oscillator Based Trojan Detection and Prevention in Physica...
 
4.report (cryptography & computer network)
4.report (cryptography & computer network)4.report (cryptography & computer network)
4.report (cryptography & computer network)
 
A05510105
A05510105A05510105
A05510105
 
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation AnalysisA New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
 
Final_year_project_documentation
Final_year_project_documentationFinal_year_project_documentation
Final_year_project_documentation
 
Security technologies
Security technologiesSecurity technologies
Security technologies
 
Firewall
FirewallFirewall
Firewall
 
Verification of Security for Untrusted Third Party IP Cores
Verification of Security for Untrusted Third Party IP CoresVerification of Security for Untrusted Third Party IP Cores
Verification of Security for Untrusted Third Party IP Cores
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetation
 
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointNt1310 Unit 6 Powerpoint
Nt1310 Unit 6 Powerpoint
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
 
publication1
publication1publication1
publication1
 
SECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATION
SECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATIONSECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATION
SECURE ADHOC ROUTING PROTOCOL FOR PRIVACY RESERVATION
 
Secure Checkpointing Approach for Mobile Environment
Secure Checkpointing Approach for Mobile EnvironmentSecure Checkpointing Approach for Mobile Environment
Secure Checkpointing Approach for Mobile Environment
 
CNS UNIT-VI.pptx
CNS UNIT-VI.pptxCNS UNIT-VI.pptx
CNS UNIT-VI.pptx
 

Recently uploaded

Minimalist Orange Portfolio by Slidesgo.pptx
Minimalist Orange Portfolio by Slidesgo.pptxMinimalist Orange Portfolio by Slidesgo.pptx
Minimalist Orange Portfolio by Slidesgo.pptx
balqisyamutia
 
Design-System - FinTech - Isadora Agency
Design-System - FinTech - Isadora AgencyDesign-System - FinTech - Isadora Agency
Design-System - FinTech - Isadora Agency
Isadora Agency
 
怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证
怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证
怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证
eeanqy
 
Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...
Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...
Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...
nirzagarg
 
Abortion Pills in Oman (+918133066128) Cytotec clinic buy Oman Muscat
Abortion Pills in Oman (+918133066128) Cytotec clinic buy Oman MuscatAbortion Pills in Oman (+918133066128) Cytotec clinic buy Oman Muscat
Abortion Pills in Oman (+918133066128) Cytotec clinic buy Oman Muscat
Abortion pills in Kuwait Cytotec pills in Kuwait
 
一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样
一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样
一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样
awasv46j
 
Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...
gajnagarg
 
Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...
Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...
Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...
instagramfab782445
 
Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...
Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...
Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...
Nitya salvi
 
Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...
Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...
Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...
gargpaaro
 
一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证
一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证
一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证
wpkuukw
 
一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证
一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证
一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证
eqaqen
 
Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...
gajnagarg
 

Recently uploaded (20)

Q4-W4-SCIENCE-5 power point presentation
Q4-W4-SCIENCE-5 power point presentationQ4-W4-SCIENCE-5 power point presentation
Q4-W4-SCIENCE-5 power point presentation
 
Minimalist Orange Portfolio by Slidesgo.pptx
Minimalist Orange Portfolio by Slidesgo.pptxMinimalist Orange Portfolio by Slidesgo.pptx
Minimalist Orange Portfolio by Slidesgo.pptx
 
Design-System - FinTech - Isadora Agency
Design-System - FinTech - Isadora AgencyDesign-System - FinTech - Isadora Agency
Design-System - FinTech - Isadora Agency
 
The hottest UI and UX Design Trends 2024
The hottest UI and UX Design Trends 2024The hottest UI and UX Design Trends 2024
The hottest UI and UX Design Trends 2024
 
Hackathon evaluation template_latest_uploadpdf
Hackathon evaluation template_latest_uploadpdfHackathon evaluation template_latest_uploadpdf
Hackathon evaluation template_latest_uploadpdf
 
NO1 Top Pakistani Amil Baba Real Amil baba In Pakistan Najoomi Baba in Pakist...
NO1 Top Pakistani Amil Baba Real Amil baba In Pakistan Najoomi Baba in Pakist...NO1 Top Pakistani Amil Baba Real Amil baba In Pakistan Najoomi Baba in Pakist...
NO1 Top Pakistani Amil Baba Real Amil baba In Pakistan Najoomi Baba in Pakist...
 
怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证
怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证
怎样办理伦敦国王学院毕业证(KCL毕业证书)成绩单留信认证
 
Pondicherry Escorts Service Girl ^ 9332606886, WhatsApp Anytime Pondicherry
Pondicherry Escorts Service Girl ^ 9332606886, WhatsApp Anytime PondicherryPondicherry Escorts Service Girl ^ 9332606886, WhatsApp Anytime Pondicherry
Pondicherry Escorts Service Girl ^ 9332606886, WhatsApp Anytime Pondicherry
 
Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...
Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...
Top profile Call Girls In Mau [ 7014168258 ] Call Me For Genuine Models We ar...
 
Abortion Pills in Oman (+918133066128) Cytotec clinic buy Oman Muscat
Abortion Pills in Oman (+918133066128) Cytotec clinic buy Oman MuscatAbortion Pills in Oman (+918133066128) Cytotec clinic buy Oman Muscat
Abortion Pills in Oman (+918133066128) Cytotec clinic buy Oman Muscat
 
一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样
一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样
一比一原版(WLU毕业证)罗瑞尔大学毕业证成绩单留信学历认证原版一模一样
 
Eye-Catching Web Design Crafting User Interfaces .docx
Eye-Catching Web Design Crafting User Interfaces .docxEye-Catching Web Design Crafting User Interfaces .docx
Eye-Catching Web Design Crafting User Interfaces .docx
 
Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...
Top profile Call Girls In Mysore [ 7014168258 ] Call Me For Genuine Models We...
 
Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...
Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...
Abortion pill for sale in Muscat (+918761049707)) Get Cytotec Cash on deliver...
 
Gamestore case study UI UX by Amgad Ibrahim
Gamestore case study UI UX by Amgad IbrahimGamestore case study UI UX by Amgad Ibrahim
Gamestore case study UI UX by Amgad Ibrahim
 
Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...
Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...
Call Girls In Ratnagiri Escorts ☎️8617370543 🔝 💃 Enjoy 24/7 Escort Service En...
 
Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...
Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...
Mohanlalganj ! Call Girls in Lucknow - 450+ Call Girl Cash Payment 9548273370...
 
一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证
一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证
一比一定(购)滑铁卢大学毕业证(UW毕业证)成绩单学位证
 
一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证
一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证
一比一定(购)西悉尼大学毕业证(WSU毕业证)成绩单学位证
 
Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In eluru [ 7014168258 ] Call Me For Genuine Models We ...
 

Test versus security @ IEEE Concept

  • 2. Agenda  Abstract  Introduction What is Security Testing Purpose of Security Testing Scan-Based Attacks Types of Attacks  Content of Attackers Misuse of Test Interfaces Conclusion References
  • 3. Abstract Cryptographic circuits need to be protected against side- channel attacks, which target their physical attributes while the cryptographic algorithm is in execution. There can be various side-channels, such as power, timing, electromagnetic radiation, fault response, and so on. One such important side- channel is the design-for-testability (DfT) infrastructure present for effective and timely testing of VLSI circuits.The purpose of this paper is to rst present a detailed survey on the state-of- the-art in scan-based side-channel attacks on symmetric and public-key cryptographic hardware implementations, both in the absence and presence of advanced DfT structures, such as test compression and X-masking, which may make the attack diffcult.
  • 4. Introduction Structural testing is one important step in the production of integrated circuits. Indeed, the fabrication of CMOS devices is not a totally controlled process and some of the manufactured Chips may not work properly. Testing is therefore essential to Sort faulty and good circuits and thus ensure the quality of the products. The increasing test cost of new technologies demands the insertion of test-oriented structures early in the integrated circuit (IC) design cycle, which is called Design-for-Testabilit (DfT). These structures aims at improving the testability (mainl the capacity to detect the presence of faults), diagnostics, test time and reducing the number of required test pins.
  • 5. What is Security Testing Security testing is a process to determine that an information system protects data and maintains functionality. To check whether there is any information leakage. To test the application whether it has unauthorized access and having the encoded security code. To finding out all the potential loopholes and weaknesses of the system.
  • 6. Purpose of Security Testing Primary purpose of security testing is to identify the vulnerabilities and subsequently repairing them. Security Testing helps in improving the current system and also helps in ensuring that the system will work for longer time. Security test helps in finding out loopholes that can cause loss of important information.
  • 7. Scan-Based Attacks The insertion of scan chains consists of replacing the flip-flops (FFs) of the design by scan flip-flops (SFFs) and connecting these SFFs into a shift-register, called scan chain. The scan chain is bound to a input pin (scan-in) and to an output pin (scan-out). An extra pin called scan-enable should be added to control the scan chain's data shifting. If the scanenable is set to 0, the SFFs are connected to the circuit to behave as functionally expected (functional mode). When the scan-enable is set to 1, the SFFs are connected to the scan chain, and the bitstream at the scan-in is shifted in while the data stored in the SFFs is shifted out through the scan-out pin.
  • 8. Scan-Based Attacks By controlling the scan-in and scan-enable inputs and observing the scan-out pin, and attacker can observe confidential data or corrupt internal states. Then the below Fig. 1 illustrates the duality between test and security.
  • 9. Types of Attacks: Attack Basic Procedure Attacking Cryptographic Primitives Attacker Model Known Scan-Based Attacks
  • 10. Attack Basic Procedure  As depicted in Fig. 1, the attacker can use the shift operation maliciously, switching from functional to test mode at will.  Even if the attacker uses the shift operation as the test engineer, the attack's procedure is different from the standard test procedure.  For instance, suppose that some of  the flip-flops inserted on the scan chain contain confidential Information .  An observability attack would consist of the following steps: a. reset the circuit b. load the chosen input at the cipher's input c. run part of the encryption d. switch to test e. mode when the intermediate flip-flops contain data related to the secret and shift out the scan contents containing this confidential information f. analyze the observed contents and try to uncover the secret key.
  • 11. Attacking Cryptographic Primitives  The science of coding and decoding messages so as to keep these messages secure. Coding takes place using a key that ideally is known only by the sender and intended recipient of the message.  In computer programming, a primitive is a basic interface or segment of code that can be used to build more sophisticated program elements or interfaces.  The below Fig. 2 shows an example of how the scan- based attacks can compromise the security of symmetric-key or public-key cryptography.
  • 12.  Both symmetric-key and public-key algorithms usually have structures that repeat the same operations for multiple iterations.  The more iterations, the harder for attackers to nd out the secret by only observing the plaintext/input and the ciphertext/output.
  • 13. Attacker Model  In this model we classify into 4 classes.  They are: Class 1: Amateur, Class 2: Expert, Class 3: Insider, Class 4: Expert with advanced equipment
  • 14. Attacker Model  Class 1: Amateur Knows the cipher algorithm implementation, as well as timing diagrams for correctly operating the circuit (this information is usually present in the circuit datasheet).  Class 2: Expert Can uncover design details with the help of DPA or timing analysis, consisting mainly of input/output register buffers and additional registers that may be affected by plaintext (DFF storage elements). These DFFs may complicate the observation of data related to the secret.
  • 15. Attacker Model  Class 3: Insider Knows the correspondence between the circuit flip-flops and their position within the scan chain.  Class 4: Expert with advanced equipment Can remove the chip package and probe internal signals. This is important in cases where the scan chains are disconnected after manufacturing test by means of anti-fuses. This class of attackers can still probe unconnected scan chains.  It must be noted that a Class 3 or 4 attacker have of course all the abilities of the lower class attackers.
  • 16. Known Scan-Based Attacks  The rst scan attack proposed in the literature was conceived to break a Data Encryption Standard (DES) block cipher.  Yang et al. described a two-phase procedure that consists in first finding the position of the intermediate registers in the scan chain, and then retrieving the DES first round key.  In order to find the position, 64 pairs of plaintexts are loaded. Two plaintexts are loaded.  Two plaintexts of any of these pairs have a single-bit difference and each pair has a difference in a different location.  Using the procedure described in subsection II-A, the attacker shifts out internal states when the plaintexts are loaded into the registers that store the intermediate values and then these register's flip-flops are localized.  Then the attacker applies three chosen plaintexts and shifts out the scan data to recover the first round key.
  • 17. Misuse of Test Interfaces  Test interfaces such as JTAG and IEEE 1500 have two security drawbacks:  they make scan-based attacks easier and  They can be used to upload corrupted firmware in non- volatile  memories or read out internal contents.  The first issue comes from the fact that they provide access to individual components(chips on board or cores on SoCs).  It implies that malicious users can apply scan-based attacks on the cryptographic blocks only, which makes the analysis phase of the attack easier.
  • 18. Conclusion In this paper we described two main issues related to the test and security domain: scan-based attacks and misuse of JTAG interfaces. Both threats exploit security issues present in structures that implemented test and debug of digital ICs. To help the understanding of scan-based attacks, we have described the principles of these attacks. Then we presented a survey of the known scan-based attacks so that designers can take them into account when building new circuits. Additionally, we described some well known issues related to the misuse of JTAG and IEEE 1500 test interfaces.
  • 19. References [1] (1994). Federal Information Processing Standards Publication 140-2: Security Requirements for Cryptographic Modules [Online]. Available: http://csrc.nist.gov/publications/ps/ps140-2/ps1402.pdf [2] D. Hely, M.-L. Flottes, F. Bancel, B. Rouzeyre, N. Berard, and M. Renovell, ``Scan design and secure chip [secure IC testing],'' in Proc. 10th IEEE IOLTS, Jul. 2004, pp. 219224. [3] J. Lee, M. Tehranipoor, C. Patel, and J. Plusquellic, ``Securing designs against scan-based side-channel attacks,'' IEEE Trans. Dependable Secure Comput., vol. 4, no. 4, pp. 325336, Oct. 2007. [4] J. Da Rolt, G. Di Natale, M. Flottes, and B. Rouzeyre, ``A novel differential scan attack on advanced DFT structures,'' ACM Trans. Des. Autom. Electron. Syst., vol. 18, no. 4, p. 58, Oct. 2013.
  • 20. Any