Scan-based attack against DES and Triple DES cryptosystems using scan signatures

    Research output: Contribution to journalArticle

    2 Citations (Scopus)

    Abstract

    A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains have been attracting attention. In this paper, we propose two scan-based attack methods against DES and Triple DES using scan signatures. Our proposed methods are based on focusing on particular bit-column-data in a set of scan data and observing their changes when giving several plaintexts. Based on this property, we introduce the idea of a scan signature first and apply it to DES cryptosystems. In DES cryptosystems, we can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 248 to 26 × 8 = 512. In Triple DES cryptosystems, three secret keys are used to encrypt plaintexts. Then we retrieve them one by one, using the similar technique as in DES cryptosystems. Although some problems occur when retrieving the second/third secret key, our proposed method effectively resolves them. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts and that of a Triple DES cryptosystem using at most 36 plaintexts.

    Original languageEnglish
    Pages (from-to)572-579
    Number of pages8
    JournalJournal of Information Processing
    Volume21
    Issue number3
    DOIs
    Publication statusPublished - 2013

    Fingerprint

    Cryptography

    Keywords

    • Data encryption standard
    • Scan chain
    • Scan-based attack
    • Side-channel attacks
    • Triple data encryption standard

    ASJC Scopus subject areas

    • Computer Science(all)

    Cite this

    Scan-based attack against DES and Triple DES cryptosystems using scan signatures. / Kodera, Hirokazu; Yanagisawa, Masao; Togawa, Nozomu.

    In: Journal of Information Processing, Vol. 21, No. 3, 2013, p. 572-579.

    Research output: Contribution to journalArticle

    @article{d16ced4a9c364680af17585f9488c63e,
    title = "Scan-based attack against DES and Triple DES cryptosystems using scan signatures",
    abstract = "A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains have been attracting attention. In this paper, we propose two scan-based attack methods against DES and Triple DES using scan signatures. Our proposed methods are based on focusing on particular bit-column-data in a set of scan data and observing their changes when giving several plaintexts. Based on this property, we introduce the idea of a scan signature first and apply it to DES cryptosystems. In DES cryptosystems, we can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 248 to 26 × 8 = 512. In Triple DES cryptosystems, three secret keys are used to encrypt plaintexts. Then we retrieve them one by one, using the similar technique as in DES cryptosystems. Although some problems occur when retrieving the second/third secret key, our proposed method effectively resolves them. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts and that of a Triple DES cryptosystem using at most 36 plaintexts.",
    keywords = "Data encryption standard, Scan chain, Scan-based attack, Side-channel attacks, Triple data encryption standard",
    author = "Hirokazu Kodera and Masao Yanagisawa and Nozomu Togawa",
    year = "2013",
    doi = "10.2197/ipsjjip.21.572",
    language = "English",
    volume = "21",
    pages = "572--579",
    journal = "Journal of Information Processing",
    issn = "0387-5806",
    publisher = "Information Processing Society of Japan",
    number = "3",

    }

    TY - JOUR

    T1 - Scan-based attack against DES and Triple DES cryptosystems using scan signatures

    AU - Kodera, Hirokazu

    AU - Yanagisawa, Masao

    AU - Togawa, Nozomu

    PY - 2013

    Y1 - 2013

    N2 - A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains have been attracting attention. In this paper, we propose two scan-based attack methods against DES and Triple DES using scan signatures. Our proposed methods are based on focusing on particular bit-column-data in a set of scan data and observing their changes when giving several plaintexts. Based on this property, we introduce the idea of a scan signature first and apply it to DES cryptosystems. In DES cryptosystems, we can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 248 to 26 × 8 = 512. In Triple DES cryptosystems, three secret keys are used to encrypt plaintexts. Then we retrieve them one by one, using the similar technique as in DES cryptosystems. Although some problems occur when retrieving the second/third secret key, our proposed method effectively resolves them. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts and that of a Triple DES cryptosystem using at most 36 plaintexts.

    AB - A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains have been attracting attention. In this paper, we propose two scan-based attack methods against DES and Triple DES using scan signatures. Our proposed methods are based on focusing on particular bit-column-data in a set of scan data and observing their changes when giving several plaintexts. Based on this property, we introduce the idea of a scan signature first and apply it to DES cryptosystems. In DES cryptosystems, we can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 248 to 26 × 8 = 512. In Triple DES cryptosystems, three secret keys are used to encrypt plaintexts. Then we retrieve them one by one, using the similar technique as in DES cryptosystems. Although some problems occur when retrieving the second/third secret key, our proposed method effectively resolves them. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts and that of a Triple DES cryptosystem using at most 36 plaintexts.

    KW - Data encryption standard

    KW - Scan chain

    KW - Scan-based attack

    KW - Side-channel attacks

    KW - Triple data encryption standard

    UR - http://www.scopus.com/inward/record.url?scp=84880173238&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84880173238&partnerID=8YFLogxK

    U2 - 10.2197/ipsjjip.21.572

    DO - 10.2197/ipsjjip.21.572

    M3 - Article

    VL - 21

    SP - 572

    EP - 579

    JO - Journal of Information Processing

    JF - Journal of Information Processing

    SN - 0387-5806

    IS - 3

    ER -