Scan-based attack against des cryptosystems using scan signatures

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    12 Citations (Scopus)

    Abstract

    With the high integration of LSI in recent years, the importance of design-for-techniques has been increasing. A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains has been attracting attention. In this paper, we propose a scan-based attack method against DES using scan signatures. Our proposed method are based on focusing on particular bit-column-data in a set of scan data and observing their changes when given several plaintexts. We can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 2 48 to 26×8 = 512. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts.

    Original languageEnglish
    Title of host publicationIEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS
    Pages599-602
    Number of pages4
    DOIs
    Publication statusPublished - 2012
    Event2012 IEEE Asia Pacific Conference on Circuits and Systems, APCCAS 2012 - Kaohsiung
    Duration: 2012 Dec 22012 Dec 5

    Other

    Other2012 IEEE Asia Pacific Conference on Circuits and Systems, APCCAS 2012
    CityKaohsiung
    Period12/12/212/12/5

    Fingerprint

    Cryptography
    Side channel attack

    Keywords

    • data encryption standard
    • scan chain
    • scan-based attack
    • side-channel attacks

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering

    Cite this

    Kodera, H., Yanagisawa, M., & Togawa, N. (2012). Scan-based attack against des cryptosystems using scan signatures. In IEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS (pp. 599-602). [6419106] https://doi.org/10.1109/APCCAS.2012.6419106

    Scan-based attack against des cryptosystems using scan signatures. / Kodera, Hirokazu; Yanagisawa, Masao; Togawa, Nozomu.

    IEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS. 2012. p. 599-602 6419106.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Kodera, H, Yanagisawa, M & Togawa, N 2012, Scan-based attack against des cryptosystems using scan signatures. in IEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS., 6419106, pp. 599-602, 2012 IEEE Asia Pacific Conference on Circuits and Systems, APCCAS 2012, Kaohsiung, 12/12/2. https://doi.org/10.1109/APCCAS.2012.6419106
    Kodera H, Yanagisawa M, Togawa N. Scan-based attack against des cryptosystems using scan signatures. In IEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS. 2012. p. 599-602. 6419106 https://doi.org/10.1109/APCCAS.2012.6419106
    Kodera, Hirokazu ; Yanagisawa, Masao ; Togawa, Nozomu. / Scan-based attack against des cryptosystems using scan signatures. IEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS. 2012. pp. 599-602
    @inproceedings{32c29b677b844837a03ecedc9f5b2a5d,
    title = "Scan-based attack against des cryptosystems using scan signatures",
    abstract = "With the high integration of LSI in recent years, the importance of design-for-techniques has been increasing. A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains has been attracting attention. In this paper, we propose a scan-based attack method against DES using scan signatures. Our proposed method are based on focusing on particular bit-column-data in a set of scan data and observing their changes when given several plaintexts. We can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 2 48 to 26×8 = 512. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts.",
    keywords = "data encryption standard, scan chain, scan-based attack, side-channel attacks",
    author = "Hirokazu Kodera and Masao Yanagisawa and Nozomu Togawa",
    year = "2012",
    doi = "10.1109/APCCAS.2012.6419106",
    language = "English",
    isbn = "9781457717291",
    pages = "599--602",
    booktitle = "IEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS",

    }

    TY - GEN

    T1 - Scan-based attack against des cryptosystems using scan signatures

    AU - Kodera, Hirokazu

    AU - Yanagisawa, Masao

    AU - Togawa, Nozomu

    PY - 2012

    Y1 - 2012

    N2 - With the high integration of LSI in recent years, the importance of design-for-techniques has been increasing. A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains has been attracting attention. In this paper, we propose a scan-based attack method against DES using scan signatures. Our proposed method are based on focusing on particular bit-column-data in a set of scan data and observing their changes when given several plaintexts. We can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 2 48 to 26×8 = 512. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts.

    AB - With the high integration of LSI in recent years, the importance of design-for-techniques has been increasing. A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains has been attracting attention. In this paper, we propose a scan-based attack method against DES using scan signatures. Our proposed method are based on focusing on particular bit-column-data in a set of scan data and observing their changes when given several plaintexts. We can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 2 48 to 26×8 = 512. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts.

    KW - data encryption standard

    KW - scan chain

    KW - scan-based attack

    KW - side-channel attacks

    UR - http://www.scopus.com/inward/record.url?scp=84874149005&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84874149005&partnerID=8YFLogxK

    U2 - 10.1109/APCCAS.2012.6419106

    DO - 10.1109/APCCAS.2012.6419106

    M3 - Conference contribution

    AN - SCOPUS:84874149005

    SN - 9781457717291

    SP - 599

    EP - 602

    BT - IEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS

    ER -