GF-Flush: A GF(2) Algebraic Attack on Secure Scan Chains
Scan chains provide increased controllability and observability for testing digital circuits. The increased testability, however, can also be a source of information leakage for sensitive designs. The state-of-the-art defenses to secure scan chains apply dynamic keys to pseudo-randomly invert the sc...
Gespeichert in:
Hauptverfasser: | , , |
---|---|
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Scan chains provide increased controllability and observability for testing
digital circuits. The increased testability, however, can also be a source of
information leakage for sensitive designs. The state-of-the-art defenses to
secure scan chains apply dynamic keys to pseudo-randomly invert the scan
vectors. In this paper, we pinpoint an algebraic vulnerability of these dynamic
defenses that involves creating and solving a system of linear equations over
the finite field GF(2). In particular, we propose a novel GF(2)-based flush
attack that breaks even the most rigorous version of state-of-the-art dynamic
defenses. Our experimental results demonstrate that our attack recovers the key
as long as 500 bits in less than 7 seconds, the attack times are about one
hundredth of state-of-the-art SAT based attacks on the same defenses. We then
demonstrate how our attacks can be extended to scan chains compressed with
Multiple-Input Signature Registers (MISRs). |
---|---|
DOI: | 10.48550/arxiv.2101.12279 |