Scan Chain Based Side Channel Attack On Aes

Abstract

This report unveils a severe security threat for cryptographic integrated circuits (ICs) that use scan-based design-for-testability (DFT) techniques. Scan chains significantly improve manufacturing test efficiency while also inadvertently creating a seemingly secure-bydesign covert channel for key extraction. Prior differential scan attacks typically focus on some special hamming weight patterns, and thus their effectiveness can be reduced by design tweaks. In this report, we introduce the Co-relation Scan Attack (COSA), a generic attack framework that overcomes these limitations and works equally well irrespective of hamming weight distribution. This increases the attack surface by a significant amount, requiring them to implement a much more secure security measure in design. Results: We have implemented COSA and shown via experiments the practicality of recovering AES secret keys with an average time of 22 us on a standard desktop machine. Its very fast key extraction underlines the need of increased awareness within users and better-planned countermeasures by IC designers