| 卢新元,陈华军,许超,王剑.基于授权机制的抗扫描旁路攻击方法研究[J].高技术通讯(中文),2020,30(9):875~883 |
| 基于授权机制的抗扫描旁路攻击方法研究 |
|
| |
| DOI:doi:10.3772/j.issn.1002-0470.2020.09.001 |
| 中文关键词: 扫描旁路攻击; 密钥; 功能指令; 安全测试模式; 扫描设计 |
| 英文关键词: scan-based attack, cipher key, functional instruction, secure mode, scan design |
| 基金项目: |
|
| 摘要点击次数: 2165 |
| 全文下载次数: 1453 |
| 中文摘要: |
| 研究了针对加密电路的扫描旁路攻击方法和安全扫描设计技术,考虑到现有的安全扫描设计存在故障覆盖率损失或者抵抗攻击性不足的问题,提出一种新的基于授权机制的抗扫描旁路攻击方法。该方法充分利用功能指令序列多样性和高复杂度的特点,通过功能指令序列对测试模式进行授权,将测试模式分为非安全测试模式和安全测试模式。非安全测试模式下,加密电路的密钥被屏蔽,无法通过扫描测试获取。安全测试模式下,加密电路可以进行正常的扫描测试。实验结果表明,采用上述基于授权机制的抗扫描旁路攻击方法的电路后,不仅可以保证安全测试模式下扫描测试故障覆盖率不变,而且非安全测试模式下攻击者无法通过现有的攻击方式获取密钥。同原始电路相比,该方法只需要添加极少的硬件电路,面积开销仅为0.3%。 |
| 英文摘要: |
| The scan-based attacks and secure scan design are studied, and a new method based on authorization mechanism against scan-based side-channel attacks is proposed to avoid the loss in the fault coverage and being vulnerable to attack existing in current methods. The new method makes full use of the diversity and high complexity of the functional instruction sequence, and authorizes the test mode triggered by the functional instruction sequence. The test mode is divided into non-secure mode and secure mode. In the non-secure mode, the key of the encryption circuit is masked and can not be obtained through the scan test. In the secure mode, the encryption circuit can be scan tested normally. The experimental results show that the fault coverage of the circuits with the proposed method based on authorization mechanism against scan-based side-channel attacks remains unchanged in the secure mode and attackers can not decipher the cipher key through the known scan-based attacks in the non-secure mode. The area increases by only 0.3% compared with the original circuits with adding a few hardware circuits. |
|
查看全文
查看/发表评论 下载PDF阅读器 |
| 关闭 |
|
|
|
