research-article

Scan-based attack against elliptic curve cryptosystems

Authors:

Masao Yanagisawa,

Tatsuo OhtsukiAuthors Info & Claims

ASPDAC '10: Proceedings of the 2010 Asia and South Pacific Design Automation Conference

Pages 407 - 412

Published: 18 January 2010 Publication History

Abstract

Scan-based attacks are techniques to decipher a secret key using scanned data obtained from a cryptography circuit. Public-key cryptography, such as RSA and elliptic curve cryptosystem (ECC), is extensively used but conventional scan-based attacks cannot be applied to it, because it has a complicated algorithm as well as a complicated architecture. This paper proposes a scan-based attack which enables us to decipher a secret key in ECC. The proposed method is based on detecting intermediate values calculated in ECC. By monitoring the 1-bit sequence in the scan path, we can find out the register position specific to the intermediate value in it and we can know whether this intermediate value is calculated or not in the target ECC circuit. By using several intermediate values, we can decipher a secret key. The experimental results demonstrate that a secret key in a practical ECC circuit can be deciphered using 29 points over the elliptic curve E within 40 seconds.

References

[1]

B. Yang, K. Wu, and R. Karri, "Scan based side channel attack on dedicated hardware implementations of data encryption standard," in Proceedings of the International Test Conference, 2004, pp. 339--344.

Digital Library

[2]

B. Yang, K. Wu, and R. Karri, "Secure scan: a design-for-test architecture for crypto chips," in Proceedings of the 42nd Annual Conference on Design Automation, June 2005, pp. 135--140.

Digital Library

[3]

Ryuta Nara, Nozomu Togawa, Masao Yanagisawa, and Tatsuo Ohtsuki, "A scan-based attack based on discriminators for AES cryptosystems", IEICE Transactions on Fundamentals of Electronics, vol. E92--A, no. 12, pp. --, Dec. 2009.

[4]

J. Lee, M. Tehranipoor, and J. Plusquellic, "A low-cost solution for protecting IPs against scan-based side-channel attacks," in Proceedings of 24th IEEE VLSI Test Symposium, 2006, pp. 94--99.

Digital Library

[5]

M. Doulcier, M. L. Flottes, and B. Rouzeyre, "AES-based BIST: self-test, test pattern generation and signature analysis," in Proceedings of 25th IEEE VLSI Test Symposium, 2007, pp. 94--99.

[6]

S. Paul, R. S. Chakraborty, and S. Bhunia, "Vim-scan: a low overhead scan design approach for protection of secret key in scan-based secure chips," in Proceedings of the 25th IEEE VLSI Test Symmposium, 2007, pp. 455--460.

Digital Library

[7]

Y. Shi, N. Togawa, M. Yanagisawa, and T. Ohtsuki, "A secure test technique for pipelined advanced encryption standard," IEICE Transactions on Information and Systems, vol. E91--D, no. 3, pp. 776--780, March 2008.

Digital Library

[8]

G. Sengar, D. Mukhopadhyay, and D. R. Chowdhury, "Secured flipped scan-chain model for crypto-architecture," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 26, no. 11, pp. 2080--2084, Nov. 2007.

Digital Library

[9]

V. Miller, Ed., H. Williams, "Uses of elliptic curves in cryptography," in Proceedings of the Advances in Cryptology, 1986, pp. 417--426.

Digital Library

[10]

N. Koblitz, "Elliptic curve cryptosystems," Mathematics of Computation, vol. 48, pp. 203--209, 1987.

[11]

L. Song and K. K. Parhi, "Low energy digit-serial/parallel finite field multipliers," IEEE Journal of VLSI Signal Processing, vol. 19, no. 2, pp. 149--166, 1998.

Digital Library

[12]

K. Sakiyama, L. Batina, B. Preneel, and I. Verbauwhede, "Multicore curve-based cryptoprocessor with reconfigurable modular arithmetic logic units over GF(2ⁿ)," IEEE Transactions on Computers, vol. 56, no. 9, pp. 1269--1282, 2007.

Digital Library

[13]

G. Orlando and C. Paar, "A high-performance reconfigurable elliptic curve processor for GF(2^m)," in Proceedings of Workshop on Cryptographic Hardware and Embedded Systems, LNCS 1965, pp. 41--56, 2000.

Digital Library

[14]

R. L. Rivest, A. Shamir, and L. Adelman, "A method for obtaining digital signature and public-key cryptsystems," Communications of the ACM, vol. 21, pp. 120--126, 1978.

Digital Library

[15]

P. L. Montgomery, "Speeding the pollard and elliptic curve methods for factorizations," Mathematics of Computation, vol. 48, pp. 243--264, 1987.

[16]

J.-S. Coron, "Resistance against differential power analysis for elliptic curve cryptosystems," in Proceedings of Workshop on Cryptographic Hardware and Embedded Systems, 1999, pp. 292--302.

Digital Library

[17]

J. López and R. Dahab, "Fast multiplication on elliptic curves over GF(2^m) without precomputation," in Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems, LNCS 1717, pp. 316--327, 1999.

Digital Library

[18]

L. Goubin, "A refined power-analysis attack on elliptic curve cryptosystems," in Proceedings of the International Conference on Theory and Practice of Public-Key Cryptography (PKC), LNCS 2567, pp. 199--211, 2003.

Digital Library

[19]

W. M. Daley and R. G. Kammer, "Digital signature standard (DSS)," Federal Information Processing Standards Publication (FIPS), no. 186--2, 2000.

Cited By

Wang XZhang DHe MSu DTehranipoor M(2018)Secure Scan and Test Using Obfuscation Throughout Supply ChainIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2017.277281737:9(1867-1880)Online publication date: 1-Sep-2018
https://dl.acm.org/doi/10.1109/TCAD.2017.2772817
Cui ALuo YLi HQu G(2017)Why current secure scan designs fail and how to fix them?Integration, the VLSI Journal10.1016/j.vlsi.2016.10.01156:C(105-114)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1016/j.vlsi.2016.10.011
Guo XDutta RJin YFarahmandi FMishra P(2015)Pre-silicon security verification and validationProceedings of the 52nd Annual Design Automation Conference10.1145/2744769.2747939(1-6)Online publication date: 7-Jun-2015
https://dl.acm.org/doi/10.1145/2744769.2747939
Show More Cited By

Recommendations

A Weil Descent Attack against Elliptic Curve Cryptosystems over Quartic Extension Fields

This paper proposes a Weil descent attack against elliptic curve cryptosystems over quartic extension fields. The scenario of the attack is as follows: First, one reduces a DLP on a Weierstrass form over the quartic extention of a finite field k to a ...
Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems

We show that finding an efficiently computable injective homomorphism from the XTR subgroup into the group of points over GF(p<sup>2</sup>) of a particular type of supersingular elliptic curve is at least as hard as solving the Diffie–Hellman problem in ...
Attack on digital multi-signature scheme based on elliptic curve cryptosystem

The concept of multisignature, in which multiple signers can cooperate to sign the same message and any verifier can verify the validity of the multi-signature, was first introduced by Itakura and Nakamura. Several multisignature schemes have been ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ASPDAC '10: Proceedings of the 2010 Asia and South Pacific Design Automation Conference

January 2010

920 pages

ISBN:9781605588377

General Chair:
Youn-Long Lin
National Tsing Hua University

Sponsors

TICD: TICD
SIGDA: ACM Special Interest Group on Design Automation
IEEE CAS

Publisher

IEEE Press

Publication History

Published: 18 January 2010

Check for updates

Qualifiers

Research-article

Conference

ASPDAC '10

Sponsor:

TICD
SIGDA

ASPDAC '10: Asia and South Pacific Design Automation Conference

January 18 - 21, 2010

Taipei, Taiwan

Acceptance Rates

Overall Acceptance Rate 466 of 1,454 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
146
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wang XZhang DHe MSu DTehranipoor M(2018)Secure Scan and Test Using Obfuscation Throughout Supply ChainIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2017.277281737:9(1867-1880)Online publication date: 1-Sep-2018
https://dl.acm.org/doi/10.1109/TCAD.2017.2772817
Cui ALuo YLi HQu G(2017)Why current secure scan designs fail and how to fix them?Integration, the VLSI Journal10.1016/j.vlsi.2016.10.01156:C(105-114)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1016/j.vlsi.2016.10.011
Guo XDutta RJin YFarahmandi FMishra P(2015)Pre-silicon security verification and validationProceedings of the 52nd Annual Design Automation Conference10.1145/2744769.2747939(1-6)Online publication date: 7-Jun-2015
https://dl.acm.org/doi/10.1145/2744769.2747939
Rolt JNatale GFlottes MRouzeyre B(2013)A novel differential scan attack on advanced DFT structuresACM Transactions on Design Automation of Electronic Systems10.1145/250501418:4(1-22)Online publication date: 25-Oct-2013
https://dl.acm.org/doi/10.1145/2505014
Da Rolt JDas ADi Natale GFlottes MRouzeyre BVerbauwhede I(2012)A new scan attack on RSA in presence of industrial countermeasuresProceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design10.1007/978-3-642-29912-4_8(89-104)Online publication date: 3-May-2012
https://dl.acm.org/doi/10.1007/978-3-642-29912-4_8

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten