Mist-Scan: A Secure Scan Chain Architecture to Resist Scan-Based Attacks in Cryptographic Chips

Since the advent of crypto-chips, side-channel attacks have been always serious threats to hardware cryptographic systems and chips. Side-channel attacks use implementation level weaknesses instead of computational weaknesses to break into cryptographic algorithms and discover the encryption key. Scan chain architecture, which is widely used to facilitate the chips' testability, introduces a new side-channel vulnerability to the chips (so-called scan-based attack). As, standard scan chain architectures e.g., JTAG, Nexus play a key role in the in-field test as well as the required hardware updates of chips, the solution of burning the scan chain out is not acceptable in most of the applications. In this paper, a method called Mist-scan is proposed and evaluated that detects and prevents applied scan-based attacks in the runtime. Using a user authorization mechanism, the chip will work normally for authorized users and output the corresponding responses. However, in the case of non-authorized users, fake outputs will be generated and the attackers access to sensitive information of the crypto-chip will be prevented in a cycle. Simulation results on the DES encryption algorithm indicate that the proposed method retains the chips testability and prevents both differential and signature-based attacks perfectly. This comes at the negligible area cost of less than 0.8%.