Journal of Cryptographic Engineering

, Volume 8, Issue 4, pp 327–340 | Cite as

Scan-based side channel attack on stream ciphers and its prevention

  • Sandip KarmakarEmail author
  • Dipanwita Roy Chowdhury
Regular Paper


Scan chains, a design for testability feature, are included in most modern-day ICs. But, it opens a side channel for attacking cryptographic chips. We propose a methodology by which we can recover internal states of any stream cipher using scan chains. We consider conventional scan chain design which is normally not scrambled or protected in any other way. In this scenario, the challenge of the adversary is to obtain the correspondence of output of the scan chain and the internal state registers of the stream cipher. We present a mathematical model of the attack and the correspondence between the scan chain-outputs and the internal state bits have been proved under this model. We propose an algorithm that through offline and online simulation forms bijection between the above-mentioned sets and thus finds the required correspondence. We also give an estimate of the number of offline simulations necessary for finding the correspondence. The proposed strategy is successfully applied to eStream hardware based winners MICKEY-128 2.0, Trivium and Grain-128.


Scan attack eStream winners Side channel attack Grain-128 Trivium MICKEY-128 2.0 


  1. 1.
    Agrawal, M., Karmakar, S., Saha, D., Mukhopadhayay, D.: Scan based side channel attacks on stream ciphers and their counter-measures. Prog. Cryptol. INDOCRYPT 2008 5368/2008, 226–238 (2008)Google Scholar
  2. 2.
    Arslan, B., Orailoglu, A.: Circularscan: A scan architecture for test cost reduction. In: DATE 2002 (2004)Google Scholar
  3. 3.
    Babbage, S., Canniere, C.D., Canteaut, A., Cid, C., Gilbert, H., Johansson, T., Parker, M., Preneel, B., Rijmen, V., Robshaw, M.: The eSTREAM portfolio. (2009). Accessed 10 June 2016
  4. 4.
    Babbage, S., Dodd, M.: The stream cipher MICKEY 2.0. eSTREAM, ECRYPT stream cipher project, vol. 2006 (2006)Google Scholar
  5. 5.
    Berzati, A., Canovas, C., Castagnos, G., Debraize, B., Goubin, L., Gouget, A., Paillier, P., Salgado, S.: Fault analysis of GRAIN-128. In: IEEE International Workshop on Hardware-Oriented Security and Trust, vol. 0, pp. 7–14 (2009)Google Scholar
  6. 6.
    Canniere, C.D., Preneel, B.: TRIVIUM specifications. eSTREAM, ECRYPT stream cipher project (2006)Google Scholar
  7. 7.
    Chaudhuri, P.P., Chowdhury, D.R., Nandi, S., Chattopadhyay, S.: A Brief Survey. Additive Cellular Automata—Theory and Applications. IEEE, Los Alamitos (1997)Google Scholar
  8. 8.
    Hell, M., Johansson, T., Meier, W.: A stream cipher proposal: Grain-128. eSTREAM, ECRYPT stream cipher project, vol. 2006 (2006)Google Scholar
  9. 9.
    Hely, D., Bancel, F., Flottes, M.L., Rouzeyre, B.: Test control for secure scan designs. In: Proceedings of the 10th IEEE European Symposium on Test, ETS 2005, pp. 190–195. Washington (2005)Google Scholar
  10. 10.
    Hely, D., Bancel, F., Flottes, M.L., Rouzeyre, B.: A secure scan design methodology. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE 2006, pp. 1177–1178. 3001 Leuven (2006)Google Scholar
  11. 11.
    Hely, D., Bancel, F., Flottes, M.L., Rouzeyre, B.: Secure scan techniques: a comparison. In: Proceedings of the 12th IEEE International Symposium on On-Line Testing, IOLTS 2006, pp. 119–124. Washington (2006)Google Scholar
  12. 12.
    Hely, D., Flottes, M.L., Bancel, F., Rouzeyre, B., Berard, N., Renovell, M.: Scan design and secure chip. In: Proceedings of the 10th IEEE International On-Line Testing Symposium, IOLTS 2004, p. 219. Washington (2004)Google Scholar
  13. 13.
    Karmakar, S., Mukhopadhyay, D., Chowdhury, D.R.: d-monomial tests on cellular automata for cryptographic design. In: ACRI 2010 (2010)Google Scholar
  14. 14.
    Karmakar, S., Mukhopadhyay, D., Chowdhury, D.R.: CAVium-strengthening Trivium using cellular automata. J. Cell. Autom. 7, 179 (2011)MathSciNetzbMATHGoogle Scholar
  15. 15.
    Lee, J., Tehranipoor, M., Patel, C., Plusquellic, J.: Securing scan design using lock and key technique. In: Proceedings of the 20th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, DFT 2005, pp. 51–62. Washington (2005)Google Scholar
  16. 16.
    Liu, Y., Wu, K., Karri, R.: Scan-based attacks on linear feedback shift register based stream ciphers. ACM Trans. Des. Autom. Electron. Syst. 16(2), 20:1–20:15 (2011). CrossRefGoogle Scholar
  17. 17.
    Mukhopadhyay, D., Banerjee, S., Chowdhury, D.R., Bhattacharya, B.B.: Cryptoscan: a secured scan chain architecture. In: Proceedings of the 14th Asian Test Symposium on Asian Test Symposium, ATS 2005, pp. 348–353. Washington (2005)Google Scholar
  18. 18.
    Paterson, K.G., Blackburn, S.R., Murphy, S.: Comments to theory and applications of cellular automata in cryptography. IEEE Trans. Comput. 46(5), 637 (1997)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Rolt, J.D., Natale, G.D., Flottes, M.L., Rouzeyre, B.: A novel differential scan attack on advanced DFT structures. ACM Trans. Des. Autom. Electron. Syst. 18(4), 58:1–58:22 (2013). CrossRefGoogle Scholar
  20. 20.
    Saarinen, M.O.: Chosen-IV statistical attacks on eSTREAM stream ciphers. Accessed 10 June 2016
  21. 21.
    Sengar, G., Mukhopadhyay, D., Chowdhury, D.R.: Secured flipped scan-chain model for crypto-architecture. IEEE Trans. CAD Integr. Circuits Syst. 26(11), 2080–2084 (2007)CrossRefGoogle Scholar
  22. 22.
    The eSTREAM project. (2004). Accessed 10 June 2016
  23. 23.
    Wolfram, S.: Random sequence generation by cellular automata. Adv. Appl. Math. 7, 123–169 (1986)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Yang, B., Wu, K., Karri, R.: Scan based side channel attack on dedicated hardware implementations of data encryption standard. In: Proceedings of the International Test Conference, ITC 2004, pp. 339–344. Washington (2004)Google Scholar
  25. 25.
    Yang, B., Wu, K., Karri, R.: Secure scan: a design-for-test architecture for crypto chips. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 25(10), 2287–2293 (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2017

Authors and Affiliations

  1. 1.Indian Institute of Information Technology KalyaniNadiaIndia
  2. 2.Indian Institute of Technology KharagpurKharagpurIndia

Personalised recommendations