Boundary Scan Security Enhancements for a Cryptographic Hardware

  • Maciej Nikodem
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5717)


Boundary scan (JTAG) is a powerful testing scheme that is widely used in nowadays circuits to maintain and verify operation of the hardware. However, JTAG is not used in cryptographic hardware since it may be used to compromise security of the implemented cryptographic algorithm. This paper analyses different solutions proposed to overcome the threat of such attacks, presents requirements that have to be satisfied in order to construct effective security solution, and presents novel proposal that improves security of the boundary scan.


boundary scan IEEE 1149 side-channel attacks countermeasures 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Biham, E., Dunkelman, O.: Cryptanalysis of the A5/1 GSM Stream Cipher. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 43–51. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Goering, R.: Scan Design Called Portal for Hackers, EE Times (October 2004),
  4. 4.
    Gomółkiewicz, M., Tomczak, T., Nikodem, M.: Low-cost and Universal Secure Scan: a Design-for-Test Architecture for Crypto Chips. In: International Conference on Dependability of Computer Systems 2006, May 25-27, pp. 282–288 (2006)Google Scholar
  5. 5.
    Hély, D., Flotters, M.-L., Bancel, F., Rouzeyre, B., Bérard, N.: Scan Design and Secure Chip. In: Proceedings of the International On-Line Testing Symposium, 10th IEEE (IOLTS 2004), July 12-14, p. 219 (2004)Google Scholar
  6. 6.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Lee, J., Tehranipoor, M., Plusquellic, J.: A Low-Cost Solution for Protecting IPs Against Scan-Based Side-Channel Attacks. IEEE Trans. Dependable Sec. Comput. 4(4), 325–336 (2007)CrossRefGoogle Scholar
  8. 8.
    Santos, L., Rela, M.Z.: Constraints on the Use of Boundary-Scan for Fault Injection. Dependable Computing, 39–55 (2003)Google Scholar
  9. 9.
    Sengar, G., Mukhopadhyay, D., Chowdhury, D.R.: Secured Flipped Scan Chain Model for Crypto-architecture. IEEE Trans. on CAD of Integrated Circuits and Systems 26(7), 1331–1339 (2007)CrossRefGoogle Scholar
  10. 10.
    Yang, B., Wu, K., Karri, R.: Scan Based Side Channel Attack on Data Encryption Standard, Cryptology ePrint Archive: Report 2004/083 (2004)Google Scholar
  11. 11.
    Yang, B., Wu, K., Karri, R.: Secure scan: a design-for-test architecture for crypto chips. In: DAC 2005: Proceedings of the 42nd annual conference on Design automation, San Diego, California, USA, pp. 135–140. ACM Press, New York (2005)CrossRefGoogle Scholar
  12. 12.
    IEEE Standard Test Access Port and Boundary-Scan Architecture, June 14. IEEE Computer Society, New York (2001) (reaffirmed 26 March 2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Maciej Nikodem
    • 1
  1. 1.The Institute of Computer Engineering, Control and RoboticsWrocław University of TechnologyWrocławPoland

Personalised recommendations