AES Design Improvements Towards Information Security Considering Scan Attack

摘要

With the rapid development and globalization of semiconductor industry, data security is becoming a more critical issue for highly confidential devices, especially for cryptography related applications. Advanced Encryption Standard (AES) is widely used for information security. For AES, the most important data are plaintext and keys, which are the targets of attacks. In this paper, AES security vulnerabilities are analyzed first. Information leakage would be a major concern for AES. Hence one of the most common types of attacks that could leak information at the AES implementation, inserted into AES and utilizing scan chains in or around AES to extract keys or plaintext, is discussed. To deal with the attacks and improve AES circuit's information security, one protection, namely Registered Data Obfuscation, is presented. Experiment results show that with the proposed protection, the scan-based attack is invalidated to leak the critical data. Meanwhile, the proposed protection can also disalbe key Trojan attack introduced in [1, 2]. The cost analysis shows that the additional area and power overhead incurred by the proposed protection are 1.09% and 0.46%, respectively.