TWI727308B - Dynamic-key defense structure for testing circuit and method thereof - Google Patents

Dynamic-key defense structure for testing circuit and method thereof Download PDF

Info

Publication number
TWI727308B
TWI727308B TW108113437A TW108113437A TWI727308B TW I727308 B TWI727308 B TW I727308B TW 108113437 A TW108113437 A TW 108113437A TW 108113437 A TW108113437 A TW 108113437A TW I727308 B TWI727308 B TW I727308B
Authority
TW
Taiwan
Prior art keywords
key
scan
generation module
electrically connected
dynamic
Prior art date
Application number
TW108113437A
Other languages
Chinese (zh)
Other versions
TW202040401A (en
Inventor
李昆忠
吳家騏
郭蔓萱
Original Assignee
國立成功大學
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 國立成功大學 filed Critical 國立成功大學
Priority to TW108113437A priority Critical patent/TWI727308B/en
Publication of TW202040401A publication Critical patent/TW202040401A/en
Application granted granted Critical
Publication of TWI727308B publication Critical patent/TWI727308B/en

Links

Images

Landscapes

  • Tests Of Electronic Circuits (AREA)
  • Test And Diagnosis Of Digital Computers (AREA)

Abstract

The present invention relates to a dynamic-key defense structure for testing circuit and a method thereof. The structure comprises a scan chain set, a dynamic-key generating module, a key checking logic unit, a fake response generating module and a controller. The method comprises receiving test vectors by scan chains of the scan chain set, and generating different keys by the dynamic-key generating module based on the test vectors; and comparing the test vector with the key by the key checking logic unit to determine whether the test vector input is legal or illegal. Therefore, the present invention provides a dynamic key generation technique to achieve a higher security level, and the key is not stored in a memory in advance, so that the attacker cannot obtain the key by attacking the memory.

Description

測試電路之動態密鑰防禦架構與方法Dynamic key defense structure and method of test circuit

本發明係有關於一種測試電路之動態密鑰防禦架構與方法,尤其係指能夠隨著輸入之測試向量的不同,而產生不同之密鑰的架構與方法,經過比對後,即可知道輸入的測試向量是否為安全之向量,以達到對掃描攻擊進行防禦的功效。The present invention relates to a dynamic key defense architecture and method for a test circuit, and especially refers to a structure and method that can generate different keys with different input test vectors. After comparison, the input can be known. Whether the test vector of is a safe vector to achieve the effect of defending against scanning attacks.

按,沒有任何防護措施的電子系統測試電路可能會遭有心人士利用以竊取電子系統內部的機密資料,例如用於加密的密鑰或是電路設計內容,甚至侵入電子系統造成系統損毀,而造成公司或是使用者龐大損失。一般攻擊方式分為掃描旁道攻擊(Scan-based side channel attack)與記憶體攻擊(Memory attack)兩種;掃描旁道攻擊是一種基於掃描架構並且利用其特性所達成的攻擊方式,此攻擊利用了掃描設計的可觀察性(observability)及可控制性(controllability),利用其存取電路內部資訊的功能來進入到電路內部去取得裡面的機密數據。By the way, the electronic system test circuit without any protective measures may be used by interested parties to steal confidential information inside the electronic system, such as the encryption key or circuit design content, or even intrude into the electronic system to cause system damage and cause the company Or huge losses for users. General attack methods are divided into two types: Scan-based side channel attack and Memory attack; Scan-based side channel attack is an attack method based on scanning architecture and using its characteristics. This attack uses In order to achieve the observability and controllability of the scanning design, use its function of accessing the internal information of the circuit to enter the circuit to obtain the confidential data inside.

記憶體攻擊主要為冷啟動攻擊(Cold boot attack),冷啟動攻擊利用了動態隨機存取記憶體(DRAM) 衰減(decay)的特性,將攻擊者可控制之輕量級作業系統連接到目標上並且重新啟動系統,在記憶體內部機密資料尚未消失前將其讀出並且分析,因為此種攻擊屬於較直接的物理攻擊(physical attacks)方式,所以很難從軟體進行防禦,通常需要由硬體方面著手。Memory attacks are mainly cold boot attacks. Cold boot attacks use the decay characteristics of dynamic random access memory (DRAM) to connect a lightweight operating system that the attacker can control to the target. And restart the system, read out and analyze the confidential data in the memory before it disappears. Because this kind of attack is a more direct physical attack method, it is difficult to defend from software and usually requires hardware. To proceed.

目前防禦掃描架構攻擊可分三種防禦方法;第一種是在製造測試(manufacturing test)後直接切斷或燒斷對於掃描架構的連接,然而此種方法無法執行現場測試(in field test);第二種是限制使用者可觀察的資料,使攻擊者只能觀察到最終結果,不過此種方法會降低診斷(diagnosis)的能力;第三種為混淆或是更改測試架構,例如將電路中的密鑰暫存器(key register)以鏡像密鑰暫存器(Mirror key register)替換掉,使真正的密鑰暫存器沒有包含在掃描鏈中。當電路在安全模式下,鏡像密鑰暫存器會加載密鑰資料,若使用者輸入的密鑰正確,真正的密鑰才會被讀入,並且在重置之前不能掃描鏡像密鑰暫存器的內容。從安全模式切換至非安全模式有兩種方法,一種方法是透過增加一個可以通過測試模式選擇(Test mode select)的安全模式新指令,並將電路驅動為安全模式,如此在電路重置或斷電之前,不會發生從安全模式到不安全模式的轉換。另一種方法是設計一個安全控制電路,當電路通電時,觸發器的初始值為0,一旦通過專用引腳接收到高脈衝安全模式的訊號,觸發器的輸出即變為1,使所有信號被驅動到對應於安全模式的值,如此,將會屏蔽掉任何來自安全模式腳位的任何輸入值,以將電路保持在安全模式,直到電路重置或斷電,而此種方法的缺點為測試覆蓋率(Test coverage)會下降。另亦可改變掃描鏈的連接方式,在真正的密鑰被輸入後,才會將正確的掃描鏈連接順序讀入;At present, there are three defense methods to defend against scanning architecture attacks; the first is to cut or burn the connection to the scanning architecture directly after manufacturing test (manufacturing test), but this method cannot perform in-field test (in field test); The second is to restrict the user's observable data so that the attacker can only observe the final result, but this method will reduce the ability to diagnose (diagnosis); the third is to confuse or change the test structure, such as changing the test structure in the circuit The key register is replaced with the Mirror key register, so that the real key register is not included in the scan chain. When the circuit is in safe mode, the mirror key register will load the key data. If the key entered by the user is correct, the real key will be read in, and the mirror key register cannot be scanned before resetting The content of the device. There are two ways to switch from the safe mode to the non-safe mode. One method is to add a new safe mode command that can pass the test mode select (Test mode select) and drive the circuit to the safe mode, so that the circuit is reset or disconnected. Before powering up, the transition from safe mode to unsafe mode will not occur. Another method is to design a safety control circuit. When the circuit is energized, the initial value of the trigger is 0. Once the high-pulse safety mode signal is received through a dedicated pin, the output of the trigger becomes 1 so that all signals are Drive to the value corresponding to the safe mode. In this way, any input value from the safe mode pin will be shielded to keep the circuit in safe mode until the circuit is reset or power off. The disadvantage of this method is testing. Coverage rate (Test coverage) will drop. You can also change the connection mode of the scan chain. After the real key is entered, the correct scan chain connection sequence will be read in;

又,混淆或是更改測試架構的防禦方法還有Dummy正反器(Dummy flip-flops)的方式,首先設計者會***一些額外的正反器(flip-flops),接下來將正確的密鑰加入在每一筆測試向量中對應的位置,以及將金鑰儲存於密鑰確認的部分中,當密鑰與金鑰比對正確的話,就可以輸出正確的測試響應,比對錯誤的話就會產生其他的輸出。然而,以上介紹的防禦方法皆有一個共同的缺點,就是掃描架構中僅儲存一組密鑰,係屬於靜態的密鑰,如此,攻擊者可以簡單的使用暴力猜測攻擊(brute force guessing attack)的方式去破解密鑰。In addition, the defense method of obfuscating or changing the test structure is the Dummy flip-flops method. First, the designer will insert some additional flip-flops, and then the correct key Add the corresponding position in each test vector and store the key in the key confirmation part. When the key is compared with the key correctly, the correct test response can be output, and if the comparison is wrong, it will be generated Other output. However, the defense methods introduced above all have a common shortcoming, that is, only a set of keys are stored in the scanning architecture, which are static keys. In this way, the attacker can simply use brute force guessing attacks. Way to crack the key.

爰此,如何提供一種能夠抵擋掃描攻擊的防禦架構與防禦方法,使測試電路內的機密資料不會被竊取,實為欲達到較高安全層級之必要技術。In this regard, how to provide a defense architecture and defense method that can withstand scanning attacks so that the confidential data in the test circuit will not be stolen, which is a necessary technology to achieve a higher level of security.

今,發明人即是鑑於上述現有之測試電路之防禦架構與防禦方法於實際實施使用時仍具有多處缺失,於是乃一本孜孜不倦之精神,並藉由其豐富專業知識及多年之實務經驗所輔佐,而加以改善,並據此研創出本發明。Today, the inventor is based on the fact that the defense architecture and defense methods of the above-mentioned existing test circuit still have many deficiencies in actual implementation and use, so he is a tireless spirit, and is based on his rich professional knowledge and years of practical experience. Assist, and improve, and based on this research and creation of the present invention.

本發明主要目的為提供一種測試電路之動態密鑰防禦架構與方法,其隨著輸入之測試向量的不同,而產生不同的密鑰,係屬於一種動態的密鑰,而再經過比對後,即可知道輸入的測試向量是否為安全之向量,以決定要輸出正確的響應或是偽響應。The main purpose of the present invention is to provide a dynamic key defense architecture and method for a test circuit, which generates different keys with different input test vectors, which belong to a dynamic key, and after comparison, You can know whether the input test vector is a safe vector to determine whether to output a correct response or a false response.

為了達到上述實施目的,本發明一種測試電路之動態密鑰防禦架構,其包含有一掃描鏈組,係具有複數個掃描鏈,每一個掃描鏈其一端為一掃描輸入,另一端為一掃描輸出,掃描輸入接收一測試向量之輸入;一動態密鑰產生模組(Dynamic Key Generator),係電性連接掃描鏈組,並接收來自掃描輸入之測試向量之輸入;一密鑰確認邏輯單元(Key Checking Logic),係電性連接動態密鑰產生模組與掃描鏈組;一偽響應產生模組(Fake Response Generator),係電性連接動態密鑰產生模組與密鑰確認邏輯單元;以及一控制器,係電性連接動態密鑰產生模組、密鑰確認邏輯單元與偽響應產生模組。In order to achieve the above-mentioned implementation objectives, a dynamic key defense architecture for a test circuit of the present invention includes a scan chain group, which has a plurality of scan chains, and each scan chain has a scan input at one end and a scan output at the other end. Scan input receives the input of a test vector; a dynamic key generator module (Dynamic Key Generator), which is electrically connected to the scan chain group, and receives the input of the test vector from the scan input; a key verification logic unit (Key Checking) Logic), which is electrically connected to the dynamic key generation module and the scan chain group; a fake response generator (Fake Response Generator), which is electrically connected to the dynamic key generation module and the key confirmation logic unit; and a control The device is electrically connected with the dynamic key generation module, the key confirmation logic unit and the pseudo response generation module.

於本發明之一實施例中,掃描鏈組之各個掃描鏈之掃描輸入係選擇性電性連接至一輸入解壓縮器之輸出、掃描鏈組之各個掃描鏈之掃描輸出係選擇性電性連接至一輸出壓縮器之輸入。In an embodiment of the present invention, the scan input of each scan chain of the scan chain group is selectively electrically connected to the output of an input decompressor, and the scan output of each scan chain of the scan chain group is selectively electrically connected Input to an output compressor.

於本發明之一實施例中,複數個掃描鏈係由複數個正反器串聯組成,其可由使用者任意選出複數個密鑰正反器(Key flip-flops, KFFs)。In an embodiment of the present invention, a plurality of scan chains are composed of a plurality of flip-flops in series, and the user can select a plurality of key flip-flops (KFFs) at will.

於本發明之一實施例中,動態密鑰產生模組係包含有一改良線性反饋移位暫存器(Modified-LFSR)與一電性連接改良線性反饋移位暫存器之觸發邏輯(Trigger Logic)單元。In one embodiment of the present invention, the dynamic key generation module includes a modified linear feedback shift register (Modified-LFSR) and a trigger logic (Trigger Logic) electrically connected to the modified linear feedback shift register. )unit.

於本發明之一實施例中,密鑰確認邏輯單元係包含有複數個互斥或閘、一電性連接複數個互斥或閘之及閘與一電性連接及閘之D正反器(D flip-flop)。In an embodiment of the present invention, the key confirmation logic unit includes a plurality of mutually exclusive OR gates, an AND gate electrically connected to a plurality of mutually exclusive OR gates, and a D flip-flop ( D flip-flop).

於本發明之一實施例中,偽響應產生模組係包含有一電性連接動態密鑰產生模組之計數器、一電性連接計數器與掃描鏈組之多工器以及一電性連接多工器與動態密鑰產生模組之互斥或閘。In an embodiment of the present invention, the pseudo-response generation module includes a counter electrically connected to the dynamic key generation module, a multiplexer electrically connected to the counter and scan chain group, and an electrical connection multiplexer Mutually exclusive or gate with dynamic key generation module.

另,本發明又提供一種測試電路之動態密鑰防禦方法,其步驟包含有步驟一:於一掃描鏈組之複數個掃描鏈中選取複數個密鑰正反器(Key flip-flops, KFFs);步驟二:將一測試向量之一種子輸入至掃描鏈組之複數個掃描鏈與一動態密鑰產生模組中,而測試向量同時會傳入複數個掃描鏈;步驟三:測試向量依序被輸入至複數個掃描鏈,直到測試向量完全輸入至掃描鏈後,動態密鑰產生模組產生出一密鑰,一控制器會送出比對訊號至一密鑰確認邏輯單元(Key Checking Logic);以及步驟四:當密鑰確認邏輯單元比對複數個密鑰正反器內之測試向量與動態密鑰產生模組的密鑰相同時,即輸出正確的響應,若比對結果錯誤,一偽響應產生模組即輸出偽響應。In addition, the present invention also provides a dynamic key defense method for a test circuit, the steps of which include step one: selecting a plurality of key flip-flops (KFFs) from a plurality of scan chains in a scan chain group ; Step 2: Input a seed of a test vector into a plurality of scan chains of the scan chain group and a dynamic key generation module, and the test vector will be passed into a plurality of scan chains at the same time; Step 3: Test vectors in sequence It is input to a plurality of scan chains until the test vector is completely input to the scan chain, the dynamic key generation module generates a key, and a controller sends a comparison signal to a key checking logic unit (Key Checking Logic) ; And Step 4: When the key confirmation logic unit compares the test vector in the multiple key flip-flops with the key of the dynamic key generation module, the correct response is output. If the comparison result is wrong, one The pseudo-response generation module outputs a pseudo-response.

於本發明另一實施例中,掃描鏈組進一步具有一掃描輸入、一掃描輸出、一選擇性電性連接掃描輸入之解壓縮器以及一選擇性電性連接複數個掃描鏈與掃描輸出之壓縮器。In another embodiment of the present invention, the scan chain group further has a scan input, a scan output, a decompressor selectively electrically connected to the scan input, and a compressor selectively electrically connected to a plurality of scan chains and the scan output Device.

於本發明另一實施例中,動態密鑰產生模組係包含有一改良線性反饋移位暫存器(Modified-LFSR)與一電性連接改良線性反饋移位暫存器之觸發邏輯(Trigger Logic)單元,觸發邏輯單元即負責將測試向量之種子輸入至改良線性反饋移位暫存器。In another embodiment of the present invention, the dynamic key generation module includes a modified linear feedback shift register (Modified-LFSR) and a trigger logic (Trigger Logic) electrically connected to the modified linear feedback shift register. ) Unit, the trigger logic unit is responsible for inputting the seed of the test vector to the improved linear feedback shift register.

於本發明另一實施例中,密鑰確認邏輯單元係包含有複數個互斥或閘、一電性連接複數個互斥或閘之及閘與一電性連接及閘之D正反器(D flip-flop)。In another embodiment of the present invention, the key confirmation logic unit includes a plurality of mutually exclusive OR gates, an AND gate electrically connected to a plurality of mutually exclusive OR gates, and a D flip-flop ( D flip-flop).

於本發明另一實施例中,偽響應產生模組係包含有一電性連接動態密鑰產生模組之計數器、一電性連接計數器與掃描鏈組之多工器以及一電性連接多工器與動態密鑰產生模組之互斥或閘。In another embodiment of the present invention, the pseudo-response generation module includes a counter electrically connected to the dynamic key generation module, a multiplexer electrically connected to the counter and scan chain group, and an electrical connection multiplexer Mutually exclusive or gate with dynamic key generation module.

本發明之目的及其結構功能上的優點,將依據以下圖面所示之結構,配合具體實施例予以說明,俾使審查委員能對本發明有更深入且具體之瞭解。The purpose of the present invention and its structural and functional advantages will be described based on the structure shown in the following drawings and specific embodiments, so that the review committee can have a deeper and specific understanding of the present invention.

請參閱第一圖~第五圖,本發明一種測試電路之動態密鑰防禦架構,其包含有一掃描鏈組(1),具有複數個掃描鏈(11),係由複數個正反器(12)串聯組成,使用者可從中任意選出複數個密鑰正反器(13),每一個掃描鏈(11)其一端為一掃描輸入(111),另一端為一掃描輸出(112),掃描輸入(111)接收一測試向量(2)之輸入,而各個掃描鏈(11)之掃描輸入(111)可選擇性電性連接至一習用之輸入解壓縮器(7)之輸出或是直接接收測試向量(2),掃描鏈組(1)之各個掃描鏈(11)之掃描輸出(112)可選擇性電性連接至一習用之輸出壓縮器(8)之輸入或是不經壓縮後直接輸出;一動態密鑰產生模組(3),係電性連接掃描鏈組(1),並接收來自掃描輸入(111)之測試向量(2)之輸入,其包含有一改良線性反饋移位暫存器(31)與一電性連接改良線性反饋移位暫存器(31)之觸發邏輯單元(32);一密鑰確認邏輯單元(4),係電性連接動態密鑰產生模組(3)與掃描鏈組(1),其包含有複數個互斥或閘(41)、一電性連接複數個互斥或閘(41)之及閘(42)與一電性連接及閘(42)之D正反器(43);一偽響應產生模組(5),係電性連接動態密鑰產生模組(3)與密鑰確認邏輯單元(4),其包含有一電性連接動態密鑰產生模組(3)之計數器(51)、一電性連接計數器(51)與掃描鏈組(1)之多工器(52)以及一電性連接多工器(52)與動態密鑰產生模組(3)之互斥或閘(53);以及一控制器(6),係電性連接動態密鑰產生模組(3)、密鑰確認邏輯單元(4)與偽響應產生模組(5)。Please refer to the first to fifth figures, a dynamic key defense architecture of the test circuit of the present invention, which includes a scan chain group (1), has a plurality of scan chains (11), is composed of a plurality of flip-flops (12) ) Series composition, the user can select multiple key flip-flops (13) arbitrarily, each scan chain (11) has a scan input (111) at one end, and a scan output (112) at the other end, scan input (111) Receive the input of a test vector (2), and the scan input (111) of each scan chain (11) can be selectively electrically connected to the output of a conventional input decompressor (7) or directly receive the test Vector (2), the scan output (112) of each scan chain (11) of the scan chain group (1) can be selectively electrically connected to the input of a conventional output compressor (8) or directly output without compression ; A dynamic key generation module (3), which is electrically connected to the scan chain group (1), and receives the input of the test vector (2) from the scan input (111), which includes an improved linear feedback shift register The device (31) is electrically connected to the trigger logic unit (32) of the improved linear feedback shift register (31); a key confirmation logic unit (4) is electrically connected to the dynamic key generation module (3) ) And scan chain group (1), which includes a plurality of mutually exclusive OR gates (41), an AND gate (42) electrically connected to a plurality of mutually exclusive OR gates (41), and an electrical connection and gate (42) ) D flip-flop (43); a pseudo-response generation module (5), which is electrically connected to the dynamic key generation module (3) and the key confirmation logic unit (4), which includes an electrical connection dynamic The counter (51) of the key generation module (3), an electrical connection counter (51) and the multiplexer (52) of the scan chain group (1), and an electrical connection multiplexer (52) and dynamic encryption The mutual exclusion or gate (53) of the key generation module (3); and a controller (6) which are electrically connected to the dynamic key generation module (3), the key confirmation logic unit (4) and the pseudo response generation Module (5).

另,本發明根據前述測試電路之動態密鑰防禦架構,亦提供一種測試電路之動態密鑰防禦方法,其步驟包含有步驟一:於一掃描鏈組(1)之複數個掃描鏈(11)中選取複數個密鑰正反器(13);步驟二:將一測試向量(2)之一種子輸入至掃描鏈組(1)之複數個掃描鏈(11)與一動態密鑰產生模組(3)中,而測試向量(2)同時會傳入複數個掃描鏈(11);步驟三:測試向量(2)依序被輸入至複數個掃描鏈(11),直到測試向量(2)完全輸入至掃描鏈(11)後,動態密鑰產生模組(3)產生出一密鑰,一控制器(6)會送出比對訊號至一密鑰確認邏輯單元(4);以及步驟四:當密鑰確認邏輯單元(4)比對複數個密鑰正反器(13)內之測試向量(2)與動態密鑰產生模組(3)的密鑰相同時,即輸出正確的響應,若比對結果錯誤,偽響應產生模組(5)即輸出偽響應。In addition, the present invention also provides a dynamic key defense method for a test circuit based on the aforementioned dynamic key defense architecture of the test circuit. The steps include step one: a plurality of scan chains (11) in a scan chain group (1) Select a plurality of key flip-flops (13); Step 2: Input a seed of a test vector (2) into a plurality of scan chains (11) of the scan chain group (1) and a dynamic key generation module (3), and the test vector (2) will be passed into a plurality of scan chains (11) at the same time; Step 3: The test vector (2) is sequentially entered into the plurality of scan chains (11), until the test vector (2) After being completely input to the scan chain (11), the dynamic key generation module (3) generates a key, and a controller (6) sends a comparison signal to a key confirmation logic unit (4); and step four : When the key confirmation logic unit (4) compares the test vector (2) in the multiple key flip-flops (13) with the key of the dynamic key generation module (3), it outputs the correct response If the comparison result is wrong, the pseudo response generation module (5) will output a pseudo response.

此外,藉由下述具體實施例,可進一步證明本發明可實際應用之範圍,但不意欲以任何形式限制本發明之範圍。In addition, the following specific examples can further prove the scope of practical application of the present invention, but it is not intended to limit the scope of the present invention in any form.

請繼續參閱第一圖~第五圖,本發明實際實施時,可先從掃描鏈組(1)之複數個掃描鏈(11)中選取出複數個密鑰正反器(13),並執行自動測試圖樣產生(Automatic test pattern generation, ATPG),產生一測試向量(2),從測試向量(2)中推算一種子,可參考第二圖,實施例中係從複數個密鑰正反器(13)回推出8位元的種子,並將種子輸入掃描鏈組(1)之4條掃描鏈(11)內,改良線性反饋移位暫存器(31)的LFSR_start一開始會設為0,而LFSR_enable也選到0去控制掃描時序(Scan clk),使觸發邏輯單元(32)在輸入種子的時候不會影響到改良線性反饋移位暫存器(31),種子被輸入完的時候,LFSR_enable設為1,並把種子輸入到動態密鑰產生模組(3)之改良線性反饋移位暫存器(31)中;Please continue to refer to the first to fifth figures. When the present invention is actually implemented, a plurality of key flippers (13) can be selected from a plurality of scan chains (11) in the scan chain group (1), and executed Automatic test pattern generation (ATPG), generates a test vector (2), from the test vector (2) to calculate a kind of sub, can refer to the second figure, in the embodiment is from a plurality of key flip-flops (13) Push back the 8-bit seed, and input the seed into the 4 scan chains (11) of the scan chain group (1). The LFSR_start of the improved linear feedback shift register (31) will be set to 0 at the beginning , And LFSR_enable is also selected to 0 to control the scan timing (Scan clk), so that the trigger logic unit (32) will not affect the improved linear feedback shift register (31) when the seed is input. When the seed is input, , LFSR_enable is set to 1, and the seed is input to the improved linear feedback shift register (31) of the dynamic key generation module (3);

再請參閱第三圖,接續地,測試向量(2)會被傳入掃描鏈組(1)的4條掃描鏈(11)內,而密鑰正反器(13)同時也會接收到測試向量(2),實施例中是依照掃描鏈(11)數量,以4個位元為一組依序傳入每條掃描鏈(11),每組測試向量(2)在輸入時,觸發邏輯單元(32)會根據該組的數值對改良線性反饋移位暫存器(31)作改變,其作法是從種子中取出例如3個數值011,當測試向量(2)輸入的4個位元有與011重複時,觸發邏輯單元(32)就會發出觸發訊號,使改良線性反饋移位暫存器(31)內的互斥或閘(311)去改變改良線性反饋移位暫存器(31)的數值,直到測試向量(2)的最後一組完全輸入至掃描鏈(11)後,動態密鑰產生模組(3)之改良線性反饋移位暫存器(31)就會產生出一密鑰;Please refer to the third figure again, successively, the test vector (2) will be passed into the 4 scan chains (11) of the scan chain group (1), and the key flip-flop (13) will also receive the test at the same time Vector (2), in the embodiment, according to the number of scan chains (11), each scan chain (11) is sequentially transmitted in a group of 4 bits, and when each group of test vectors (2) is input, the logic is triggered The unit (32) will change the modified linear feedback shift register (31) according to the set of values. The method is to take out, for example, 3 values 011 from the seed. When the test vector (2) inputs 4 bits When there is a repetition with 011, the trigger logic unit (32) will send a trigger signal to make the mutual exclusion or gate (311) in the modified linear feedback shift register (31) change the modified linear feedback shift register ( 31) until the last group of test vector (2) is completely input to the scan chain (11), the improved linear feedback shift register (31) of the dynamic key generation module (3) will generate A key

此時,控制器(6)會送出比對訊號至密鑰確認邏輯單元(4),如第四圖所示,當密鑰確認邏輯單元(4)比對複數個密鑰正反器(13)內之測試向量(2)與動態密鑰產生模組(3)的密鑰相同時,正確的響應就會透過本架構輸出,若比對結果錯誤,則會透過偽響應產生模組(5)輸出偽響應;偽響應之產生作法可參考第五圖,係由偽響應產生模組(5)之計數器(51)根據觸發邏輯單元(32)在這筆測試向量(2)傳入時接收到幾次的觸發訊號從複數個掃描正反器(scan flip-flops)中來選擇一個掃描正反器(54),此掃描正反器(54)不同於先前所選擇的密鑰正反器(13),被選到之掃描正反器(54)的值會跟改良線性反饋移位暫存器(31)的密鑰經過互斥或閘(53)的運算,以產生偽響應,若攻擊者再重複輸入同一筆不合法的測試向量(2),偽響應產生模組(5)之計數器(51)所選的掃描正反器(54)也會相同,所以對於同一筆不合法的測試向量(2),其所產生出來的偽響應也會是固定的,讓攻擊者無法分析輸出的響應是正確或是錯誤的。At this time, the controller (6) will send a comparison signal to the key confirmation logic unit (4), as shown in the fourth figure, when the key confirmation logic unit (4) compares a plurality of key flippers (13) When the test vector (2) in) is the same as the key of the dynamic key generation module (3), the correct response will be output through this framework. If the comparison result is wrong, the false response generation module (5 ) Output pseudo-response; the method of generating pseudo-response can refer to Figure 5. The counter (51) of the pseudo-response generation module (5) receives the test vector (2) according to the trigger logic unit (32). The trigger signal to several times selects a scan flip-flop (54) from a plurality of scan flip-flops. This scan flip-flop (54) is different from the previously selected key flip-flop (13), the value of the selected scan flip-flop (54) and the key of the improved linear feedback shift register (31) will undergo mutual exclusion or gate (53) operation to generate a false response, if If the attacker repeatedly enters the same illegal test vector (2), the counter (51) selected by the counter (51) of the pseudo-response generation module (5) will also be the same scanning flip-flop (54), so the same illegal test vector Test vector (2), the pseudo response generated by it will also be fixed, so that the attacker cannot analyze whether the output response is correct or wrong.

由上述之實施說明可知,本發明與現有技術相較之下,本發明具有以下優點:As can be seen from the above implementation description, compared with the prior art, the present invention has the following advantages:

1. 本發明測試電路之動態密鑰防禦架構與方法具有動態密鑰產生模組,能根據輸入的原始資料去生成不同的密鑰,相較於習知皆以固定的密鑰儲存在電路內,本發明係提供動態的密鑰產生技術,以達到更高的安全層級,且由於未有預先儲存的密鑰,因此攻擊者亦不能透過冷啟動攻擊去獲得密鑰。1. The dynamic key defense architecture and method of the test circuit of the present invention has a dynamic key generation module, which can generate different keys according to the input original data. Compared with the conventional ones, a fixed key is stored in the circuit. The present invention provides a dynamic key generation technology to achieve a higher level of security, and because there is no pre-stored key, the attacker cannot obtain the key through a cold start attack.

2. 本發明測試電路之動態密鑰防禦架構與方法可由偽響應產生模組產生偽響應,且同一筆不合法的測試向量,仍會產生相同的偽響應,以混淆攻擊者。2. The dynamic key defense architecture and method of the test circuit of the present invention can generate a pseudo response by the pseudo response generation module, and the same illegal test vector will still generate the same pseudo response to confuse the attacker.

綜上所述,本發明之測試電路之動態密鑰防禦架構與方法,的確能藉由上述所揭露之實施例,達到所預期之使用功效,且本發明亦未曾公開於申請前,誠已完全符合專利法之規定與要求。爰依法提出發明專利之申請,懇請惠予審查,並賜准專利,則實感德便。In summary, the dynamic key defense architecture and method of the test circuit of the present invention can indeed achieve the expected use effect through the above-disclosed embodiments, and the present invention has not been disclosed before the application. Comply with the provisions and requirements of the Patent Law. If you file an application for a patent for invention in accordance with the law, you are kindly requested to review and grant a quasi-patent.

惟,上述所揭之圖示及說明,僅為本發明之較佳實施例,非為限定本發明之保護範圍;大凡熟悉該項技藝之人士,其所依本發明之特徵範疇,所作之其它等效變化或修飾,皆應視為不脫離本發明之設計範疇。However, the above-mentioned illustrations and descriptions are only preferred embodiments of the present invention, and are not intended to limit the scope of protection of the present invention. Anyone familiar with the art will do other things based on the characteristic scope of the present invention. Equivalent changes or modifications should be regarded as not departing from the design scope of the present invention.

(1):掃描鏈組(11):掃描鏈(1): Scan chain group (11): Scan chain

(111):掃描輸入(112):掃描輸出(111): Scan input (112): Scan output

(12):正反器(13):密鑰正反器(12): Flip-flop (13): Key flip-flop

(2):測試向量(3):動態密鑰產生模組(2): Test vector (3): Dynamic key generation module

(31):改良線性反饋移位暫存器(311):互斥或閘(31): Improved linear feedback shift register (311): Mutually exclusive or gate

(32):觸發邏輯單元(4):密鑰確認邏輯單元(32): Trigger logic unit (4): Key confirmation logic unit

(41):互斥或閘(42):及閘(41): Mutually exclusive or gate (42): and gate

(43):D正反器(5):偽響應產生模組(43): D flip-flop (5): pseudo response generation module

(51):計數器(52):多工器(51): Counter (52): Multiplexer

(53):互斥或閘(54):掃描正反器(53): Mutually exclusive or gate (54): Scan the flip-flop

(6):控制器(7):輸入解壓縮器(6): Controller (7): Input decompressor

(8):輸出壓縮器(8): Output compressor

第一圖:本發明其較佳實施例之架構示意圖。Figure 1: A schematic diagram of the structure of a preferred embodiment of the present invention.

第二圖:本發明其較佳實施例之動態密鑰產生示意圖(一)。Figure 2: Schematic diagram (1) of dynamic key generation in a preferred embodiment of the present invention.

第三圖:本發明其較佳實施例之動態密鑰產生示意圖(二)。Figure 3: A schematic diagram (2) of dynamic key generation in a preferred embodiment of the present invention.

第四圖:本發明其較佳實施例之密鑰確認邏輯單元元件示意圖。Figure 4: The schematic diagram of the key confirmation logic unit of the preferred embodiment of the present invention.

第五圖:本發明其較佳實施例之偽響應產生模組示意圖。Figure 5: A schematic diagram of the pseudo-response generation module of the preferred embodiment of the present invention.

(1):掃描鏈組 (1): Scan chain group

(11):掃描鏈 (11): Scan chain

(111):掃描輸入 (111): Scan input

(112):掃描輸出 (112): Scan output

(12):正反器 (12): Flip-flop

(13):密鑰正反器 (13): Key reverser

(2):測試向量 (2): Test vector

(3):動態密鑰產生模組 (3): Dynamic key generation module

(4):密鑰確認邏輯單元 (4): Key confirmation logic unit

(5):偽響應產生模組 (5): Pseudo response generation module

(6):控制器 (6): Controller

(7):輸入解壓縮器 (7): Input decompressor

(8):輸出壓縮器 (8): Output compressor

Claims (8)

一種測試電路之動態密鑰防禦架構,其包含有:一掃描鏈組,係具有複數個掃描鏈,其中每一該掃描鏈係由複數個正反器串聯組成,其可由使用者任意選出複數個密鑰正反器(Key flip-flops,KFFs),每一該掃描鏈其一端為一掃描輸入,另一端為一掃描輸出,且每一該掃描輸入依序接收一測試向量之輸入;一動態密鑰產生模組(Dynamic Key Generator),係電性連接至該掃描鏈組之每一該掃描鏈之該掃描輸入,並接收來自該等掃描輸入之該測試向量,以產生出一密鑰,且其中該動態密鑰產生模組係包含有一改良線性反饋移位暫存器(Modified-LFSR)與一電性連接該改良線性反饋移位暫存器之觸發邏輯(Trigger Logic)單元;一密鑰確認邏輯單元(Key Checking Logic),係電性連接該動態密鑰產生模組與該掃描鏈組,以比對該複數個密鑰正反器內之該測試向量與該動態密鑰產生模組所產生的密鑰;一偽響應產生模組(Fake Response Generator),係電性連接該動態密鑰產生模組與該密鑰確認邏輯單元,且於該密鑰確認 邏輯單元比對複數個密鑰正反器內測試向量與動態密鑰產生模組的密鑰錯誤時,即輸出偽響應;以及一控制器,係電性連接該動態密鑰產生模組、該密鑰確認邏輯單元與該偽響應產生模組,並送出一比對訊號至該密鑰確認邏輯單元。 A dynamic key defense architecture for a test circuit, which includes: a scan chain group with a plurality of scan chains, wherein each scan chain is composed of a plurality of flip-flops in series, which can be selected by the user at will Key flip-flops (KFFs), each scan chain has a scan input at one end and a scan output at the other end, and each scan input sequentially receives the input of a test vector; a dynamic The dynamic key generator is electrically connected to the scan input of each scan chain of the scan chain group, and receives the test vector from the scan inputs to generate a key, And the dynamic key generation module includes a modified linear feedback shift register (Modified-LFSR) and a trigger logic (Trigger Logic) unit electrically connected to the modified linear feedback shift register; a secret The Key Checking Logic (Key Checking Logic) is electrically connected to the dynamic key generation module and the scan chain group to compare the test vector and the dynamic key generation module in the plurality of key flip-flops The key generated by the group; a fake response generator (Fake Response Generator), which is electrically connected to the dynamic key generation module and the key confirmation logic unit, and confirms with the key When the logic unit compares the test vector in the plurality of key flip-flops with the dynamic key generation module's key error, it outputs a false response; and a controller is electrically connected to the dynamic key generation module and the dynamic key generation module. The key confirmation logic unit and the pseudo-response generation module send a comparison signal to the key confirmation logic unit. 如申請專利範圍第1項所述測試電路之動態密鑰防禦架構,其中該掃描鏈組之各個該複數個掃描鏈之掃描輸入係選擇性電性連接至一輸入解壓縮器之輸出、該掃描鏈組之各個該複數個掃描鏈之掃描輸出係選擇性電性連接至一輸出壓縮器之輸入。 For example, the dynamic key defense architecture of the test circuit described in item 1 of the scope of patent application, wherein the scan input of each of the plurality of scan chains of the scan chain group is selectively electrically connected to the output of an input decompressor, the scan The scan output of each of the plurality of scan chains of the chain group is selectively electrically connected to the input of an output compressor. 如申請專利範圍第1項所述測試電路之動態密鑰防禦架構,其中該密鑰確認邏輯單元係包含有複數個互斥或閘、一電性連接該複數個互斥或閘之及閘與一電性連接該及閘之D正反器(D flip-flop)。 For example, the dynamic key defense architecture of the test circuit described in item 1 of the scope of patent application, wherein the key confirmation logic unit includes a plurality of mutually exclusive OR gates, and a gate and gate that are electrically connected to the plurality of mutually exclusive OR gates. A D flip-flop (D flip-flop) is electrically connected to the gate. 如申請專利範圍第1項所述測試電路之動態密鑰防禦架構,其中該偽響應產生模組係包含有一電性連接該動態密鑰產生模組之計數器、一電性連接該計數器與該掃描鏈組之多工器以及一電性連接該多工器與該動態密鑰產生模組之互斥或閘。 For example, the dynamic key defense architecture of the test circuit described in the scope of the patent application, wherein the pseudo-response generation module includes a counter electrically connected to the dynamic key generation module, and a counter electrically connected to the counter and the scan The multiplexer of the chain set and a mutual exclusion or gate electrically connecting the multiplexer and the dynamic key generation module. 一種測試電路之動態密鑰防禦方法,其步驟包含有: 步驟一:於一掃描鏈組之複數個掃描鏈中選取複數個密鑰正反器(Key flip-flops,KFFs);步驟二:將一測試向量之一種子輸入至該掃描鏈組之複數個掃描鏈與一動態密鑰產生模組中,而該測試向量會接著傳入該複數個掃描鏈,其中該動態密鑰產生模組係包含有一改良線性反饋移位暫存器(Modified-LFSR)與一電性連接該改良線性反饋移位暫存器之觸發邏輯(Trigger Logic)單元;步驟三:該測試向量依序被輸入至該掃描鏈組之該複數個掃描鏈,直到該測試向量完全輸入至掃描鏈後,該動態密鑰產生模組產生出一密鑰,一控制器會送出比對訊號至一密鑰確認邏輯單元(Key Checking Logic);以及步驟四:當該密鑰確認邏輯單元比對該選取之複數個密鑰正反器內之該測試向量與該動態密鑰產生模組的密鑰相同時,即輸出正確的響應,若比對結果錯誤,一偽響應產生模組即輸出偽響應。 A dynamic key defense method for testing circuits, the steps include: Step 1: Select a plurality of key flip-flops (KFFs) from the plurality of scan chains in a scan chain group; Step 2: Input a seed of a test vector into the plurality of scan chain groups Scan chain and a dynamic key generation module, and the test vector will then be passed into the plurality of scan chains, wherein the dynamic key generation module includes a modified linear feedback shift register (Modified-LFSR) It is electrically connected to the Trigger Logic unit of the improved linear feedback shift register; Step 3: The test vector is sequentially input to the scan chains of the scan chain group until the test vector is complete After input to the scan chain, the dynamic key generation module generates a key, and a controller sends a comparison signal to a key checking logic unit (Key Checking Logic); and Step 4: When the key checking logic When the unit compares the test vector in the selected plurality of key flip-flops and the key of the dynamic key generation module, it outputs the correct response. If the comparison result is wrong, a false response generation module That is, a false response is output. 如申請專利範圍第5項所述測試電路之動態密鑰防禦方法,其中每一該掃描鏈進一步具有一掃描輸入、一掃描輸出、一選擇性電性連接該掃描輸入之解壓縮器以及一選擇性電性連接該掃描輸出之壓縮器。 As described in item 5 of the scope of patent application, the test circuit dynamic key defense method, wherein each scan chain further has a scan input, a scan output, a decompressor selectively electrically connected to the scan input, and a selection Electrically and electrically connected to the compressor of the scan output. 如申請專利範圍第5項所述測試電路之動態密鑰防禦方法,其中該密鑰確認邏輯單元係包含有複數個互斥或閘、一電性連接該複數個互斥或閘之及閘與一電性連接該及閘之D正反器(D flip-flop)。 For example, the dynamic key defense method of the test circuit described in item 5 of the scope of patent application, wherein the key confirmation logic unit includes a plurality of mutually exclusive OR gates, and a gate and gate electrically connected to the plurality of mutually exclusive OR gates. A D flip-flop (D flip-flop) is electrically connected to the gate. 如申請專利範圍第5項所述測試電路之動態密鑰防禦方法,其中該偽響應產生模組係包含有一電性連接該動態密鑰產生模組之計數器、一電性連接該計數器與該掃描鏈組之多工器以及一電性連接該多工器與該動態密鑰產生模組之互斥或閘。 For example, the dynamic key defense method of the test circuit described in item 5 of the scope of patent application, wherein the pseudo response generation module includes a counter electrically connected to the dynamic key generation module, and a counter electrically connected to the counter and the scan The multiplexer of the chain set and a mutual exclusion or gate electrically connecting the multiplexer and the dynamic key generation module.
TW108113437A 2019-04-17 2019-04-17 Dynamic-key defense structure for testing circuit and method thereof TWI727308B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108113437A TWI727308B (en) 2019-04-17 2019-04-17 Dynamic-key defense structure for testing circuit and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108113437A TWI727308B (en) 2019-04-17 2019-04-17 Dynamic-key defense structure for testing circuit and method thereof

Publications (2)

Publication Number Publication Date
TW202040401A TW202040401A (en) 2020-11-01
TWI727308B true TWI727308B (en) 2021-05-11

Family

ID=74201358

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108113437A TWI727308B (en) 2019-04-17 2019-04-17 Dynamic-key defense structure for testing circuit and method thereof

Country Status (1)

Country Link
TW (1) TWI727308B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113533936A (en) * 2021-07-13 2021-10-22 上海矽昌微电子有限公司 Chip scan chain test method and system
TWI835601B (en) * 2023-03-20 2024-03-11 慧榮科技股份有限公司 Apparatus and method for expanding round keys during data encryption

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7725788B2 (en) * 2002-04-30 2010-05-25 Freescale Semiconductor, Inc. Method and apparatus for secure scan testing
TW201514519A (en) * 2013-09-02 2015-04-16 Samsung Electronics Co Ltd Integrated circuit (IC) for reconstructing values of flip-flops connected in a scan-chain by using a joint test action group (JTAG) interface, a method of operating the IC, and devices having the IC
US9170297B2 (en) * 2011-12-22 2015-10-27 Nxp B.V. Secure low pin count scan
CN106707139A (en) * 2017-01-03 2017-05-24 大唐微电子技术有限公司 Scan chain test device and realizing method
CN108875431A (en) * 2018-06-07 2018-11-23 北京航空航天大学 The dynamic obfuscation package interface control unit for preventing integrated circuit intellectual property from plagiarizing

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7725788B2 (en) * 2002-04-30 2010-05-25 Freescale Semiconductor, Inc. Method and apparatus for secure scan testing
US9170297B2 (en) * 2011-12-22 2015-10-27 Nxp B.V. Secure low pin count scan
TW201514519A (en) * 2013-09-02 2015-04-16 Samsung Electronics Co Ltd Integrated circuit (IC) for reconstructing values of flip-flops connected in a scan-chain by using a joint test action group (JTAG) interface, a method of operating the IC, and devices having the IC
CN106707139A (en) * 2017-01-03 2017-05-24 大唐微电子技术有限公司 Scan chain test device and realizing method
CN108875431A (en) * 2018-06-07 2018-11-23 北京航空航天大学 The dynamic obfuscation package interface control unit for preventing integrated circuit intellectual property from plagiarizing

Also Published As

Publication number Publication date
TW202040401A (en) 2020-11-01

Similar Documents

Publication Publication Date Title
Becker et al. Stealthy dopant-level hardware trojans
Limaye et al. Is robust design-for-security robust enough? Attack on locked circuits with restricted scan chain access
Cui et al. Static and dynamic obfuscations of scan data against scan-based side-channel attacks
Francq et al. Introduction to hardware Trojan detection methods
US10361873B2 (en) Test point-enhanced hardware security
Lesperance et al. Hardware Trojan detection using exhaustive testing of k-bit subspaces
Das et al. PUF-based secure test wrapper design for cryptographic SoC testing
TWI727308B (en) Dynamic-key defense structure for testing circuit and method thereof
Saeed et al. Test-mode-only scan attack and countermeasure for contemporary scan architectures
Liu et al. Effects of embedded decompression and compaction architectures on side-channel attack resistance
Gaine et al. Electromagnetic fault injection as a new forensic approach for SoCs
Chandran et al. SS-KTC: A high-testability low-overhead scan architecture with multi-level security integration
Becker et al. Implementing hardware trojans: Experiences from a hardware trojan challenge
Lee et al. A dynamic-key based secure scan architecture for manufacturing and in-field IC testing
Lee et al. A secure JTAG wrapper for SoC testing and debugging
Chen et al. BISTLock: Efficient IP piracy protection using BIST
Chen et al. Partial scan design against scan-based side channel attacks
US20210083868A1 (en) Dynamic secret key security system for test circuit and method of the same
Hély et al. Security challenges during VLSI test
Li et al. Bias PUF based secure scan chain design
Chen et al. Balancing testability and security by configurable partial scan design
Sao et al. Security analysis of scan obfuscation techniques
Ray et al. On Securing Cryptographic ICs against Scan-based Attacks: A Hamming Weight Distribution Perspective
Tshagharyan et al. Securing test infrastructure of system-on-chips
CN113032771B (en) Dynamic randomization of cryptographic challenges