Scribd Logo
Upload

Welcome to Scribd!

  • 93 views

    Security Design For IEEE P1687: Major Professor: Vishwani D. Agrawal

    Uploaded by

    srikanth
    This document discusses security design for the IEEE P1687 standard. It begins by introducing P1687 and identifying security risks if an attacker can easily access instruments to obtain secret data. It then proposes using a locking segment insertion bit (SIB) with a trap mechanism to strengthen security. Experimental results show that a higher key length provides stronger security with expected unlocking times increasing from years to thousands of years. Finally, an original proposal to use a secure linear feedback shift register (SLFSR) to hide the scan path length is presented, but it is found to be less efficient than the standard structure without an SLFSR.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd

    Security Design For IEEE P1687: Major Professor: Vishwani D. Agrawal

    Uploaded by

    srikanth
    93 views26 pages
    This document discusses security design for the IEEE P1687 standard. It begins by introducing P1687 and identifying security risks if an attacker can easily access instruments to obtain secret data. It then proposes using a locking segment insertion bit (SIB) with a trap mechanism to strengthen security. Experimental results show that a higher key length provides stronger security with expected unlocking times increasing from years to thousands of years. Finally, an original proposal to use a secure linear feedback shift register (SLFSR) to hide the scan path length is presented, but it is found to be less efficient than the standard structure without an SLFSR.

    Original Description:

    IJTAG_ltest

    Original Title

    Presentation Revised

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document discusses security design for the IEEE P1687 standard. It begins by introducing P1687 and identifying security risks if an attacker can easily access instruments to obtain secret data. It then proposes using a locking segment insertion bit (SIB) with a trap mechanism to strengthen security. Experimental results show that a higher key length provides stronger security with expected unlocking times increasing from years to thousands of years. Finally, an original proposal to use a secure linear feedback shift register (SLFSR) to hide the scan path length is presented, but it is found to be less efficient than the standard structure without an SLFSR.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    93 views26 pages

    Security Design For IEEE P1687: Major Professor: Vishwani D. Agrawal

    Uploaded by

    srikanth
    This document discusses security design for the IEEE P1687 standard. It begins by introducing P1687 and identifying security risks if an attacker can easily access instruments to obtain secret data. It then proposes using a locking segment insertion bit (SIB) with a trap mechanism to strengthen security. Experimental results show that a higher key length provides stronger security with expected unlocking times increasing from years to thousands of years. Finally, an original proposal to use a secure linear feedback shift register (SLFSR) to hide the scan path length is presented, but it is found to be less efficient than the standard structure without an SLFSR.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    of 26
    At a glance
    Powered by AI
    The key takeaways are that P1687 is a proposed standard for accessing on-chip instruments during testing and debugging. It allows communication between chips using scan chains, but this exposes security risks that can be addressed using techniques like secure LFSRs.

    P1687/IJTAG is a proposed IEEE standard that defines techniques for accessing instruments on chips using flexible serial scan chains, along with description languages for the network and procedures.

    Security risks of P1687/IJTAG include that an attacker can potentially access secret data like chip IDs or encryption keys stored on chips by breaking into targeted instruments using the scan chains.

    Security Design for IEEE P1687

    Hejia Liu
    Major Professor: Vishwani D. Agrawal
    Introduction
     Part 1: Introduction of IEEE P1687 (IJTAG)
    security risks in P1687
     Part 2: Security design and expected
    unlocking time
     Part 3: Discussion of a proposal and
    improvement in security

    Apr 8, 2014 Liu: MEE Project 2


    IEEE 1149.1 (JTAG) Interface

    Apr 8, 2014 Liu: MEE Project 3


    What is P1687/ IJTAG?

     IEEE P1687 is a valuable tool for accessing on-


    chip instruments during test, diagnosis, debug and
    board configurations.

     P1687 is a proposed IEEE Standard that has 3


    components
    ◦ A flexible set of serial scan chain techniques for the
    instrument access architecture (called the network)
    ◦ A network description language (called instrument
    connectivity language, ICL)
    ◦ An instrument vector language (called procedure
    description language, PDL)

    Apr 8, 2014 Liu: MEE Project 4


    Communication between Chips

    An example of communication P1687 network between 3 chips


    Apr 8, 2014 Liu: MEE Project 5
    Instruments, IPs
     An IP (Intellectual property core) with a
    P1687 compliant interface is named
    instrument.
     IPs: Analog, digital or mixed signal
    circuitry performing particular functions,
    such as a clock a generator, an interface
    to an external measurement probe, a
    radio tuner, an analog signal converter, a
    digital signal processor, etc.

    Apr 8, 2014 Liu: MEE Project 6


    P1687 Network

    Rst
    Optional

    Apr 8, 2014 Liu: MEE Project 7


    FSM of TAP Controller

    Apr 8, 2014 Liu: MEE Project 8


    Security Risks
     Depending on the application, data may be
    stored on-chip, including chip ID, codes,
    and encryption keys.
     An attacker can access a targeted
    instrument and obtain the secret data
    easily.

    Apr 8, 2014 Liu: MEE Project 9


    A Possible Break-in Procedure
     Step 1: Load Instruction code in TAP
     Step 2: Shift in an attempt vector
     Step 3: Clock the TAP controller
     Step 4: If attempt successful, access
    instrument
     Step 5: Else, repeat from step 2

    Apr 8, 2014 Liu: MEE Project 10


    Security Levels
     Insecurity: Break-in time at the level of
    days
     Weak security: Break-in time at the level
    of years
     Strong security: Break-in time at the level
    of ten years
     Full Security: Break-in time in the level of
    thousand years

    Apr 8, 2014 Liu: MEE Project 11


    Structure of SIB
    (Segment Insertion Bit)
    Select=1
    ShiftEn=1
    To_TDI2
    To_TDO1

    0 0
    TDI 0
    1 1 Update cell Select
    From_TDO2 1 Shift cell
    ShiftEn
    Select

    TCK

    UpdateEn

    Apr 8, 2014 Liu: MEE Project 12


    Structure of SIB
    (Segment Insertion Bit)
    Select=0 ShiftEn=1

    To_TDI2
    To_TDO1

    0
    TDI
    0
    0
    Update cell Select
    1 1
    From_TDO
    2 1 Shift cell
    ShiftEn

    Select

    TCK
    updateEn

    Apr 8, 2014 Liu: MEE Project 13


    The Structure of SIB
    (Segment Insertion Bit)
    ShiftEn=0 UpdateEn=1

    To_TDI To_TDO
    2 1

    0 0
    TDI 0
    Update cell Select
    1 Shift cell 1
    From_TDO
    2 1
    ShiftEn

    Select

    TCK

    UpdateEn

    Apr 8, 2014 Liu: MEE Project 14


    Dworak, et al.. ,”Don’t forget to lock your

    Locking-SIB With Trap SIB:Hiding instrument using P1687,” ITC 2013

    To_TDI2 To_TDO1

    0 0
    TDI 0 RST
    1 1 Update cell
    From_TDO
    1 Shift cell
    1

    ShiftEn

    Select

    TCK

    UpdateEn
    Key[0]
    Key[n]

    Whether the key and trap Trap feedback select signal


    feedback value is 1 or 0 is
    decided by structure Select
    Apr 8, 2014 Liu: MEE Project 15
    Unsecure and Secure P1687
    Networks

    Apr 8, 2014 Liu: MEE Project 16


    Dworak, et al.,“Don’t forget to lock your SIB:
    Hiding instrument using P1687,” ITC 2013

    Break-in Procedure

    Cost(LSIB unlock attempt w/Trap)

    = 10 + 2𝑛 + 𝑑

    Prob(opening SIB with key of k bits)


    1
    = 2𝑘+1

    Expected Cost(LSIB unlock w/Trap)


    = (10 + 2𝑛 + 𝑑) 2𝑘+1

    Apr 8, 2014 Liu: MEE Project 17


    Expected Results (f = 100MHz)

    Key Chain Expected time to unlock LSIB


    length Length with Trap
    K N Days Years
    8 640 7.79E-07 2.13E-09
    16 1280 3.94E-04 1.08E-06
    32 2560 5.13E+01 1.41E-01
    48 5120 6.69E+06 1.83E+04
    64 10240 8.76E+11 2.40E+09
    80 20480 1.15E+17 3.15E+14
    96 40960 1.50E+22 4.11E+19

    Apr 8, 2014 Liu: MEE Project 19


    Features of Secure Structure
     The order of magnitudes for break-in
    2𝑁
    time: k + 1 log( )
    f

     An attacker uses the scan chain length as


    a feedback

     What if we hide the length of the scan


    path?

    Apr 8, 2014 Liu: MEE Project 20


    An Original Proposal: Use SLFSR
    (Secure LFSR) to Hide Scan Path
    Length

    Apr 8, 2014 Liu: MEE Project 21


    SLFSR Example
    3-stage SLFSR,
    R=23 − 1 = 7

    Apr 8, 2014 Liu: MEE Project 22


    Break-in Procedure

    1 attempt=
    n*+𝐸 + 2𝑅 + 10

    Apr 8, 2014 Liu: MEE Project 23


    Attacker’s Strategies
     Condition 1: Attempt length is n*< N
    𝑇𝑜𝑡𝑎𝑙 𝑛𝑒𝑐𝑒𝑠𝑠𝑎𝑟𝑦 𝑐𝑜𝑠𝑡 𝑤ℎ𝑒𝑛 𝑛∗ < 𝑛

    = ෍(𝑛∗ +𝐸 + 2𝑅 + 10 ) 2𝑛∗ 𝑅
    𝑛∗

     Condition 2: Attempt length is n*= N


    𝐸𝑥𝑝𝑒𝑐𝑡𝑒𝑑 𝑐𝑜𝑠𝑡 = [ 𝑁 + 2𝑅 + 10 + 𝐸 ∙ 𝑅] 2𝑘+1

     Condition 3: Attempt length n*> N


    𝐸𝑥𝑝𝑒𝑐𝑡𝑒𝑑 𝑐𝑜𝑠𝑡 = [ 𝑛∗ + 2𝑅 + 10 + 𝐸 ∙ 𝑅] 2𝑘+1

    Apr 8, 2014 Liu: MEE Project 24


    Expected Results (f = 100MHz)
     Condition 3:
    Expected time to unlock %Increase
    Key Chain
    LSIB with SLFSR(days) Compared to
    length length cycles
    Trap without
    K N Days Years SLFSR
    8 32 2.32E-07 6.36E-10 2.01e+05 395.9596
    16 64 9.34E-05 2.56E-07 8.07e+07 377.9141
    32 128 1.06E+01 2.90E-02 9.14E+12 365.6357
    40 160 3.28e+03 8.98 2.83E+15 362.8169
    48 192 9.85E+05 2.70E+03 8.51E+17 360.8592
    56 224 2.90E+08 7.93e+05 2.50E+20 359.4203
    64 256 8.37E+10 2.29e+08 7.23E+22 358.3181
    80 320 6.74E+15 1.85E+13 5.82E+27 356.7407
    96 384 5.24E+20 1.44E+18 4.53E+32 355.6663

    Apr 8, 2014 Liu: MEE Project 25


    Disadvantage Compared to
    Structure without SLFSR
    In fact, we are increasing the feedback keys alternately.
    For the secure chain without LFSR,
    Total expected unlocking time without LFSR
    = (10 + 2N + d)2𝑘+1

    For the secure chain in the worst case condition (condition 3) :


    Total expected unlocking time with LFSR
    = (10 + N + 2R)2𝑘+1−𝑚 (2𝑚 − 1)
    Comparing 2 equations, for large n, the efficiency ratio:

    Expected time w/no SLFSR


    ≈ 2, when N → ∞
    Expected time w/SLFSR

    Apr 8, 2014 Liu: MEE Project 26


    Conclusion
     It is useful we replace the non-functional
    segments with SLFSR
     Security SLFSR increases attacker’s effort
    as breaking not only depends on the
    structure we build up, but also the
    strategies that attacker chooses.
     We should be concerned about the “lucky”
    attacker

    Apr 8, 2014 Liu: MEE Project 27

    You might also like