Scan-based attack against des cryptosystems using scan signatures

Hirokazu Kodera*, M. Yanagisawa, Nozomu Togawa

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

29 Citations (Scopus)


With the high integration of LSI in recent years, the importance of design-for-techniques has been increasing. A scan-path test is one of the useful design-for-test techniques, in which testers can observe and control registers inside the target LSI chip directly. On the other hand, the risk of side-channel attacks against cryptographic LSIs and modules has been pointed out. In particular, scan-based attacks which retrieve secret keys by analyzing scan data obtained from scan chains has been attracting attention. In this paper, we propose a scan-based attack method against DES using scan signatures. Our proposed method are based on focusing on particular bit-column-data in a set of scan data and observing their changes when given several plaintexts. We can retrieve secret keys by partitioning the S-BOX process into eight independent sub-processes and reducing the number of the round key candidates from 2 48 to 26×8 = 512. Our proposed methods can retrieve secret keys even if a scan chain includes registers except a crypto module and attackers do not know when the encryption is really done in the crypto module. Experimental results demonstrate that we successfully retrieve the secret keys of a DES cryptosystem using at most 32 plaintexts.

Original languageEnglish
Title of host publication2012 IEEE Asia Pacific Conference on Circuits and Systems, APCCAS 2012
Number of pages4
Publication statusPublished - 2012 Dec 1
Event2012 IEEE Asia Pacific Conference on Circuits and Systems, APCCAS 2012 - Kaohsiung, Taiwan, Province of China
Duration: 2012 Dec 22012 Dec 5

Publication series

NameIEEE Asia-Pacific Conference on Circuits and Systems, Proceedings, APCCAS


Conference2012 IEEE Asia Pacific Conference on Circuits and Systems, APCCAS 2012
Country/TerritoryTaiwan, Province of China


  • data encryption standard
  • scan chain
  • scan-based attack
  • side-channel attacks

ASJC Scopus subject areas

  • Electrical and Electronic Engineering


Dive into the research topics of 'Scan-based attack against des cryptosystems using scan signatures'. Together they form a unique fingerprint.

Cite this