JS
Can you help me with this lab. Computer science lab. We just have to do 2. Analyze the output response of the first round.
City College of New York Electrical Engineering department LAB-3: Scan Attack BY Samah Mohamed Ahmed Saeed Scan attack Lab Objectives: 1. Learn how to launch the basic test-mode-only attack. 2. Learn how to analyze and observe the test responses. The aim of this lab is to apply the basic test-mode-only attack to leak the secret key of AES design. We consider the synthesized scan-based AES design using Synopsys design compiler. Test benches that apply the required test vectors to AES design were created to launch the attack using VCS simulator. You will write scripts that use the captured responses of AES design in the round registers to implement each step of the attack. Introduction 1. Conventional scan attack A Scan attack is a well-known side-channel attack that exploits the scan-based test infrastructure in order to leak the secret key of a secure chip. With the chip in hand, the attacker can run the cipher in the functional mode with the desired plaintext for a few cycles, and then by switching to the test mode, he/she can shift out the content of the internal registers. These registers of the secure chip hold the intermediate results of the cipher execution. The attacker can access the intermediate results and perform differential analysis to get the secret key. 2. Mode-reset countermeasure In order to retrieve the intermediate results of the cipher, the conventional scan attack has to rely on the condition that the intermediate results in the register should be preserved during switch from the normal mode to the test mode. This condition can be easily violated by the mode- reset countermeasure, an automatic reset operation upon a switch between the normal mode and the test mode. 3. Test-mode-only attack The test-mode-only scan attack can circumvent the mode-reset countermeasure. The attack uses only the test mode of the hardware and it does not require switching between normal and test mode. The attacker shifts the test vectors into the round register, runs the cipher for one round, and shifts out the contents of the round register. Following are the challenges that an attacker has to mitigate while developing a test-mode-only attack: Presence of boundary scan cells: In test mode, boundary scan cells drive the primary inputs. They block the direct access to the primary inputs through the chip input pins. Scan cell to round register flip-flop mapping: The attacker does not know the mapping between the scan cells and the round register flip-flops, as the physical placement tools decide how these flip flops are connected. Assumptions of the test-mode-only scan attack The following are the assumptions in the test-mode-only attack: Both the cipher algorithm and the architecture of the implementation (128-bit, 32-bit or 8-bit ) are known to the attacker. The attacker has access to the JTAG port, and has the basic test capabilities such as shift and capture operations as in-field testing is enabled. In test mode, the user key is being used which is either hardcoded in the chip or stored in the memory. The global reset operation brings the chip to the first round by resetting the round counter. Steps of the attack 1. Identifying the Key Cells The round register is of 128-bit data width. Therefore, if an input difference in the AES round is applied, only the key cells will be affected, while the other scan cells preserve their content. 2. Partitioning the Key Cells into AES Words For AES, an input difference is applied to a word, the bit-flips in the output difference will confine within only one word. In order to group the key cells into words, we apply two pairs of test vectors (V, ??) and (V, ??), where the one-bit difference is in the i-th and the j-th bit or key cell, respectively. The output differences of the two pair of test vectors, (V, ??) and (V, ??), are ?? and ??, respectively. If there is any common bit-flip in ?? and ??, then i and j correspond to the same word of the round register. Algorithm 1 determines the bits in the words. 3. Partitioning the Key Cells into the AES Bytes To identify whether bit I and j belong to the same byte, we use two test vector pairs, (V, ??) and (?? ,???) both with one-bit difference in the j-th bit. The test vectors V and ?? differ in bit i, and ?? and ??? differ in bit i as well. Now consider the case when i and j are in the same byte; the output difference corresponding to the two input test vector pairs should be different. Otherwise, it should be the same. Example: to identify whether bit 1 and 2 belong to the same byte, you can apply the following test vectors: V = 000…00 ?0 = 000… 01 ?1 = 000… 10 ?10= 000… 11 Same input difference with different test vectors ?0 = Response (V)⊕Response(?0) ?1= Response (?1)⊕ Response (?10) If ?0 = ?1 then scan cell 0 and 1 are in different bytes Else scan cell 0 and 1 are in the same byte Algorithm 1: Determining the bits in the words Input: P and ?? where 0 ≤ i ≤ 127 Output: ?0, ?1, ?2, ?3 R = Enc(P) for i = 0 to 127 do ?? = Enc(?? ); ?? = R ⊕ ?? for j = 0 to 127 do if ??? = 1 then ??? = ??? ∪ j end end FD = FD ∪ ??? end for i = 0 to 3 do Select any element ??? from FD FD = FD − ??? for Each element ??? in FD do if ??? ∩ ??? = ∅ then ??? = ??? ∪ ???; FD = FD − ??? end end ?? = ??? End Algorithm 2: Determining the bits in a byte Input: W Output: ?0, ?1, ?2, ?3 for l = 0 to 3 do ?? = ∅; ?? = ∅ Select i where i ∈ W ?? = ?? ∪ i ; W = W − i; ?? = P ⊕ (0x1 < i)="" =="" enc(??="" );="" r="Enc(P);" =="" r="" ⊕="" for="" each="" j="" ∈="" w="" do="" w="W" −="" j="" =="" p="" ⊕="" (0x1="">< j);="" ′="Pj" ⊕="" (0x1="">