Revisiting the security of static masking and compaction: Discovering new vulnerability and Improved Scan Attack on AES

Scan-based Design for Testability (DfT) provides high fault coverage, observability, and testability of internal nodes of the chip. It can serve as a medium for the attacker to launch a side-channel attack and thus reveal the secret key embedded in the security-critical-chip. DfT test infrastructures are vulnerable to this type of scan attacks. Advanced DfT techniques such as X-Compactor, X-masking, and X-tolerance were considered to be inherently secure against the basic scan attack. Later on, advanced attacking techniques were proposed to reveal the secret key from advanced DfT infrastructure with a probabilistic success rate of 20.75% in their worst case, i.e., when 64 bits (16 bits from 16 active slices for each AES word) of the round output were observable. In this paper, we propose an attack on advanced DfT having static masking with XOR-based Compression. The attack is 100% successful whenever at least 6 bits out of 32-bit, i.e., 24 bits of the 128-bit round output of AES are observable from the chip under test (CUT). To recover 16 bytes of key, it requires only 4096 plaintexts and takes 1498 milliseconds in the worst-case.