The IEEE Std 1687 (IJTAG) provides enhanced access to the on-chip test instruments, which are included on the chip for test, post-silicon debug, in field maintenance, and diagnosis purposes. Although the on-chip instruments access provides data and features explicitly for test and debug, these features are misused by the malicious user to access sensitive data such as encryption keys, Chip-IDs, etc. Hence, it is desired to limit the access to sensitive on-chip instruments via IJTAG network. One of the various schemes proposed to mitigate the vulnerability of the IJTAG network is to use a secure access protocol, which is based on LSIB, Chip-ID, and licensed access software. In this paper, the detailed security analysis is performed on IJTAG, it is shown that the secure access protocol technique is vulnerable to differential analysis attack. It can be used to break the secure communication between the board and the licensed access software and thus, the sensitive on-chip test instruments can be accessed illegitimately. It is shown that our proposed algorithm can recover the template used for secure communication within a fraction of a second.