Standard test infrastructures, such as IEEE Std. 1149.1 (JTAG), IEEE Std. 1500 and IEEE Std. 1687 (IJTAG), are widely used in nowadays Integrated Circuits (ICs). However, they pose an important security challenge to the designers because of the high controllability and observability they offer through the Test Access Port (TAP). For instance, malicious users can exploit test infrastructures in order to access the internal scan chains of crypto-cores and perform scan attacks. Moreover, these infrastructures connect all the devices of the system to the same network. For this reason, the data sent to a target device are potentially visible to all the others. Consequently, this poses a threat to the confidentiality of data content. The encryption of test data is a countermeasure that has been conceived in order to overcome these threats. In this paper, we propose a new secure version of the JTAG infrastructure, relying on stream-based encryption.