Late Breaking Results: On the One-Key Premise of Logic Locking

Yinghua Hu,Hari Cherupalli,Mike Borza,Deepak Sherlekar
DOI: https://doi.org/10.1145/3649329.3663504
2024-08-23
Abstract:The evaluation of logic locking methods has long been predicated on an implicit assumption that only the correct key can unveil the true functionality of a protected circuit. Consequently, a locking technique is deemed secure if it resists a good array of attacks aimed at finding this correct key. This paper challenges this one-key premise by introducing a more efficient attack methodology, focused not on identifying that one correct key, but on finding multiple, potentially incorrect keys that can collectively produce correct functionality from the protected circuit. The tasks of finding these keys can be parallelized, which is well suited for multi-core computing environments. Empirical results show our attack achieves a runtime reduction of up to 99.6% compared to the conventional attack that tries to find a single correct key.
Cryptography and Security,Systems and Control
What problem does this paper attempt to address?
The problem that this paper attempts to solve is the long - existing "single - key premise" assumption in Logic Locking technology. Specifically, the security evaluation of traditional logic - locking methods relies on an implicit assumption that only the correct key can reveal the true functionality of the protected circuit. Therefore, a locking technique is considered secure if it can withstand multiple attacks aimed at finding the correct key. However, this paper challenges this assumption and proposes a new attack method. This method does not focus on identifying the unique correct key but rather looks for multiple potential wrong keys that can jointly unlock the protected design and make it behave as if the correct key were used. This method not only improves the attack efficiency but also enables the parallelization of tasks in a multi - core computing environment, thereby significantly reducing the attack time. ### Core Contributions of the Paper 1. **Challenging the "Single - Key Premise" Assumption**: The paper questions the "single - key premise" in traditional logic - locking methods and proposes the concept of multi - key attacks. 2. **Introducing an Efficient Attack Method**: Unlock the protected circuit by looking for multiple possible wrong keys instead of a single correct key. 3. **Parallelizing Attack Tasks**: The new method can significantly reduce the attack time by processing multiple subtasks in parallel, especially suitable for multi - core computing environments. 4. **Experimental Evidence Support**: The experimental results show that, compared with the traditional single - key attack, the new method can reduce the running time by up to 99.6%. ### Explanation of Formulas and Symbols - \( C \) represents the original circuit. - \( I \) and \( O \) represent the sets of input and output ports respectively. - \( f_C: B^{|I|} \to B^{|O|} \) represents the functionality of the original circuit. - \( C_k \) represents the locked circuit. - \( f_{C_k}: B^{|I|} \times B^{|K|} \to B^{|O|} \) represents the functionality of the locked circuit, where \( K \) is the set of key ports. - \( k^* \) represents the correct unlocking key, satisfying the condition \( f_{C_k}(x, k^*) = f_C(x), \forall x \in B^{|I|} \) ### Conclusion By introducing the multi - key attack strategy, the paper challenges the "single - key premise" assumption in traditional logic - locking methods and demonstrates the efficiency and feasibility of this method in practical applications. Future work will focus on developing effective defense measures to deal with this new "multi - key" attack scenario.