Shan Jiang,Ning Xu,Xue-Yan Wang,Qiang Zhou

DOI: https://doi.org/10.1007/s11390-018-1870-z

2018-01-01

Abstract:Integrated circuit (IC) camouflaging technique has been applied as a countermeasure against reverse engineering (RE). However, its effectiveness is threatened by a boolean satisfiability (SAT) based de-camouflaging attack, which is able to restore the camouflaged circuit within only minutes. As a defense to the SAT-based de-camouflaging attack, a brand new camouflaging strategy (called CamoPerturb) has been proposed recently, which perturbs one minterm by changing one gate’s functionality and then restores the perturbed circuit with a separated camouflaged block, achieving good resistance against the SAT-based attack. In this paper, we analyze the security vulnerabilities of CamoPerturb by illustrating the mechanism of minterm perturbation induced by gate replacement, then propose an attack to restore the changed gate’s functionality, and recover the camouflaged circuit. The attack algorithm is facilitated by sensitization and implication principles in automatic test pattern generation (ATPG) techniques. Experimental results demonstrate that our method is able to restore the camouflaged circuits with very little time consumption.

Shiling Luo,Wenchao Gao,Le Huang,Qiang Zhou

DOI: https://doi.org/10.1109/cis58238.2022.00082

2022-01-01

Abstract:As a defence to the SAT-based de-camouflaging attack, a brand new camouflaging strategy (called CamoPerturb) has been proposed. This camouflaging strategy achieves good resistance against the SAT-based attack. However, there is no stable generation algorithm for the perturbation circuit of the CamoPerturb. Furthermore, there is no way to control three key logic: specific output, specific gate and specific minterm, which makes it difficult for the technology to be used in practical circuits. In this paper, a perturbation circuit generation algorithm is proposed. By dividing a limited region, introducing the original input signal and narrowing the minterm range affected by the logic gate, we can find a single minterm perturbation quickly. Furthermore, we can design key logic arbitrarily. The experimental results in ISCAS’ 89 benchmark circuits and the controllers of the OpenSPARC microprocessor show that our method can be applied to the actual circuit stably with very little time consumption. Finally, our method is experimentally analyzed on an IP (intellectual property) core circuit (full adder circuit).

Huafeng CHEN,Haibin SHEN,Xiaolang YAN

2008-01-01

Abstract:The design-for-testability structure based on scan-chain often compromises the security of crypto chips.A method to attack certain hardware implementation of elliptic curve cryptography was presented.And an easy but effective secure scan method against the attack was proposed,which would not compromise the security of the chip,while maintaining high fault coverage.By controlling operational mode of the chip,the disability mechanism of scan enable signal was applied.The scan function was disabled when there existed security information in the chip.It solved the problem of secure information disclosure caused by scan chain design.

Xueyan Wang,Qiang Zhou,Yici Cai,Gang Qu

DOI: https://doi.org/10.1109/ISCAS.2016.7538897

2016-01-01

Abstract:Circuit camouflaging techniques have been proposed to thwart reverse engineering (RE) attacks to integrated circuits (IC). In one of the most well-known camouflaging methods, selective XOR, NAND, and NOR gates are replaced by configurable logic units which have the same appearance to the RE attackers. It is argued that a successful attack has to brute force search all the camouflaged gates' possible {XOR, NAND, NOR} combinations, resulting in the attack complexity exponential to the number of camouflaged gates. In this paper, we have reported an attack to significantly reduce this complexity by partitioning the IC to many subcircuits to attack individually. We validate the power of the proposed circuit partition based attack on ISCAS benchmark suite and OpenSparc T1 microprocessor, and propose a potential countermeasure to re-secure IC camouflaging.

Meng Li,Kaveh Shamsi,Travis Meade,Zheng Zhao,Bei Yu,Yier Jin,David Z. Pan

DOI: https://doi.org/10.1145/2966986.2967065

IF: 2.9

2019-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:The advancing of reverse engineering techniques has complicated the efforts in intellectual property protection. Proactive methods have been developed recently, among which layout-level IC camouflaging is the leading example. However, existing camouflaging methods are rarely supported by provably secure criteria, which further leads to over-estimation of the security level when countering the latest de-camouflaging attacks, e.g., the SAT-based attack. In this paper, a quantitative security criterion is proposed for de-camouflaging complexity measurements and formally analyzed through the demonstration of the equivalence between the existing de-camouflaging strategy and the active learning scheme. Supported by the new security criterion, two novel camouflaging techniques are proposed, the low-overhead camouflaging cell library and the AND-tree structure, to help achieve exponentially increasing security levels at the cost of linearly increasing performance overhead on the circuit under protection. A provably secure camouflaging framework is then developed by combining these two techniques. Experimental results using the security criterion show that the camouflaged circuits with the proposed framework are of high resilience against the SAT-based attack with negligible performance overhead.

Xue-Yan Wang,Qiang Zhou,Yi-Ci Cai,Gang Qu

DOI: https://doi.org/10.1007/s11390-018-1807-6

2018-01-01

Abstract:Intellectual property (IP) protection is one of the hardcore problems in hardware security. Semiconductor industry still lacks effective and proactive defense to shield IPs from reverse engineering (RE) based attacks. Integrated circuit (IC) camouflaging technique fills this gap by replacing some conventional logic gates in the IPs with specially designed logic cells (called camouflaged gates) without changing the functions of the IPs. The camouflaged gates can perform different logic functions while maintaining an identical look to RE attackers, thus preventing them from obtaining the layout information of the IP directly from RE tools. Since it was first proposed in 2012, circuit camouflaging has become one of the hottest research topics in hardware security focusing on two fundamental problems. How to choose the types of camouflaged gates and decide where to insert them in order to simultaneously minimize the performance overhead and optimize the RE complexity? How can an attacker de-camouflage a camouflaged circuit and complete the RE attack? In this article, we review the evolution of circuit camouflaging through this spear and shield race. First, we introduce the design methods of four different kinds of camouflaged cells based on true/dummy contacts, static random access memory (SRAM), doping, and emerging devices, respectively. Then we elaborate four representative de-camouflaging attacks: brute force attack, IC testing based attack, satisfiability-based (SAT-based) attack, and the circuit partition based attack, and the corresponding countermeasures: clique-based camouflaging, CamoPerturb, AND-tree camouflaging, and equivalent class based camouflaging, respectively. We argue that the current research efforts should be on reducing overhead introduced by circuit camouflaging and defeating de-camouflaging attacks. We point out that exploring features of emerging devices could be a promising direction. Finally, as a complement to circuit camouflaging, we conclude with a brief review of other state-of-the-art IP protection techniques.

Mohamed El Massad,Siddharth Garg,Mahesh Tripunitara

DOI: https://doi.org/10.48550/arXiv.1710.10474

2017-10-28

Cryptography and Security

Abstract:Integrated circuit (IC) camouflaging is a promising technique to protect the design of a chip from reverse engineering. However, recent work has shown that even camouflaged ICs can be reverse engineered from the observed input/output behaviour of a chip using SAT solvers. However, these so-called SAT attacks have so far targeted only camouflaged combinational circuits. For camouflaged sequential circuits, the SAT attack requires that the internal state of the circuit is controllable and observable via the scan chain. It has been implicitly assumed that restricting scan chain access increases the security of camouflaged ICs from reverse engineering attacks. In this paper, we develop a new attack methodology to decamouflage sequential circuits without scan access. Our attack uses a model checker (a more powerful reasoning tool than a SAT solver) to find a discriminating set of input sequences, i.e., one that is sufficient to determine the functionality of camouflaged gates. We propose several refinements, including the use of a bounded model checker, and sufficient conditions for determining when a set of input sequences is discriminating to improve the run-time and scalabilty of our attack. Our attack is able to decamouflage a large sequential benchmark circuit that implements a subset of the VIPER processor.

Xueyan Wang,Qiang Zhou,Yici Cai,Gang Qu

DOI: https://doi.org/10.1145/3060403.3060493

2017-01-01

Abstract:Gate camouflaging has emerged as a leading proactive countermeasure for reverse engineering (RE) attacks. However, a recently proposed circuit partition attack (CPA) can significantly reduce the complexity of revealing the original design from a camouflaged circuit. In this paper, we first conduct an empirical study on how CPA can facilitate the state-of-the-art de-camouflaging methods to perform more efficient attacks. We then study how an equivalent class guided camouflaging approach may thwart these de-camouflaging attempts and re-establish the defense against RE. Experimental results demonstrate that (1) CPA is an effective pre-processing technique to boost de-camouflaging methods, and (2) Equivalent class guided camouflaging technique is resilient against the union of CPA and existing de-camouflaging methods.

Meng Li,Kaveh Shamsi,Yier Jin,David Z. Pan

DOI: https://doi.org/10.1109/test.2018.8624671

2018-01-01

Abstract:In order to counter advanced reverse engineering techniques, various integrated circuit (IC) camouflaging methods are proposed to protect hardware intellectual property (IP) proactively. For example, a timing-based camouflaging strategy is developed recently representing a new class of parametric camouflaging strategies. Unlike traditional IC camouflaging techniques that directly hide the circuit functionality, the new parametric strategies obfuscate the circuit timing schemes, which in turn protects the circuit functionality and invalidates all the existing attacks. In this paper, we propose a SAT attack, named TimingSAT, to analyze the security of such timing-based camouflaging strategies. We demonstrate that with a proper transformation of the camouflaged netlist, traditional SAT attacks are still effective to decamouflage the new protection methods. The correctness of the resolved circuit functionality is formally proved. While a direct implementation of TimingSAT suffers from poor scalability, we propose a simplification procedure to significantly enhance the attack efficiency without sacrificing the correctness of the decamouflaged netlist. The efficiency and effectiveness of TimingSAT is validated with extensive experimental results.

Jae-Won Jang,Swaroop Ghosh

DOI: https://doi.org/10.48550/arXiv.1705.02707

2017-05-08

Abstract:Semiconductor supply chain is increasingly getting exposed to variety of security attacks such as Trojan insertion, cloning, counterfeiting, reverse engineering (RE) and piracy of Intellectual Property (IP) due to involvement of untrusted parties. Camouflaging of gates has been proposed to hide the functionality of gates. However, gate camouflaging is associated with significant area, power and delay overhead. In this paper, we propose camouflaging of interconnects using multiplexers (muxes) to protect the IP. A transistor threshold voltage-defined pass transistor mux is proposed to prevent its reverse engineering since transistor threshold voltage is opaque to the adversary. The proposed mux with more than one input, hides the original connectivity of the net. The camouflaged design operates at nominal voltage and obeys conventional reliability limits. A small fraction of nets can be camouflaged to increase the RE effort extremely high while keeping the overhead low. We propose controllability, observability and random net selection strategy for camouflaging. Simulation results indicate 15-33% area, 25-44% delay and 14-29% power overhead when 5-15% nets are camouflaged using the proposed 2:1 mux. By increasing the mux size to 4:1, 8:1, and 16:1, the RE effort can be further improved with small area, delay, and power penalty.

Cryptography and Security

Akshay Wali,Shamik Kundu,Andrew J Arnold,Guangwei Zhao,Kanad Basu,Saptarshi Das

DOI: https://doi.org/10.1021/acsnano.0c10651

IF: 17.1

2021-02-23

ACS Nano

Abstract:Reverse engineering (RE) is one of the major security threats to the semiconductor industry due to the involvement of untrustworthy parties in an increasingly globalized chip manufacturing supply chain. RE efforts have already been successful in extracting device level functionalities from an integrated circuit (IC) with very limited resources. Camouflaging is an obfuscation method that can thwart such RE. Existing work on IC camouflaging primarily involves transformable interconnects and/or covert gates where variation in doping and dummy contacts hide the circuit structure or build cells that look alike but have different functionalities. Emerging solutions, such as polymorphic gates based on a giant spin Hall effect and Si nanowire field effect transistors (FETs), are also promising but add significant area overhead and are successfully decamouflaged by the satisfiability solver (SAT)-based RE techniques. Here, we harness the properties of two-dimensional (2D) transition-metal dichalcogenides (TMDs) including MoS2, MoSe2, MoTe2, WS2, and WSe2 and their optically transparent transition-metal oxides (TMOs) to demonstrate area efficient camouflaging solutions that are resilient to SAT attack and automatic test pattern generation attacks. We show that resistors with resistance values differing by 5 orders of magnitude, diodes with variable turn-on voltages and reverse saturation currents, and FETs with adjustable conduction type, threshold voltages, and switching characteristics can be optically camouflaged to look exactly similar by engineering TMO/TMD heterostructures, allowing hardware obfuscation of both digital and analog circuits. Since this 2D heterostructure devices family is intrinsically camouflaged, NAND/NOR/AND/OR gates in the circuit can be obfuscated with significantly less area overhead, allowing 100% logic obfuscation compared to only 5% for complementary metal oxide semiconductor (CMOS)-based camouflaging. Finally, we demonstrate that the largest benchmarking circuit from ISCAS'85, comprised of more than 4000 logic gates when obfuscated with the CMOS-based technique, is successfully decamouflaged by SAT attack in <40 min; whereas, it renders to be invulnerable even in more than 10 h when camouflaged with 2D heterostructure devices, thereby corroborating our hypothesis of high resilience against RE. Our approach of connecting material properties to innovative devices to secure circuits can be considered as a one of a kind demonstration, highlighting the benefits of cross-layer optimization.

Xueyan Wang,Qiang Zhou,Yici Cai,Gang Qu

DOI: https://doi.org/10.1016/j.vlsi.2018.10.009

IF: 1.345

2018-01-01

Integration

Abstract:As one of the most effective proactive countermeasures against reverse engineering, circuit camouflaging has emerged to be a hot research topic and it is becoming a mature technology with the development of various de-camouflaging attacks. Among them, the SAT-based method is the most powerful one to defeat circuit camouflaging. However, SAT-based attacks have scalability problem due to the complexity of the underlying SAT solvers, and straightforward approach to parallelize SAT-based attacks will fail. In this article, we propose a novel parallelization framework for SAT-based attacks, which consists of a two-level partition method (independent module partitioning and k-medoids clustering), together with a novel conflict avoidance strategy. Specifically, we first break down the camouflaged netlist into multiple independent modules that can be solved in parallel. However, any good circuit camouflaging approach should produce one or multiple large modules. To solve this problem, we further apply the k -medoids algorithm to partition the large modules into multiple “high cohesion” and “low coupling” clusters. Utilizing the relative independence of these clusters, we propose a two-stage attack method to avoid conflicts among clusters. Experimental results on OpenSparc T1 microprocessor controller demonstrate that our approach can on average reduce the scales of the SAT formulas by more than 50%, reduce the attack iteration number by 45%, and achieves on average 3.6× and maximum 10× speed up over the best-known SAT-based de-camouflaging tool.

Jaya Dofe,Chen Yan,Scott Kontak,Emre Salman,Qiaoyan Yu

DOI: https://doi.org/10.1109/AsianHOST.2016.7835570

2016-01-01

Abstract:This work proposes a novel method for transistor-level logic locking to address intellectual property (IP) piracy and reverse engineering attacks in monolithic three-dimensional (M3D) ICs. The proposed method locks logic gates by independently inserting parallel or serial locking transistors and camouflaged contacts in multiple tiers in M3D ICs. Without the correct key bits and confidential information for camouflaged contacts, the locked logic gates will malfunction and significantly alter power profiles, which makes reverse engineering attacks more difficult. The performance overhead of the proposed method is evaluated with ISCAS'85 benchmark circuits synthesized and placed with a customized M3D IC library. Case study on c6288 benchmark circuit shows that the proposed locking method with the correct key increases the power by only 0.26%. On average, this method consumes 2.3% more transistors than the baseline ISCAS'85 benchmark circuits.

Mengmeng Ling,Liji Wu,Xiangyu Li,Xiangmin Zhang,Jinsong Hou,Yong Wang

DOI: https://doi.org/10.1109/CIS.2012.125

2012-01-01

Abstract:As information security chips are more widely used in the field of information security, the security of chips becomes increasingly important, which has also been a hot research field of information security. With the advances in technology, a chip-invasive method of attack which uses laser or focused ion beam (FIB) to change the chip's internal signal line, and then probe the chip's secret information with the electron microprobe, becomes a serious threat to information security chip. Such an attack makes the shielding metal wire an effective mean to improve chip security. The protection circuit module monitoring the shielding metal line is to ensure the layer of the metal wire is undamaged, in order to ensure that the chip has not been attacked by laser or FIB. This paper studies the design and implementation of Monitor and Protect Circuits (MPC) based on RC delay, which monitor if the shielding metal wires are damaged. The circuit is designed in SMIC0.18um CMOS process and an entire layout is completed. The gate count of MPC is about 642, which is 2.9% of that of AES. And its power consumption is about 81uw.

Chen Yan,Jaya Dofe,Scott Kontak,Qiaoyan Yu,Emre Salman

DOI: https://doi.org/10.1109/tcsii.2017.2749523

2018-01-01

IEEE Transactions on Circuits & Systems II Express Briefs

Abstract:Circuit camouflaging is a layout-level technique to thwart image analysis-based reverse engineering attacks. An efficient dummy contact-based camouflaging method for monolithic 3-D integrated circuits (ICs) is proposed. 3-D ICs achieve ultra-high density device integration enabled by fine-grained monolithic inter-tier vias. Standard cell libraries are developed to evaluate the effects of circuit camouflaging on large-scale 2-D and monolithic 3-D ICs. These libraries are used to design a camouflaged SIMON (lightweight block cipher) and several academic benchmarks. Simulation results demonstrate that the monolithic 3-D technology is highly effective to facilitate the utilization of the camouflaging technique against reverse engineering attacks. At the expense of a slight degradation in timing characteristics, monolithic 3-D technology eliminates not only the area but also the power overhead related to camouflaging.

Grace Li Zhang,Bing Li,Meng Li,Bei Yu,David Z. Pan,Michaela Brunner,Georg Sigl,Ulf Schlichtmann

DOI: https://doi.org/10.1109/TCAD.2020.2974338

2020-03-02

Abstract:With recent advances in reverse engineering, attackers can reconstruct a netlist to counterfeit chips by opening the die and scanning all layers of authentic chips. This relatively easy counterfeiting is made possible by the use of the standard simple clocking scheme, where all combinational blocks function within one clock period, so that a netlist of combinational logic gates and flip-flops is sufficient to duplicate a design. In this paper, we propose to invalidate the assumption that a netlist completely represents the function of a circuit with unconventional timing. With the introduced wave-pipelining paths, attackers have to capture gate and interconnect delays during reverse engineering, or to test a huge number of combinational paths to identify the wave-pipelining paths. To hinder the test-based attack, we construct false paths with wave-pipelining to increase the counterfeiting challenge. Experimental results confirm that wave-pipelining true paths and false paths can be constructed in benchmark circuits successfully with only a negligible cost, thus thwarting the potential attack techniques.

Cryptography and Security,Hardware Architecture

Xiang Gao,Yiqiang Zhao,Haocheng Ma

DOI: https://doi.org/10.3390/s18093034

IF: 3.9

2018-01-01

Sensors

Abstract:Information system security has been in the spotlight of individuals and governments in recent years. Integrated Circuits (ICs) function as the basic element of communication and information spreading, therefore they have become an important target for attackers. From this perspective, system-level protection to keep chips from being attacked is of vital importance. This paper proposes a novel method based on a fringing electric field (FEF) sensor to detect whether chips are dismantled from a printed circuit board (PCB) as system-level protection. The proposed method overcomes the shortcomings of existing techniques that can be only used in specific fields. After detecting a chip being dismantled from PCB, some protective measures like deleting key data can be implemented to be against attacking. Fringing electric field sensors are analyzed through simulation. By optimizing sensor’s patterns, areas and geometrical parameters, the methods that maximize sensitivity of fringing electric field sensors are put forward and illustrated. The simulation is also reproduced by an experiment to ensure that the method is feasible and reliable. The results of experiments are inspiring in that they prove that the sensor can work well for protection of chips and has the advantage of universal applicability, low cost and high reliability.

Nikhil Rangarajan,Satwik Patnaik,Johann Knechtel,Ramesh Karri,Ozgur Sinanoglu,Shaloo Rakheja

DOI: https://doi.org/10.1109/TETC.2020.2991134

2020-07-08

Abstract:The era of widespread globalization has led to the emergence of hardware-centric security threats throughout the IC supply chain. Prior defenses like logic locking, layout camouflaging, and split manufacturing have been researched extensively to protect against intellectual property (IP) piracy at different stages. In this work, we present dynamic camouflaging as a new technique to thwart IP reverse engineering at all stages in the supply chain, viz., the foundry, the test facility, and the end-user. Toward this end, we exploit the multi-functionality, post-fabrication reconfigurability, and run-time polymorphism of spin-based devices, specifically the magneto-electric spin-orbit (MESO) device. Leveraging these unique properties, dynamic camouflaging is shown to be resilient against state-of-the-art analytical SAT-based attacks and test-data mining attacks. Such dynamic reconfigurability is not afforded in CMOS owing to fundamental differences in operation. For such MESO-based camouflaging, we also anticipate massive savings in power, performance, and area over other spin-based camouflaging schemes, due to the energy-efficient electric-field driven reversal of the MESO device. Based on thorough experimentation, we outline the promises of dynamic camouflaging in securing the supply chain end-to-end along with a case study, demonstrating the efficacy of dynamic camouflaging in securing error-tolerant image processing IP.

Cryptography and Security,Mesoscale and Nanoscale Physics,Emerging Technologies

Mengqiang Lu,Aijiao Cui,Yan Shao,Gang Qu

DOI: https://doi.org/10.1145/3526241.3530345

2022-01-01

Abstract:Scan chain design can improve the testability of a circuit while it can be used as a side-channel to access the sensitive information inside a cryptographic chip for the crack of cipher key. To secure the scan design while maintaining its testability, this paper proposes a memristor-based secure scan design. A lock and key scheme is introduced. Physical unclonable function (PUF) is used to generate a unique test key for each chip. When an input test key matches the PUF-based key, the scan chain can be used normally for testing. Otherwise, the data in some scan cells are obfuscated by the random bits, which are generated by reading the status of a memristor. As the random bits do not relate to the original test data, an adversary cannot access useful information from scan chain to deduce the cipher key. The experimental results show that the proposed secure scan design can resist all existing attacks while incurring low overhead. Also, the testability of the original design is not affected.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yang Xiang,Yuxia Cheng,Abdulhameed Alelaiwi

DOI: https://doi.org/10.1007/s10586-017-0833-4

2017-01-01

Cluster Computing

Abstract:With the rapid development of Internet of Things technology and the promotion of embedded devices’ computation performance, smart devices are probably open to security threats and attacks while connecting with rich and novel Internet. Attracting lots of attention in embedded system security community recently, Trusted Execution Environment (TEE), allows for the execution of arbitrary code within environments completely isolated from the rest of a system. However, existing memory protection methods in a TEE are inadequate. In general, the software-based formal methods are not practical and the hardware-based implementation approaches lack of theoretical proof. To address the memory isolation and protection problems in TEE, in this paper, we propose a practical memory integrity protection method on an ARM-based platform, called MIPE, to defend against security threats including kernel data attacks and direct memory access attacks. MIPE utilizes TrustZone technique to create a isolated execution environment, which can protect the sensitive code and data against attacks. To present the integrity protection strategies, we provide the design of MIPE using B method, which is a practical formal method. We also implement MIPE on the Xilinx Zynq ZC702 evaluation board. The evaluation results show that the automatic proof rate of machines using B method is about 78.32%, and the proposed method is effective and feasible in terms of both load time and overhead.