Jingbo Zhou,Xinmiao Zhang

DOI: https://doi.org/10.1109/tifs.2021.3059271

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Logic locking is used to protect integrated circuits (ICs) from piracy and counterfeiting. An encrypted IC implements the correct function only when the right key is input. Many existing logic-locking methods are subject to the powerful satisfiability (SAT)-based attack. Recently, an Anti-SAT scheme has been developed. By adopting two complementary logic blocks that consist of AND/NAND trees, it makes the number of iterations needed by the SAT attack exponential to the number of input bits. Nevertheless, the Anti-SAT scheme is vulnerable to the later AppSAT and removal attacks. This article proposes a generalized (G-)Anti-SAT scheme. Different from the Anti-SAT scheme, a variety of complementary or non-complementary functions can be adopted for the two blocks in our G-Anti-SAT scheme. The Anti-SAT scheme is just a special case of our proposed design. Our design can achieve higher output corruptibility, which is also tunable, so that better resistance to the AppSAT and removal attacks is achieved. Meanwhile, unlike existing AppSAT-resilient designs, our design does not sacrifice the resistance to the SAT attack.

computer science, theory & methods,engineering, electrical & electronic

Yuntao Liu,Michael Zuzak,Yang Xie,Abhishek Chakraborty,Ankur Srivastava

DOI: https://doi.org/10.48550/arXiv.2101.02577

2021-01-07

Abstract:Logic locking is a hardware security technique to intellectual property (IP) against security threats in the IC supply chain, especially untrusted fabs. Such techniques incorporate additional locking circuitry within an IC that induces incorrect functionality when an incorrect key is provided. The amount of error induced is known as the effectiveness of the locking technique. "SAT attacks" provide a strong mathematical formulation to find the correct key of locked circuits. In order to achieve high SAT resilience(i.e. complexity of SAT attacks), many conventional logic locking schemes fail to inject sufficient error into the circuit. For example, in the case of SARLock and Anti-SAT, there are usually very few (or only one) input minterms that cause any error at the circuit output. The state-of-the-art stripped functionality logic locking (SFLL) technique introduced a trade-off between SAT resilience and effectiveness. In this work, we prove that such a trade-off is universal in logic locking. In order to attain high effectiveness of locking without compromising SAT resilience, we propose a novel logic locking scheme, called Strong Anti-SAT (SAS). In addition to SAT attacks, removal-based attacks are also popular against logic locking. Based on SAS, we propose Robust SAS (RSAS) which is resilient to removal attacks and maintains the same SAT resilience and as effectiveness as SAS. SAS and RSAS have the following significant improvements over existing techniques. (1) SAT resilience of SAS and RSAS against SAT attack is not compromised by increase in effectiveness. (2) In contrast to prior work focusing solely on the circuit-level locking impact, we integrate SAS-locked modules into a processor and show that SAS has a high application-level impact. (3) Our experiments show that SAS and RSAS exhibit better SAT resilience than SFLL and have similar effectiveness.

Cryptography and Security,Hardware Architecture,Formal Languages and Automata Theory

Muhammad Yasin,Bodhisatwa Mazumdar,Ozgur Sinanoglu,Jeyavijayan Rajendran

DOI: https://doi.org/10.1109/aspdac.2017.7858346

2017-01-01

Abstract:Logic encryption protects integrated circuits (ICs) against intellectual property (IP) piracy and overbuilding attacks by encrypting the IC with a key. A Boolean satisfiability (SAT) based attack breaks all existing logic encryption technique within few hours. Recently, a defense mechanism known as Anti-SAT was presented that protects against SAT attack, by rendering the SAT-attack effort exponential in terms of the number of key gates. In this paper, we highlight the vulnerabilities of Anti-SAT and propose signal probability skew (SPS) attack against Anti-SAT block. SPS attack leverages the structural traces in Anti-SAT block to identify and isolate Anti-SAT block. The attack is 100% successful on all variants of Anti-SAT block. SPS attack is scalable to large circuits, as it breaks circuits with up to 22K gates within two minutes.

Vijaypal Singh Rathor,Munesh Singh,Kshira Sagar Sahoo,Saraju P. Mohanty

2024-06-27

Abstract:Intellectual Property (IP) piracy, overbuilding, reverse engineering, and hardware Trojan are serious security concerns during integrated circuit (IC) development. Logic locking has proven to be a solid defence for mitigating these threats. The existing logic locking techniques are vulnerable to SAT-based attacks. However, several SAT-resistant logic locking methods are reported; they require significant overhead. This paper proposes a novel input dependent key-based logic locking (IDKLL) that effectively prevents SAT-based attacks with low overhead. We first introduce a novel idea of IDKLL, where a design is locked such that it functions correctly for all input patterns only when their corresponding valid key sequences are applied. In contrast to conventional logic locking, the proposed IDKLL method uses multiple key sequences (instead of a single key sequence) as a valid key that provides correct functionality for all inputs. Further, we propose a sub-circuit replacement based IDKLL approach called SubLock that locks the design by replacing the original sub-circuitry with the corresponding IDKLL based locked circuit to prevent SAT attack with low overhead. The experimental evaluation on ISCAS benchmarks shows that the proposed SubLock mitigates the SAT attack with high security and reduced overhead over the well-known existing methods.

Cryptography and Security

Isaac McDaniel,Michael Zuzak,Ankur Srivastava

DOI: https://doi.org/10.1145/3674903

IF: 1.447

2024-07-09

ACM Transactions on Design Automation of Electronic Systems

Abstract:Logic obfuscation is a prominent approach to protect intellectual property within integrated circuits during fabrication. Many attacks on logic locking have been proposed, particularly in the Boolean satifiability (SAT) attack family, leading to the development of stronger obfuscation techniques. Some obfuscation techniques, including Full-Lock and InterLock, resist SAT attacks by inserting SAT-hard instances into the design, making the SAT attack infeasible. In this work, we observe that this class of obfuscation leaves most of the original design topology visible to an attacker, who can reverse-engineer the original design given the functionality of the SAT-hard instance. We show that an attacker can expose the SAT-hard instance functionality of Full-Lock or InterLock with a polynomial number of queries of its inputs and outputs. We then develop a mathematical framework showing how the functionality can be inferred using only a black-box oracle, as is commonly used in attacks in the literature. Using this framework, we develop a novel attack that allows a SAT-capable attacker to efficiently unlock designs obfuscated with Full-Lock. Our attack recovers the intellectual property from these obfuscation techniques that were previously thought secure. We empirically demonstrate the potency of our novel sensitization attack against benchmark circuits obfuscated with Full-Lock.

computer science, software engineering, hardware & architecture

Joseph Sweeney,Marijn J.H. Heule,Lawrence Pileggi

DOI: https://doi.org/10.48550/arXiv.2009.10131

2020-09-22

Abstract:Logic locking is a method to prevent intellectual property (IP) piracy. However, under a reasonable attack model, SAT-based methods have proven to be powerful in obtaining the secret key. In response, many locking techniques have been developed to specifically resist this form of attack. In this paper, we demonstrate two SAT modeling techniques that can provide many orders of magnitude speed up in discovering the correct key. Specifically, we consider relaxed encodings and symmetry breaking. To demonstrate their impact, we model and attack a state-of-the-art logic locking technique, Full-Lock. We show that circuits previously unbreakable within 15 days of run time can be solved in seconds. Consequently, in assessing the strength of any given locking, it is imperative that these modeling techniques be considered. To remedy this vulnerability in the considered locking technique, we demonstrate an extended version, logic-enhanced Banyan locking, that is resistant to our proposed modeling techniques.

Cryptography and Security

Deepak Sirone,Pramod Subramanyan

DOI: https://doi.org/10.1109/TIFS.2020.2968183

2020-01-11

Abstract:Logic locking refers to a set of techniques that can protect integrated circuits (ICs) from counterfeiting, piracy and malicious functionality changes by an untrusted foundry. It achieves these goals by introducing new inputs, called key inputs, and additional logic to an IC such that the circuit produces the correct output only when the key inputs are set to specific values. The correct values of the key inputs are kept secret from the untrusted foundry and programmed after manufacturing and before distribution, rendering piracy, counterfeiting and malicious design changes infeasible. The security of logic locking relies on the assumption that the untrusted foundry cannot infer the correct values of the key inputs by analysis of the circuit. This paper proposes Functional Analysis attacks on Logic Locking algorithms (abbreviated as FALL attacks). FALL attacks have two stages. Their first stage is dependent on the locking algorithm and involves analyzing structural and functional properties of locked circuits to identify a list of potential locking keys. The second stage is algorithm agnostic and introduces a powerful addition to SAT-based attacks called key confirmation. Key confirmation can identify the correct key from a list of alternatives and works even on circuits that are resilient to the SAT attack. In comparison to past work, the FALL attack is more practical as it can often succeed (90% of successful attempts in our experiments) by only analyzing the locked netlist, without requiring oracle access to an unlocked circuit. Our experimental evaluation shows that FALL attacks are able to defeat 65 out of 80 (81%) circuits locked using Stripped-Functionality Logic Locking (SFLL-HD).

Cryptography and Security

Susanne Engels,Max Hoffmann,Christof Paar

DOI: https://doi.org/10.1007/s13389-022-00294-x

Abstract:With continuously shrinking feature sizes of integrated circuits, the vast majority of semiconductor companies have become fabless, outsourcing to foundries across the globe. This exposes the design industry to a number of threats, including piracy via IP-theft or unauthorized overproduction and subsequent reselling on the black market. One alleged solution for this problem is logic locking, where the genuine functionality of a chip is "locked" using a key only known to the designer. Solely with a correct key, the design works as intended. Since unlocking is handled by the designer only after production, an adversary in the supply chain should not be able to unlock overproduced chips. In this work, we focus on logic locking against the threat of overproduction. First, we survey existing locking schemes and characterize them by their handling of keys, before extracting similarities and differences in the employed attacker models. We then compare said models to the real-world capabilities of the primary adversary in overproduction-a malicious foundry. This comparison allows us to identify pitfalls in existing models and derive a more realistic attacker model. Then, we discuss how existing schemes hold up against the new attacker model. Our discussion highlights that several attacks beyond the usually employed SAT-based approaches are viable. Crucially, these attacks stem from the underlying structure of current logic locking approaches, which has never changed since its introduction in 2008. We conclude that logic locking, while being a promising approach, needs a fundamental rethinking to achieve real-world protection against overproduction.

Kaveh Shamsi,Meng Li,Travis Meade,Zheng Zhao,David Z. Pan,Yier Jin

DOI: https://doi.org/10.1145/3060403.3060458

2017-01-01

Abstract:Logic locking and IC camouflaging are proactive circuit obfuscation methods that if proven secure can thwart hardware attacks such as reverse engineering and IP theft. However, the security of both these schemes is called into question by recent SAT based attacks. While a number of methods have been proposed in literature that exponentially increase the running time of such attacks, they are vulnerable to \"findand-remove\" attacks, and only slightly hide the circuit functionality. In this paper, we present a novel approach towards creating SAT attack resiliency based on creating densely cyclic obfuscated circuit topologies by adding dummy paths to the circuit. Our methodology is applicable to both IC camouflaging and logic locking. We demonstrate that cyclic logic locking creates SAT resilient circuits with 40% less area and 20% less delay compared to an insecure XOR/XNOR-obfuscation with the same key length. Furthermore, we show that cyclic IC camouflaging can be implemented at the layout level with no substrate area overhead and little delay and power overhead with respect to the original circuit.

Mohamed El Massad,Jun Zhang,Siddharth Garg,Mahesh V. Tripunitara

DOI: https://doi.org/10.48550/arXiv.1703.10187

2017-03-30

Abstract:Chip designers outsource chip fabrication to external foundries, but at the risk of IP theft. Logic locking, a promising solution to mitigate this threat, adds extra logic gates (key gates) and inputs (key bits) to the chip so that it functions correctly only when the correct key, known only to the designer but not the foundry, is applied. In this paper, we identify a new vulnerability in all existing logic locking schemes. Prior attacks on logic locking have assumed that, in addition to the design of the locked chip, the attacker has access to a working copy of the chip. Our attack does not require a working copy and yet we successfully recover a significant fraction of key bits from the design of the locked chip only. Empirically, we demonstrate the success of our attack on eight large benchmark circuits from a benchmark suite that has been tailored specifically for logic synthesis research, for two different logic locking schemes. Then, to address this vulnerability, we initiate the study of provably secure logic locking mechanisms. We formalize, for the first time to our knowledge, a precise notion of security for logic locking. We establish that any locking procedure that is secure under our definition is guaranteed to counter our desynthesis attack, and all other such known attacks. We then devise a new logic locking procedure, Meerkat, that guarantees that the locked chip reveals no information about the key or the designer's intended functionality. A main insight behind Meerkat is that canonical representations of boolean functionality via Reduced Ordered Binary Decision Diagrams (ROBDDs) can be leveraged effectively to provide security. We analyze Meerkat with regards to its security properties and the overhead it incurs. As such, our work is a contribution to both the foundations and practice of securing digital ICs.

Cryptography and Security

Levent Aksoy,Muhammad Yasin,Samuel Pagliarini

2024-01-14

Abstract:Logic locking proposed to protect integrated circuits from serious hardware threats has been studied extensively over a decade. In these years, many efficient logic locking techniques have been proven to be broken. The state-of-the-art logic locking techniques, including the prominent corrupt and correct (CAC) technique, are resilient to satisfiability (SAT)-based and removal attacks, but vulnerable to structural analysis attacks. To overcome this drawback, this paper introduces an improved version of CAC, called CAC 2.0, which increases the search space of structural analysis attacks using obfuscation. To do so, CAC 2.0 locks the original circuit twice, one after another, on different nodes with different number of protected primary inputs using CAC, while hiding original protected primary inputs among decoy primary inputs. This paper also introduces an open source logic locking tool, called HIID, equipped with well-known techniques including CAC 2.0. Our experiments show that CAC 2.0 is resilient to existing SAT-based, removal, and structural analysis attacks. To achieve this, it increases the number of key inputs at most 4x and the gate-level area between 30.2% and 0.8% on circuits with low and high complexity with respect to CAC.

Cryptography and Security

Yuke Zhang,Yinghua Hu,Pierluigi Nuzzo,Peter A. Beerel

DOI: https://doi.org/10.48550/arXiv.2201.05943

2022-01-16

Abstract:Sequential logic locking has been studied over the last decade as a method to protect sequential circuits from reverse engineering. However, most of the existing sequential logic locking techniques are threatened by increasingly more sophisticated SAT-based attacks, efficiently using input queries to a SAT solver to rule out incorrect keys, as well as removal attacks based on structural analysis. In this paper, we propose TriLock, a sequential logic locking method that simultaneously addresses these vulnerabilities. TriLock can achieve high, tunable functional corruptibility while still guaranteeing exponential queries to the SAT solver in a SAT-based attack. Further, it adopts a state re-encoding method to obscure the boundary between the original state registers and those inserted by the locking method, thus making it more difficult to detect and remove the locking-related components.

Cryptography and Security,Systems and Control

F. Almeida,L. Aksoy,Q-L. Nguyen,S. Dupuis,M-L. Flottes,S. Pagliarini

DOI: https://doi.org/10.48550/arXiv.2301.04400

2023-01-11

Cryptography and Security

Abstract:Logic locking has been a promising solution to many hardware security threats, such as intellectual property infringement and overproduction. Due to the increased attention that threats have received, many efficient specialized attacks against logic locking have been introduced over the years. However, the ability of an adversary to manipulate a locked netlist prior to mounting an attack has not been investigated thoroughly. This paper introduces a resynthesis-based strategy that utilizes the strength of a commercial electronic design automation (EDA) tool to reveal the vulnerabilities of a locked circuit. To do so, in a pre-attack step, a locked netlist is resynthesized using different synthesis parameters in a systematic way, leading to a large number of functionally equivalent but structurally different locked circuits. Then, under the oracle-less threat model, where it is assumed that the adversary only possesses the locked circuit, not the original circuit to query, a prominent attack is applied to these generated netlists collectively, from which a large number of key bits are deciphered. Nevertheless, this paper also describes how the proposed oracle-less attack can be integrated with an oracle-guided attack. The feasibility of the proposed approach is demonstrated for several benchmarks, including remarkable results for breaking a recently proposed provably secure logic locking method and deciphering values of a large number of key bits of the CSAW'19 circuits with very high accuracy.

Kaveh Shamsi,Meng Li,David Z. Pan,Yier Jin

DOI: https://doi.org/10.1145/3194554.3194580

2018-01-01

Abstract:Logic locking is an attractive defense against a series of hardware security threats. However, oracle guided attacks based on advanced Boolean reasoning engines such as SAT, ATPG and model-checking have made it difficult to securely lock chips with low overhead. While the majority of existing locking schemes focus on gate-level locking, in this paper we present a layout-inclusive interconnect locking scheme based on cross-bars of metal-to-metal programmable-via devices. We demonstrate how this enables configuring a large obfuscation key with a small number of physical key wires contributing to zero to little substrate area overhead. Dense interconnect locking based on these circuit level primitives shows orders of magnitude better SAT attack resiliency compared to an XOR/XNOR gate-insertion locking with the same key length which has a much higher overhead.

Kaveh Shamsi,Travis Meade,Meng Li,David Z. Pan,Yier Jin

DOI: https://doi.org/10.1109/tifs.2018.2850319

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The SAT-based attacks are extremely successful in deobfuscating the traditional combinational logic locking and IC camouflaging schemes. While several SAT-resilient protection schemes that increase the minimum query count of the attack have been proposed recently, none of them satisfy the output corruptibility (error) criteria. Therefore, most of them were combined with high corruptibility schemes to achieve both corruptibility and high query count. These "compound" schemes are successful since existing SAT attacks are agnostic to the corruptibility of the protection scheme. In this paper, we propose an approximate SAT-based attack framework which focuses on the iterative convergence of an attack toward a better solution. This helps our attack reduce a compound scheme to a standalone SAT-resilient scheme. In addition, we relate the problem of minimum query count to a well-known graph problem, and we propose a novel technique to increase the corruptibility of SAT-resilient protection schemes in a controllable manner. This creates protection schemes that have both high query count and corruptibility. Furthermore, due to the approximation resiliency property of these schemes, approximate attacks provide no advantage over exact attacks when attacking them.

Yinghua Hu,Hari Cherupalli,Mike Borza,Deepak Sherlekar

DOI: https://doi.org/10.1145/3649329.3663504

2024-08-23

Abstract:The evaluation of logic locking methods has long been predicated on an implicit assumption that only the correct key can unveil the true functionality of a protected circuit. Consequently, a locking technique is deemed secure if it resists a good array of attacks aimed at finding this correct key. This paper challenges this one-key premise by introducing a more efficient attack methodology, focused not on identifying that one correct key, but on finding multiple, potentially incorrect keys that can collectively produce correct functionality from the protected circuit. The tasks of finding these keys can be parallelized, which is well suited for multi-core computing environments. Empirical results show our attack achieves a runtime reduction of up to 99.6% compared to the conventional attack that tries to find a single correct key.

Cryptography and Security,Systems and Control

Dake Chen,Xuan Zhou,Yinghua Hu,Yuke Zhang,Kaixin Yang,Andrew Rittenbach,Pierluigi Nuzzo,Peter A. Beerel

2023-04-29

Abstract:Logic locking has become a promising approach to provide hardware security in the face of a possibly insecure fabrication supply chain. While many techniques have focused on locking combinational logic (CL), an alternative latch-locking approach in which the sequential elements are locked has also gained significant attention. Latch (LAT) locking duplicates a subset of the flip-flops (FF) of a design, retimes these FFs and replaces them with latches, and adds two types of decoy latches to obfuscate the netlist. It then adds control circuitry (CC) such that all latches must be correctly keyed for the circuit to function correctly. This paper presents a two-phase attack on latch-locked circuits that uses a novel combination of deep learning, Boolean analysis, and integer linear programming (ILP). The attack requires access to the reverse-engineered netlist but, unlike SAT attacks, is oracle-less, not needing access to the unlocked circuit or correct input/output pairs. We trained and evaluated the attack using the ISCAS'89 and ITC'99 benchmark circuits. The attack successfully identifies a key that is, on average, 96.9% accurate and fully discloses the correct functionality in 8 of the tested 19 circuits and leads to low function corruptibility (less than 4%) in 3 additional circuits. The attack run-times are manageable.

Cryptography and Security,Systems and Control

Kimia Zamiri Azar,Hadi Mardani Kamali,Houman Homayoun,Avesta Sasan

DOI: https://doi.org/10.48550/arXiv.2009.02208

2020-09-04

Cryptography and Security

Abstract:The globalization of the IC supply chain has raised many security threats, especially when untrusted parties are involved. This has created a demand for a dependable logic obfuscation solution to combat these threats. Amongst a wide range of threats and countermeasures on logic obfuscation in the 2010s decade, the Boolean satisfiability (SAT) attack, or one of its derivatives, could break almost all state-of-the-art logic obfuscation countermeasures. However, in some cases, particularly when the logic locked circuits contain complex structures, such as big multipliers, large routing networks, or big tree structures, the logic locked circuit is hard-to-be-solved for the SAT attack. Usage of these structures for obfuscation may lead a strong defense, as many SAT solvers fail to handle such complexity. However, in this paper, we propose a neural-network-guided SAT attack (NNgSAT), in which we examine the capability and effectiveness of a message-passing neural network (MPNN) for solving these complex structures (SAT-hard instances). In NNgSAT, after being trained as a classifier to predict SAT/UNSAT on a SAT problem (NN serves as a SAT solver), the neural network is used to guide/help the actual SAT solver for finding the SAT assignment(s). By training NN on conjunctive normal forms (CNFs) corresponded to a dataset of logic locked circuits, as well as fine-tuning the confidence rate of the NN prediction, our experiments show that NNgSAT could solve 93.5% of the logic locked circuits containing complex structures within a reasonable time, while the existing SAT attack cannot proceed the attack flow in them.

Joseph Sweeney,Deepali Garg,Lawrence Pileggi

DOI: https://doi.org/10.48550/arXiv.2103.06990

2021-03-11

Cryptography and Security

Abstract:The outsourced manufacturing of integrated circuits has increased the risk of intellectual property theft. In response, logic locking techniques have been developed for protecting designs by adding programmable elements to the circuit. These techniques differ significantly in both overhead and resistance to various attacks, leaving designers unable to discern their efficacy. To overcome this critical impediment for the adoption of logic locking, we propose two metrics, key corruption and minimum corruption, that capture the goals of locking under different attack scenarios. We develop a flow for approximating these metrics on generic locked circuits and evaluate several locking techniques.

Yadi Zhong,Ujjwal Guin

DOI: https://doi.org/10.48550/arXiv.2204.11307

2023-02-09

Abstract:The need for reducing manufacturing defect escape in today's safety-critical applications requires increased fault coverage. However, generating a test set using commercial automatic test pattern generation (ATPG) tools that lead to zero-defect escape is still an open problem. It is challenging to detect all stuck-at faults to reach 100% fault coverage. In parallel, the hardware security community has been actively involved in developing solutions for logic locking to prevent IP piracy. Locks (e.g., XOR gates) are inserted in different locations of the netlist so that an adversary cannot determine the secret key. Unfortunately, the Boolean satisfiability (SAT) based attack, introduced in [1], can break different logic locking schemes in minutes. In this paper, we propose a novel test pattern generation approach using the powerful SAT attack on logic locking. A stuck-at fault is modeled as a locked gate with a secret key. Our modeling of stuck-at faults preserves the property of fault activation and propagation. We show that the input pattern that determines the key is a test for the stuck-at fault. We propose two different approaches for test pattern generation. First, a single stuck-at fault is targeted, and a corresponding locked circuit with one key bit is created. This approach generates one test pattern per fault. Second, we consider a group of faults and convert the circuit to its locked version with multiple key bits. The inputs obtained from the SAT tool are the test set for detecting this group of faults. Our approach is able to find test patterns for hard-to-detect faults that were previously failed in commercial ATPG tools. The proposed test pattern generation approach can efficiently detect redundant faults present in a circuit. We demonstrate the effectiveness of the approach on ITC'99 benchmarks. The results show that we can achieve a perfect fault coverage reaching 100%.

Cryptography and Security