Removal Attacks on Logic Locking and Camouflaging Techniques

Muhammad Yasin, Bodhisatwa Mazumdar, Ozgur Sinanoglu, Jeyavijayan Rajendran

    Research output: Contribution to journalArticle

    Abstract

    With the adoption of a globalized and distributed IC design flow, IP piracy, reverse engineering, and counterfeiting threats are becoming more prevalent. Logic obfuscation techniques including logic locking and IC camouflaging have been developed to address these emergent challenges. A major challenge for logic locking and camouflaging techniques is to resist Boolean satisfiability (SAT) based attacks that can circumvent state-of-the-art solutions within minutes. Over the past year, multiple SAT attack resilient solutions such as Anti-SAT and AND-tree insertion (ATI) have been presented. In this paper, we perform a security analysis of these countermeasures and show that they leave structural traces behind in their attempts to thwart the SAT attack. We present three attacks, namely “signal probability skew” (SPS) attack, “AppSAT guided removal (AGR) attack, and “sensitization guided SAT” (SGS) attack”, that can break Anti-SAT and ATI, within minutes.

    Original languageEnglish (US)
    JournalIEEE Transactions on Emerging Topics in Computing
    DOIs
    StateAccepted/In press - Aug 19 2017

    Fingerprint

    Reverse engineering
    Integrated circuit design

    Keywords

    • Boolean functions
    • Boolean satisfiability
    • Hardware security
    • IC camouflaging
    • Integrated circuits
    • IP networks
    • Layout
    • Logic encryption
    • Logic gates
    • Logic locking
    • Reverse engineering
    • SAT
    • Security

    ASJC Scopus subject areas

    • Computer Science (miscellaneous)
    • Information Systems
    • Human-Computer Interaction
    • Computer Science Applications

    Cite this

    Removal Attacks on Logic Locking and Camouflaging Techniques. / Yasin, Muhammad; Mazumdar, Bodhisatwa; Sinanoglu, Ozgur; Rajendran, Jeyavijayan.

    In: IEEE Transactions on Emerging Topics in Computing, 19.08.2017.

    Research output: Contribution to journalArticle

    Yasin, Muhammad ; Mazumdar, Bodhisatwa ; Sinanoglu, Ozgur ; Rajendran, Jeyavijayan. / Removal Attacks on Logic Locking and Camouflaging Techniques. In: IEEE Transactions on Emerging Topics in Computing. 2017.
    @article{ef1b8e083a0849e9a128fe0923921099,
    title = "Removal Attacks on Logic Locking and Camouflaging Techniques",
    abstract = "With the adoption of a globalized and distributed IC design flow, IP piracy, reverse engineering, and counterfeiting threats are becoming more prevalent. Logic obfuscation techniques including logic locking and IC camouflaging have been developed to address these emergent challenges. A major challenge for logic locking and camouflaging techniques is to resist Boolean satisfiability (SAT) based attacks that can circumvent state-of-the-art solutions within minutes. Over the past year, multiple SAT attack resilient solutions such as Anti-SAT and AND-tree insertion (ATI) have been presented. In this paper, we perform a security analysis of these countermeasures and show that they leave structural traces behind in their attempts to thwart the SAT attack. We present three attacks, namely “signal probability skew” (SPS) attack, “AppSAT guided removal (AGR) attack, and “sensitization guided SAT” (SGS) attack”, that can break Anti-SAT and ATI, within minutes.",
    keywords = "Boolean functions, Boolean satisfiability, Hardware security, IC camouflaging, Integrated circuits, IP networks, Layout, Logic encryption, Logic gates, Logic locking, Reverse engineering, SAT, Security",
    author = "Muhammad Yasin and Bodhisatwa Mazumdar and Ozgur Sinanoglu and Jeyavijayan Rajendran",
    year = "2017",
    month = "8",
    day = "19",
    doi = "10.1109/TETC.2017.2740364",
    language = "English (US)",
    journal = "IEEE Transactions on Emerging Topics in Computing",
    issn = "2168-6750",
    publisher = "IEEE Computer Society",

    }

    TY - JOUR

    T1 - Removal Attacks on Logic Locking and Camouflaging Techniques

    AU - Yasin, Muhammad

    AU - Mazumdar, Bodhisatwa

    AU - Sinanoglu, Ozgur

    AU - Rajendran, Jeyavijayan

    PY - 2017/8/19

    Y1 - 2017/8/19

    N2 - With the adoption of a globalized and distributed IC design flow, IP piracy, reverse engineering, and counterfeiting threats are becoming more prevalent. Logic obfuscation techniques including logic locking and IC camouflaging have been developed to address these emergent challenges. A major challenge for logic locking and camouflaging techniques is to resist Boolean satisfiability (SAT) based attacks that can circumvent state-of-the-art solutions within minutes. Over the past year, multiple SAT attack resilient solutions such as Anti-SAT and AND-tree insertion (ATI) have been presented. In this paper, we perform a security analysis of these countermeasures and show that they leave structural traces behind in their attempts to thwart the SAT attack. We present three attacks, namely “signal probability skew” (SPS) attack, “AppSAT guided removal (AGR) attack, and “sensitization guided SAT” (SGS) attack”, that can break Anti-SAT and ATI, within minutes.

    AB - With the adoption of a globalized and distributed IC design flow, IP piracy, reverse engineering, and counterfeiting threats are becoming more prevalent. Logic obfuscation techniques including logic locking and IC camouflaging have been developed to address these emergent challenges. A major challenge for logic locking and camouflaging techniques is to resist Boolean satisfiability (SAT) based attacks that can circumvent state-of-the-art solutions within minutes. Over the past year, multiple SAT attack resilient solutions such as Anti-SAT and AND-tree insertion (ATI) have been presented. In this paper, we perform a security analysis of these countermeasures and show that they leave structural traces behind in their attempts to thwart the SAT attack. We present three attacks, namely “signal probability skew” (SPS) attack, “AppSAT guided removal (AGR) attack, and “sensitization guided SAT” (SGS) attack”, that can break Anti-SAT and ATI, within minutes.

    KW - Boolean functions

    KW - Boolean satisfiability

    KW - Hardware security

    KW - IC camouflaging

    KW - Integrated circuits

    KW - IP networks

    KW - Layout

    KW - Logic encryption

    KW - Logic gates

    KW - Logic locking

    KW - Reverse engineering

    KW - SAT

    KW - Security

    UR - http://www.scopus.com/inward/record.url?scp=85028506166&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=85028506166&partnerID=8YFLogxK

    U2 - 10.1109/TETC.2017.2740364

    DO - 10.1109/TETC.2017.2740364

    M3 - Article

    JO - IEEE Transactions on Emerging Topics in Computing

    JF - IEEE Transactions on Emerging Topics in Computing

    SN - 2168-6750

    ER -