Litcius/Paper detail

Hide and Seek: Seeking the (Un)-Hidden Key in Provably-Secure Logic Locking Techniques

Satwik Patnaik, Nimisha Limaye, Ozgur Sinanoglu

2022IEEE Transactions on Information Forensics and Security12 citationsDOI

Abstract

Logic locking is a holistic countermeasure that protects an integrated circuit (IC) from hardware-focused threats such as piracy of design intellectual property and unauthorized overproduction throughout the globalized IC supply chain. Out of the several techniques proposed by the hardware security community, provably-secure logic locking (PSLL) has acquired a foothold due to its algorithmic and provable-security guarantees. However, the security of these techniques are regularly questioned by attackers that exploit the vulnerabilities arising from the underlying hardware implementation. Unfortunately, such attacks (i) are predominantly specific to locking technique and (ii) lack generality and scalability. This leads to a plethora of attacks and researchers, especially defenders, find it challenging to ascertain the security of newly developed PSLL techniques. Additionally, there is no public repository of locked circuits, which attackers, can use to benchmark (and compare) their developed attacks. Driven by these challenges, we aim to develop a generalized attack that can recover the secret key across a breadth of PSLL techniques. To that end, we first categorize the existing PSLL techniques into two generic categories. Then, we extract functional and structural properties depending on the underlying hardware construction of the PSLL techniques and develop two attacks based on the concepts of VLSI testing and Boolean transformations. We evaluate our attacks on 30, 000 locked circuits across 14 PSLL techniques, including nine unbroken techniques. Our attacks successfully recover the secret key (100% accuracy) for all the considered techniques. Further, our experimentation across different (i) technology libraries, (ii) commercial and academic synthesis tools, and (iii) logic optimization settings provide several interesting insights. For instance, our attacks can recover the secret key by <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">only</i> using the locked circuit when an academic synthesis tool is used. Additionally, designers can use our attacks as a verification tool to ascertain the lower-bound security achieved by hardware implementations. Finally, we shall release our artifacts (post-review), which could help foster the development of future attacks and defenses in PSLL domain.

Topics & Concepts

Computer scienceHardware security moduleScalabilityKey (lock)ExploitComputer securityCryptographyGeneralityBenchmark (surveying)CountermeasureTheoretical computer sciencePsychologyAerospace engineeringEngineeringGeographyGeodesyDatabasePsychotherapistPhysical Unclonable Functions (PUFs) and Hardware SecurityIntegrated Circuits and Semiconductor Failure AnalysisCryptographic Implementations and Security