Paper 2019/005
ScanSAT: Unlocking Obfuscated Scan Chains
Lilas Alrahis, Muhammad Yasin, Hani Saleh, Baker Mohammad, Mahmoud Al-Qutayri, and Ozgur Sinanoglu
Abstract
While financially advantageous, outsourcing key steps such as testing to potentially untrusted Outsourced Semiconductor Assembly and Test (OSAT) companies may pose a risk of compromising on-chip assets. Obfuscation of scan chains is a technique that hides the actual scan data from the untrusted testers; logic inserted between the scan cells, driven by a secret key, hide the transformation functions between the scan- in stimulus (scan-out response) and the delivered scan pattern (captured response). In this paper, we propose ScanSAT: an attack that transforms a scan obfuscated circuit to its logic- locked version and applies a variant of the Boolean satisfiability (SAT) based attack, thereby extracting the secret key. Our empirical results demonstrate that ScanSAT can easily break naive scan obfuscation techniques using only three or fewer attack iterations even for large key sizes and in the presence of scan compression.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. ASPDAC 2019
- Keywords
- hardware securityscan attackslogic obfuscationip piracyreverse engineering
- Contact author(s)
- myasin @ tamu edu
- History
- 2019-01-09: received
- Short URL
- https://ia.cr/2019/005
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/005,
author = {Lilas Alrahis and Muhammad Yasin and Hani Saleh and Baker Mohammad and Mahmoud Al-Qutayri and Ozgur Sinanoglu},
title = {{ScanSAT}: Unlocking Obfuscated Scan Chains},
howpublished = {Cryptology {ePrint} Archive, Paper 2019/005},
year = {2019},
url = {https://eprint.iacr.org/2019/005}
}
