Cryptology ePrint Archive: Report 2019/656

SeqL: Secure Scan-Locking for IP Protection

Seetal Potluri and Aydin Aysu and Akash Kumar

Abstract: Existing logic-locking attacks are known to successfully decrypt a functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are sequential circuits) through the scan-chain by selectively initializing the combinational logic and analyzing the responses. In this paper, we propose SeqL, which achieves functional isolation and locks selective functional-input/scan-output pairs, thus rendering the decrypted key functionally incorrect. We conduct a formal study of the scan locking problem and demonstrate automating our proposed defense on any given IP. We show that SeqL hides functionally correct keys from the attacker, thereby increasing the likelihood of the decrypted key being functionally incorrect. When tested on pipelined combinational benchmarks (ISCAS, MCNC), sequential benchmarks (ITC) and a fully-fledged RISC-V CPU, SeqL gave 100% resilience to a broad range of state-of-the-art attacks including SAT [1], [2], Double-DIP [3], HackTest [4], SMT [5], FALL [6], Removal [7], Shift-and-Leak [8] and Multi-cycle attacks [9].

Category / Keywords: implementation / Logic Locking, Oracle-guided attacks, Oracle-less attacks, Scan-Locking

Date: received 3 Jun 2019, last revised 13 Aug 2019, withdrawn 14 Aug 2019

Contact author: spotlur2 at ncsu edu

Available format(s): (-- withdrawn --)

Version: 20190814:200732 (All versions of this report)

Short URL: ia.cr/2019/656


[ Cryptology ePrint archive ]