Cryptology ePrint Archive: Report 2019/719

The Key is Left under the Mat: On the Inappropriate Security Assumption of Logic Locking Schemes

Mir Tanjidur Rahman and Shahin Tajik and M. Sazadur Rahman and Mark Tehranipoor and Navid Asadizanjani

Abstract: Logic locking has been proposed as an obfuscation technique to protect outsourced IC designs from Intellectual Property (IP) piracy by untrusted entities in the design and fabrication process. It obfuscates the netlist by adding extra key-gates, to mislead an adversary, whose aim is to reverse engineer the netlist. The correct functionality will be obtained only if a correct key is applied to the key-gates. The key is written into a nonvolatile memory (NVM) after the fabrication by the IP owner. In the past several years, the focus of the research community has been mostly on Oracle-guided attacks, such as SAT attacks, on logic locking and proposing proper countermeasures against such attacks. However, none of the reported researches in the literature has ever challenged a more fundamental assumption of logic locking, which is the security of the key itself. In other words, if an adversary can read out the correct key after insertion, the security of the entire scheme is broken, no matter how robust is the logic-locking scheme. In this work, we first review possible adversaries for the locked circuits and their capabilities. Afterward, we demonstrate that even with the assumption of having a tamper and read-proof memory for the key storage, which is not vulnerable to any physical attacks, the key transfer between the memory and the key-gates through registers and buffers make the key extraction by an adversary possible. To support our claim, we implemented a proof-of-concept locked circuit as well as one of the common logic locking benchmarks on a 28 nm Flash-based FPGA and extract their keys using optical probing. Finally, we discuss the feasibility of the proposed attack in different scenarios and propose potential countermeasures.

Category / Keywords: Logic Locking, Optical Contactless Probing, Tamper-proof Memory

Date: received 17 Jun 2019, withdrawn 28 Aug 2019

Contact author: mir rahman at ufl edu,stajik@ufl edu

Available format(s): (-- withdrawn --)

Note: We are submitting this paper in a conference which does not allow paper published in e-print. Therefore unfortunately we have to withdraw

Version: 20190828:194430 (All versions of this report)

Short URL: ia.cr/2019/719


[ Cryptology ePrint archive ]