Cryptology ePrint Archive: Report 2021/581

Breaking CAS-Lock and Its Variants by Exploiting Structural Traces

Abhrajit Sengupta and Nimisha Limaye and Ozgur Sinanoglu

Abstract: Logic locking is a prominent solution to protect against design intellectual property theft. However, there has been a decade-long cat-and-mouse game between defenses and attacks. A turning point in logic locking was the development of miter-based Boolean satisfiability (SAT) attack that steered the research in the direction of developing SAT-resilient schemes. These schemes, however achieved SAT resilience at the cost of low output corruption. Recently, cascaded locking (CAS-Lock) was proposed that provides non-trivial output corruption all-the-while maintaining resilience to the SAT attack. Regardless of the theoretical properties, we revisit some of the assumptions made about its implementation, especially about security-unaware synthesis tools, and subsequently expose a set of structural vulnerabilities that can be exploited to break these schemes. We propose our attacks on baseline CAS-Lock as well as mirrored CAS (M-CAS), an improved version of CAS-Lock. We furnish extensive simulation results of our attacks on ISCAS'85 and ITC'99 benchmarks, where we show that CAS-Lock/M-CAS can be broken with ~94% success rate. Further, we open-source all implementation scripts, locked circuits, and attack scripts for the community. Finally, we discuss the pitfalls of point function-based locking techniques including Anti-SAT and Stripped Functionality Logic Locking (SFLL-HD), which suffer from similar implementation issues.

Category / Keywords: implementation / Anti-SAT, CAS-Lock/M-CAS, IP piracy, logic locking, removal attack, SAT attack, structural analysis

Original Publication (in the same form): IACR-CHES-2021

Date: received 3 May 2021

Contact author: nsl278 at nyu edu

Available format(s): PDF | BibTeX Citation

Version: 20210503:204626 (All versions of this report)

Short URL: ia.cr/2021/581


[ Cryptology ePrint archive ]