Paper 2022/325

FPGA Design Deobfuscation by Iterative LUT Modification at Bitstream Level

Michail Moraitis
Elena Dubrova

Hardware obfuscation through redundancy addition is a well-known countermeasure against reverse engineering. For FPGA designs, such a technique can be implemented with a small overhead, however, its effectiveness is heavily dependent on the stealthiness of the redundant elements. Hardware opaque predicates can provide adequately stealthy constant values that can be used for obfuscation. However, in this report, we show that such obfuscation schemes can be defeated by ensuring the full controllability of each active look-up table input in a design via iterative bitstream modifications. We present an algorithm that works directly on the bitstream and does not require the possession of a netlist. The feasibility of our approach is verified with the example of an obfuscated SNOW 3G design implemented in a Xilinx 7-series FPGA.

Available format(s)
Publication info
Published elsewhere. European Test Symposium 2022
Obfuscation hardware opaque predicate SRAM FPGA bitstream modification reverse engineering.
Contact author(s)
micmor @ kth se
2022-09-20: last of 2 revisions
2022-03-14: received
See all versions
Short URL
Creative Commons Attribution


      author = {Michail Moraitis and Elena Dubrova},
      title = {FPGA Design Deobfuscation by Iterative LUT Modification at Bitstream Level},
      howpublished = {Cryptology ePrint Archive, Paper 2022/325},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.