- Award ID(s):
- 1943351
- NSF-PAR ID:
- 10321018
- Date Published:
- Journal Name:
- 30th USENIX Security Symposium (USENIX Security 21)
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
null (Ed.)Vulnerabilities of key based analog obfuscation methodologies that modify the transistor dimensions of a circuit are evaluated. Two attack vectors on a common source amplifier, differential amplifier, operational amplifier, and voltage controlled oscillator are developed. The first attack exploits the lack of possible key combinations permitted around the correct key, which is a result of requiring a unique key to lock the circuit. An average of 5 possible key combinations were returned in an average of 5.47 seconds when executing the key spacing attack. The second attack vector utilizes the monotonic relationship between the sizing of the transistors and the functional response of the circuit to determine the correct key. The average time to execute the attack, while assuming process, voltage, and temperature (PVT) variation of 10%, was 1.18 seconds. Both equal key spacing and non-monotonic key dependencies are discussed as ways to mitigate the threats to future analog obfuscation techniques.more » « less
-
The semiconductor industry must deal with different hardware threats like piracy and overproduction as a result of outsourcing manufacturing. While there are many proposals to lock the circuit using a global protected key only known to the designer, there exist numerous oracle-guided attacks that can examine the locked netlist with the assistance of an activated IC and extract the correct key. In this paper, by adopting a low-overhead structural method, we propose DK Lock, a novel Dual Key locking method that securely protects sequential circuits with two different keys that are applied to one set of key inputs at different times. DK Lock structurally adds an activation phase to the sequential circuit, and a correct key must be applied for several cycles to exit this phase. Once the circuit has been successfully activated, a new functional key must be applied to the same set of inputs to resume normal operation. DK Lock opens up new avenues for hardware IP protection by simultaneously refuting the single static key assumption of the existing attacks and overcoming the state explosion problem of state-of-the-art sequential logic locking methods. Our experiments confirm that DK Lock maintains a high degree of security with reasonable power and area overheads.more » « less
-
In this work, we propose LUT-Lock, a novel Look-Up-Table-based netlist obfuscation algorithm, for protecting the intellectual property that is mapped to an FPGA bitstream or an ASIC netlist. We, first, illustrate the effectiveness of several key features that make the LUT-based obfuscation more resilient against SAT attacks and then we embed the proposed key features into our proposed LUT-Lock algorithm. We illustrate that LUT-Lock maximizes the resiliency of the LUT-based obfuscation against SAT attacks by forcing a near exponential increase in the execution time of a SAT solver with respect to the number of obfuscated gates. Hence, by adopting LUT-Lock algorithm, SAT attack execution time could be made unreasonably long by increasing the number of utilized LUTs.more » « less
-
Logic locking has recently been proposed as a solution for protecting gate level semiconductor intellectual property (IP). However, numerous attacks have been mounted on this technique, which either compromise the locking key or restore the original circuit functionality. SAT attacks leverage golden IC information to rule out all incorrect key classes, while bypass and removal attacks exploit the limited output corruptibility and/or structural traces of SAT-resistant locking schemes. In this paper, we propose a new lightweight locking technique: CAS-Lock (cascaded locking) which nullifies both SAT and bypass attacks, while simultaneously maintaining nontrivial output corruptibility. This property of CAS-Lock is in stark contrast to the well-accepted notion that there is an inherent trade-off between output corruptibility and SAT resistance. We theoretically and experimentally validate the SAT resistance of CAS-Lock, and show that it reduces the attack to brute-force, regardless of its construction. Further, we evaluate its resistance to recently proposed approximate SAT attacks (i.e., AppSAT). We also propose a modified version of CAS-Lock (mirrored CAS-Lock or M-CAS) to protect against removal attacks. M-CAS allows a trade-off evaluation between removal attack and SAT attack resiliency, while incurring minimal area overhead. We also show how M-CAS parameters such as the implemented Boolean function and selected key can be tuned by the designer so that a desired level of protection against all known attacks can be achieved.more » « less
-
Abstract Physical unclonable functions (PUFs) are emerging as an alternative to information security by providing an advanced level of cryptographic keys with non‐replicable characteristics, yet the cryptographic keys of conventional PUFs are not reconfigurable from the ones assigned at the manufacturing stage and the overall authentication process slows down as the number of entities in the dataset or the length of cryptographic key increases. Herein, a supersaturated solution‐based PUF (S‐PUF) is presented that utilizes stochastic crystallization of a supersaturated sodium acetate solution to allow a time‐efficient, hierarchical authentication process together with on‐demand rewritability of cryptographic keys. By controlling the orientation and the average grain size of the sodium acetate crystals via a spatiotemporally programmed temperature profile, the S‐PUF now includes two global parameters, that is, angle of rotation and divergence of the diffracted beam, in addition to the speckle pattern to produce multilevel cryptographic keys, and these parameters function as prefixes for the classification of each entity for a fast authentication process. At the same time, the reversible phase change of sodium acetate enables repeated reconfiguration of the cryptographic key, which is expected to offer new possibilities for a next‐generation, recyclable anti‐counterfeiting platform.