skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Mitigating Electro-Optical Frequency Mapping Attacks on Logic-Locked Integrated Circuits
Abstract The outsourcing of integrated circuit (IC) fabrication raises concerns of reverse-engineering, piracy, and overproduction of high-value intellectual property (IP). Logic locking was developed to address this by adding logic gates to a design to a chip’s functionality during fabrication. However, recent advances have revealed that logic locking is susceptible to physical probing attacks, such as electro-optical frequency mapping (EOFM). In this work, we proposeAdjoining Gates, a novel logic locking enhancement that places auxiliary logic gates near gates that leak key information when probed to obscure them, thereby mitigating EOFM-style attacks. To implement Adjoining Gates, we developed an open-source security verification and design automation algorithm that detects EOFM key leakage during placement and inserts Adjoining Gates in a design. Our evaluation shows that our proposed approach identified and mitigated all EOFM-extractable key leakage across 16 benchmarks of varying sizes, locking techniques, and probe resolutions with a 4.15% average gate count overhead.  more » « less
Award ID(s):
2245573
PAR ID:
10568886
Author(s) / Creator(s):
; ;
Publisher / Repository:
Springer Science + Business Media
Date Published:
Journal Name:
Journal of Hardware and Systems Security
Volume:
8
Issue:
4
ISSN:
2509-3428
Format(s):
Medium: X Size: p. 233-243
Size(s):
p. 233-243
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, 22nd International Symposium on Quality Electronic Design (ISQED))
    null (Ed.)
    Logic locking has been widely evaluated as a proactive countermeasure against the hardware security threats within the IC supply chain. However, the introduction of the SAT attack, and many of its derivatives, has raised big concern about this form of countermeasure. In this paper, we explore the possibility of exploiting chaos computing as a new means of logic locking. We introduce the concept of chaotic logic locking, called ChaoLock, in which, by leveraging asymmetric inputs in digital chaotic Boolean gates, we define the concept of programmability (key-configurability) to the sets of underlying initial conditions and system parameters. These initial conditions and system parameters determine the operation (functionality) of each digital chaotic Boolean gate. Also, by proposing dummy inputs in chaotic Boolean gates, we show that during reverse-engineering, the dummy inputs conceal the main functionality of the chaotic Boolean gates, which make the reverse-engineering almost impossible. By performing a security analysis of ChaoLock, we show that with no restriction on conventional CMOS-based ASIC implementation and with no test/debug compromising, none of the state-of-the-art attacks on logic locking, including the SAT attack, could reformulate chaotic Boolean gates while dummy inputs are involved and their parameters are locked. Our analysis and experimental results show that with a low number of chaotic Boolean gates mixed with CMOS digital gates, ChaoLock can guarantee resiliency against the state-of-the-art attacks on logic locking at low overhead. 
    more » « less
  2. ; ; (, 2020 IEEE Physical Assurance and Inspection of Electronics (PAINE))
    null (Ed.)
    Logic Locking is a well-accepted protection technique to enable trust in the outsourced design and fabrication processes of integrated circuits (ICs) where the original design is modified by incorporating additional key gates in the netlist, resulting in a key-dependent functional circuit. The original functionality of the chip is recovered once it is programmed with the secret key, otherwise, it produces incorrect results for some input patterns. Over the past decade, different attacks have been proposed to break logic locking, simultaneously motivating researchers to develop more secure countermeasures. In this paper, we propose a novel stuck-at fault-based differential fault analysis (DFA) attack, which can be used to break logic locking that relies on a stored secret key. This proposed attack is based on self-referencing, where the secret key is determined by injecting faults in the key lines and comparing the response with its fault-free counterpart. A commercial ATPG tool can be used to generate test patterns that detect these faults, which will be used in DFA to determine the secret key. One test pattern is sufficient to determine one key bit, which results in at most |K| test patterns to determine the entire secret key of size |K|. The proposed attack is generic and can be extended to break any logic locked circuits. 
    more » « less
  3. ; ; ; ; ; ; ; ; ; ; et al (, 2021 58th ACM/IEEE Design Automation Conference (DAC))
    Prevention of integrated circuit counterfeiting through logic locking faces the fundamental challenge of securing an obfuscation key against both physical and algorithmic threats. Previous work has focused on strengthening the logic encryption to protect the key against algorithmic attacks, but failed to provide adequate physical security. In this work, we propose a logic locking scheme that leverages the non-volatility of the nanomagnet logic (NML) family to achieve both physical and algorithmic security. Polymorphic NML minority gates protect the obfuscation key against algorithmic attacks, while a strain-inducing shield surrounding the nanomagnets provides physical security via a self-destruction mechanism. 
    more » « less
  4. ; (, IEEE)
    In a zero-trust fabless paradigm, designers are increasingly concerned about hardware-based attacks on the semiconductor supply chain. Logic locking is a design-for-trust method that adds extra key-controlled gates in the circuits to prevent hardware intellectual property theft and overproduction. While attackers have traditionally relied on an oracle to attack logic-locked circuits, machine learning attacks have shown the ability to retrieve the secret key even without access to an oracle. In this paper, we first examine the limitations of state-of-the-art machine learning attacks and argue that the use of key hamming distance as the sole model-guiding structural metric is not always useful. Then, we develop, train, and test a corruptibility-aware graph neural network-based oracle-less attack on logic locking that takes into consideration both the structure and the behavior of the circuits. Our model is explainable in the sense that we analyze what the machine learning model has interpreted in the training process and how it can perform a successful attack. Chip designers may find this information beneficial in securing their designs while avoiding incremental fixes. 
    more » « less
  5. ; (, Proceedings of Great Lakes Symposium on VLSI (GLSVLSI))
    Chip designers can secure their ICs against piracy and overproduction by employing logic locking and obfuscation. However, there are numerous attacks that can examine the logic-locked netlist with the assistance of an activated IC and extract the correct key using a SAT solver. In addition, when it comes to fabrication, the imposed area overhead is a challenge that needs careful attention to preserve the design goals. Thus, to assign a logic locking method that can provide security against diverse attacks and at the same time add minimal area overhead, a comprehensive understanding of the circuit structure is needed. Towards this goal, in this paper, we first build a multi-label dataset by running different attacks on benchmarks locked with existing logic locking methods and various key sizes to capture the provided level of security and overhead for each benchmark. Then we propose and analyze CoLA, a convolutional neural network model that is trained on this dataset and thus is able to map circuits to secure low-overhead locking schemes by analyzing extracted features of the benchmark circuits. Considering various resynthesized versions of the same circuits empowers CoLA to learn features beyond the structure view alone. We use a quantization method that can lower the computation overhead of feature extraction in the classification of new, unseen data, hence speeding up the locking assignment process. Results on over 10,000 data show high accuracy both in the training and validation phases. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email