Breaking Analog Locking Techniques via Satisfiability Modulo Theories

Similar to digital circuits, analog circuits are also susceptible to supply-chain attacks, such as intellectual property (IP) piracy, counterfeiting, and overproduction. Hence, analog locking techniques have been proposed to combat supply-chain attacks. However, there exists no evaluation procedure to estimate the resilience offered by these defense techniques. Evaluating analog defense techniques requires the usage of non-Boolean variables, such as bias current, bias voltage, and gain. However, it cannot be handled by the Boolean satisfiability (SAT) attack. In this work, we propose an evaluation technique based on satisfiability modulo theories (SMT). We demonstrate our attack on four state-of-the-art analog locking techniques using commonly used circuits, such as bandpass filter (BPF), LC oscillator, quadrature oscillator, and class-D amplifiers. Our results show that the attacker, knowing the required bias current values, can determine the key in polynomial time. We also show that even if he/she has only partial information about the bias currents, the search space can be reduced from exponential to a polynomial number of keys. We then extend our attack to break existing analog camouflaging techniques.

[1]  Dick James,et al.  The state-of-the-art in semiconductor reverse engineering , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).

[2]  Ioannis Savidis,et al.  Securing Analog Mixed-Signal Integrated Circuits Through Shared Dependencies , 2019, ACM Great Lakes Symposium on VLSI.

[3]  Ankur Srivastava,et al.  Delay locking: Security enhancement of logic locking against IC counterfeiting and overproduction , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[4]  A. Hastings The Art of Analog Layout , 2000 .

[5]  Yiorgos Makris,et al.  Analog Performance Locking through Neural Network-Based Biasing , 2019, 2019 IEEE 37th VLSI Test Symposium (VTS).

[6]  Tetsuya Iizuka,et al.  CMOS technology scaling and its implications , 2015 .

[7]  Ioannis Savidis,et al.  Parameter biasing obfuscation for analog IP protection , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[8]  Avesta Sasan,et al.  SMT Attack: Next Generation Attack on Obfuscated Circuits with Capabilities and Performance Beyond the SAT Attacks , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[9]  Sayak Ray,et al.  Evaluating the security of logic encryption algorithms , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[10]  Jeyavijayan Rajendran,et al.  Towards Secure Analog Designs: A Secure Sense Amplifier Using Memristors , 2014, 2014 IEEE Computer Society Annual Symposium on VLSI.

[11]  Jeyavijayan Rajendran,et al.  Provably-Secure Logic Locking: From Theory To Practice , 2017, CCS.

[12]  R. K. Sharma,et al.  Sinusoidal Oscillators and Waveform Generators using Modern Electronic Circuit Building Blocks , 2015 .

[13]  Neil Walkinshaw,et al.  Reverse-Engineering Software Behavior , 2013, Adv. Comput..

[14]  Jeyavijayan Rajendran,et al.  Towards Provably-Secure Analog and Mixed-Signal Locking Against Overproduction , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[15]  Ozgur Sinanoglu,et al.  Transforming between logic locking and IC camouflaging , 2015, 2015 10th International Design & Test Symposium (IDT).

[16]  Jarrod A. Roy,et al.  Ending Piracy of Integrated Circuits , 2010, Computer.

[17]  Gaurab Banerjee,et al.  A multi-tap inductor based 2.0–4.1 GHz wideband LC-oscillator , 2016, 2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS).

[18]  Chih-Sheng Chang,et al.  Advanced CMOS technology portfolio for RF IC applications , 2005, IEEE Transactions on Electron Devices.

[19]  Domenic Forte,et al.  Novel Bypass Attack and BDD-based Tradeoff Analysis Against All Known Logic Locking Attacks , 2017, CHES.

[20]  Ozgur Sinanoglu,et al.  Mixed-Signal Hardware Security Using MixLock: Demonstration in an Audio Application , 2019, 2019 16th International Conference on Synthesis, Modeling, Analysis and Simulation Methods and Applications to Circuit Design (SMACD).

[21]  Jeyavijayan Rajendran,et al.  Removal Attacks on Logic Locking and Camouflaging Techniques , 2020, IEEE Transactions on Emerging Topics in Computing.

[22]  Ozgur Sinanoglu,et al.  MixLock: Securing Mixed-Signal Circuits via Logic Locking , 2019, 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[23]  Jan Jerabek,et al.  Features of multi-loop structures with OTAs and adjustable current amplifier for second-order multiphase/quadrature oscillators , 2015 .

[24]  Abdullah Ash-Saki,et al.  How Multi-Threshold Designs Can Protect Analog IPs , 2018, 2018 IEEE 36th International Conference on Computer Design (ICCD).

[25]  Congyin Shi,et al.  Thwarting analog IC piracy via combinational locking , 2017, 2017 IEEE International Test Conference (ITC).