Boolean Circuit Camouflage: Cryptographic Models, Limitations, Provable Results and a Random Oracle Realization

Recent hardware advances, called gate camouflaging, have opened the possibility of protecting integrated circuits against reverse-engineering attacks. In this paper, we investigate the possibility of provably boosting the capability of physical camouflaging of a single Boolean gate into physical camouflaging of a larger Boolean circuit. We first propose rigorous definitions, borrowing approaches from modern cryptography and program obfuscation areas, for circuit camouflage. Informally speaking, gate camouflaging is defined as a transformation of a physical gate that appears to mask the gate to an attacker evaluating the circuit containing this gate. Under this assumption, we formally prove two results: a limitation and a construction. Our limitation result says that there are circuits for which, no matter how many gates we camouflaged, an adversary capable of evaluating the circuit will correctly guess all the camouflaged gates. Our construction result says that if pseudo-random functions exist (a common assumptions in cryptography), a small number of camouflaged gates suffices to: (a) leak no additional information about the camouflaged gates to an adversary evaluating the pseudo-random function circuit; and (b) turn these functions into random oracles. These latter results are the first results on circuit camouflaging provable in a cryptographic model (previously, construction were given under no formal model, and were eventually reverse-engineered, or were argued secure under specific classes of attacks). Our results imply a concrete and provable realization of random oracles, which, even if under a hardware-based assumption, is applicable in many scenarios, including public-key infrastructures. Finding special conditions under which provable realizations of random oracles has been an open problem for many years, since a software only provable implementation of random oracles was proved to be (almost certainly) impossible.

[1]  Swaroop Ghosh,et al.  A novel threshold voltage defined switch for circuit camouflaging , 2016, 2016 21th IEEE European Test Symposium (ETS).

[2]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[3]  Meng Li,et al.  Provably secure camouflaging strategy for IC protection , 2016, 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[4]  Ken Mai,et al.  A secure camouflaged threshold voltage defined logic family , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[5]  Jeyavijayan Rajendran,et al.  CamoPerturb: Secure IC camouflaging for minterm protection , 2016, 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[6]  Neil Walkinshaw,et al.  Reverse-Engineering Software Behavior , 2013, Adv. Comput..

[7]  Jeyavijayan Rajendran,et al.  Security analysis of integrated circuit camouflaging , 2013, CCS.

[8]  Sarma B. K. Vrudhula,et al.  Digital IP protection using threshold voltage control , 2016, 2016 17th International Symposium on Quality Electronic Design (ISQED).

[9]  Amit Sahai,et al.  Positive Results and Techniques for Obfuscation , 2004, EUROCRYPT.

[10]  Dick James,et al.  The state-of-the-art in semiconductor reverse engineering , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).

[11]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[12]  Xiangyu Zhang,et al.  Oracle-guided incremental SAT solving to reverse engineer camouflaged logic circuits , 2016, 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[13]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[14]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[15]  Siddharth Garg,et al.  Threshold-Dependent Camouflaged Cells to Secure Circuits Against Reverse Engineering Attacks , 2016, 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[16]  Mihir Bellare,et al.  Point-Function Obfuscation: A Framework and Generic Constructions , 2015, TCC.

[17]  Giovanni Di Crescenzo,et al.  Practical implementations of program obfuscators for point functions , 2016, 2016 International Conference on High Performance Computing & Simulation (HPCS).

[18]  Alfred Menezes,et al.  The random oracle model: a twenty-year retrospective , 2015, Designs, Codes and Cryptography.

[19]  Giovanni Di Crescenzo,et al.  Practical Implementation of Lattice-Based Program Obfuscators for Point Functions , 2017, 2017 International Conference on High Performance Computing & Simulation (HPCS).

[20]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.