Breaking Analog Locking Techniques

Similar to digital circuits, analog circuits are also susceptible to supply-chain attacks. There are several analog locking techniques proposed to combat these supply-chain attacks. However, there exists no elaborate evaluation procedure to estimate the resilience offered by these techniques. Evaluating analog defenses requires the usage of non-Boolean variables, such as bias current and gain. Hence, in this work, we evaluate the resilience of the analog-only locks and analog and mixed-signal (AMS) locks using satisfiability modulo theories (SMTs). We demonstrate our attack on five analog locking techniques and three AMS locking techniques. The attack is demonstrated on commonly used circuits, such as bandpass filter (BPF), low-noise amplifier (LNA), and low-dropout (LDO) voltage regulator. Attack results on analog-only locks show that the attacker, knowing the required bias current or voltage range, can determine the key. Likewise, knowing the protected input patterns (PIPs), the attacker can determine the key to unlock the AMS locks. We then extend our attack to break the existing analog camouflaging technique.

[1]  Ozgur Sinanoglu,et al.  Mixed-Signal Hardware Security Using MixLock: Demonstration in an Audio Application , 2019, 2019 16th International Conference on Synthesis, Modeling, Analysis and Simulation Methods and Applications to Circuit Design (SMACD).

[2]  Ioannis Savidis,et al.  Securing Analog Mixed-Signal Integrated Circuits Through Shared Dependencies , 2019, ACM Great Lakes Symposium on VLSI.

[3]  Dick James,et al.  The State-of-the-Art in IC Reverse Engineering , 2009, CHES.

[4]  Dick James,et al.  The state-of-the-art in semiconductor reverse engineering , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).

[5]  Avesta Sasan,et al.  SMT Attack: Next Generation Attack on Obfuscated Circuits with Capabilities and Performance Beyond the SAT Attacks , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[6]  Sayak Ray,et al.  Evaluating the security of logic encryption algorithms , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[7]  Jeyavijayan Rajendran,et al.  Towards Secure Analog Designs: A Secure Sense Amplifier Using Memristors , 2014, 2014 IEEE Computer Society Annual Symposium on VLSI.

[8]  A. Hastings The Art of Analog Layout , 2000 .

[9]  Tetsuya Iizuka,et al.  CMOS technology scaling and its implications , 2015 .

[10]  Jarrod A. Roy,et al.  Ending Piracy of Integrated Circuits , 2010, Computer.

[11]  Ioannis Savidis,et al.  Parameter biasing obfuscation for analog IP protection , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[12]  Ozgur Sinanoglu,et al.  Transforming between logic locking and IC camouflaging , 2015, 2015 10th International Design & Test Symposium (IDT).

[13]  Domenic Forte,et al.  Novel Bypass Attack and BDD-based Tradeoff Analysis Against All Known Logic Locking Attacks , 2017, CHES.

[14]  Yiorgos Makris,et al.  Analog Performance Locking through Neural Network-Based Biasing , 2019, 2019 IEEE 37th VLSI Test Symposium (VTS).

[15]  Gaurab Banerjee,et al.  A multi-tap inductor based 2.0–4.1 GHz wideband LC-oscillator , 2016, 2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS).

[16]  Ankur Srivastava,et al.  Delay locking: Security enhancement of logic locking against IC counterfeiting and overproduction , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[17]  Jan Jerabek,et al.  Features of multi-loop structures with OTAs and adjustable current amplifier for second-order multiphase/quadrature oscillators , 2015 .

[18]  Jeyavijayan Rajendran,et al.  Removal Attacks on Logic Locking and Camouflaging Techniques , 2020, IEEE Transactions on Emerging Topics in Computing.

[19]  Jeyavijayan Rajendran,et al.  Provably-Secure Logic Locking: From Theory To Practice , 2017, CCS.

[20]  R. K. Sharma,et al.  Sinusoidal Oscillators and Waveform Generators using Modern Electronic Circuit Building Blocks , 2015 .

[21]  Chih-Sheng Chang,et al.  Advanced CMOS technology portfolio for RF IC applications , 2005, IEEE Transactions on Electron Devices.

[22]  Jeyavijayan Rajendran,et al.  Towards Provably-Secure Analog and Mixed-Signal Locking Against Overproduction , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[23]  Yiorgos Makris,et al.  Range-Controlled Floating-Gate Transistors: A Unified Solution for Unlocking and Calibrating Analog ICs , 2020, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[24]  Deepak Sirone,et al.  Functional Analysis Attacks on Logic Locking , 2018, IEEE Transactions on Information Forensics and Security.

[25]  Hassan Aboushady,et al.  Securing Programmable Analog ICs Against Piracy , 2020, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[26]  Congyin Shi,et al.  A Built-In Self-Test and In Situ Analog Circuit Optimization Platform , 2018, IEEE Transactions on Circuits and Systems I: Regular Papers.

[27]  Ozgur Sinanoglu,et al.  Stripped Functionality Logic Locking With Hamming Distance-Based Restore Unit (SFLL-hd) – Unlocked , 2019, IEEE Transactions on Information Forensics and Security.

[28]  Abdullah Ash-Saki,et al.  How Multi-Threshold Designs Can Protect Analog IPs , 2018, 2018 IEEE 36th International Conference on Computer Design (ICCD).

[29]  Congyin Shi,et al.  Thwarting analog IC piracy via combinational locking , 2017, 2017 IEEE International Test Conference (ITC).

[30]  Ozgur Sinanoglu,et al.  MixLock: Securing Mixed-Signal Circuits via Logic Locking , 2019, 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE).