Revisit sequential logic obfuscation: Attacks and defenses

The urgent requests to protection integrated circuits (IC) and hardware intellectual properties (IP) have led to the development of various logic obfuscation methods. While most existing solutions focus on the combinational logic or sequential logic with full scan-chains, in this paper, we will revisit the security of sequential logic obfuscation within circuits where full scan-chains are not available or accessible. We will first introduce attack methods to compromise obfuscated sequential circuits leveraging newly developed netlist analysis tools. We will then propose systematic solutions and provide guidelines in developing resilient sequential logic obfuscation schemes.

[1]  Robert E. Tarjan,et al.  Depth-First Search and Linear Graph Algorithms , 1972, SIAM J. Comput..

[2]  Shaojie Zhang,et al.  Netlist reverse engineering for high-level functionality reconstruction , 2016, 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC).

[3]  Christian Steger,et al.  High level fault injection for attack simulation in smart cards , 2004, 13th Asian Test Symposium.

[4]  Bah-Hwee Gwee,et al.  A highly efficient method for extracting FSMs from flattened gate-level netlist , 2010, Proceedings of 2010 IEEE International Symposium on Circuits and Systems.

[5]  Swarup Bhunia,et al.  HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection , 2009, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[6]  Jarrod A. Roy,et al.  EPIC: Ending Piracy of Integrated Circuits , 2008, 2008 Design, Automation and Test in Europe.

[7]  Ivo Bolsens,et al.  Proceedings of the conference on Design, Automation & Test in Europe , 2000 .

[8]  Jeyavijayan Rajendran,et al.  Security analysis of logic obfuscation , 2012, DAC Design Automation Conference 2012.

[9]  Sayak Ray,et al.  Evaluating the security of logic encryption algorithms , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[10]  Yuejun Zhang,et al.  DSD: A Dynamic State-Deflection Method for Gate-Level Netlist Obfuscation , 2016, 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[11]  Swarup Bhunia,et al.  VIm-Scan: A Low Overhead Scan Design Approach for Protection of Secret Key in Scan-Based Secure Chips , 2007, 25th IEEE VLSI Test Symposium (VTS'07).

[12]  Debdeep Mukhopadhyay,et al.  Secured Flipped Scan-Chain Model for Crypto-Architecture , 2007, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[13]  Mark Mohammad Tehranipoor,et al.  AVFSM: A framework for identifying and mitigating vulnerabilities in FSMs , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[14]  Yukihide Kohira 国際会議参加報告:Asia and South Pacific Design Automation Conference , 2012 .

[15]  Bruno Rouzeyre,et al.  Securing Scan Control in Crypto Chips , 2007, J. Electron. Test..

[16]  Jean-Jacques Quisquater,et al.  Faults, Injection Methods, and Fault Attacks , 2007, IEEE Design & Test of Computers.

[17]  Meng Li,et al.  Provably Secure Camouflaging Strategy for IC Protection , 2019, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[18]  Ozgur Sinanoglu,et al.  SARLock: SAT attack resistant logic locking , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[19]  Michael S. Hsiao,et al.  Interlocking obfuscation for anti-tamper hardware , 2013, CSIIRW '13.

[20]  Mark Mohammad Tehranipoor,et al.  Securing Designs against Scan-Based Side-Channel Attacks , 2007, IEEE Transactions on Dependable and Secure Computing.

[21]  Siddharth Garg,et al.  Integrated Circuit (IC) Decamouflaging: Reverse Engineering Camouflaged ICs within Minutes , 2015, NDSS.

[22]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.

[23]  Karem A. Sakallah,et al.  SAT-based sequential depth computation , 2003, ASP-DAC '03.