Scaling Attacks on Large Logic-Locked Designs

Abdul Khader Thalakkattu Moosa, Benjamin Tan, Ramesh Karri

Research output: Contribution to journalArticlepeer-review


Researchers have developed numerous strategies to alleviate the threat of malicious third-party foundries, including logic locking and its numerous sophisticated variants for hardware intellectual property (IP) protection. Recent work at the register-transfer level has opened the door to “large-scale” locking of large IPs (comprising thousands of gates) with hundreds to thousands of key bits. Recent security evaluation of such techniques treats the locked design as a monolith and has suggested that large logic-locked designs are practically secure, even from powerful SAT-based attacks. In this work, we challenge such findings by proposing and evaluating a novel algorithmic method to de-obfuscate large logic-locked circuits by attacking a set of small sub-circuit cones. The algorithm chooses a sub-optimal set of sub-circuit cones and proposes an attack sequence on these cones by leveraging the observation that each locking key-bit is distributed across multiple sub-circuit cones of varying sizes. This Divide And Conquer SAT (DACSAT) attack framework can de-obfuscate large designs, like an AES IP comprising 300,000 gates, logic-locked with up to 50,000 keys in around 3600 seconds, while an out-of-the-box, state-of-the-art SAT attack tool fails.

Original languageEnglish (US)
Pages (from-to)1
Number of pages1
JournalIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
StateAccepted/In press - 2023


  • Discrete Fourier transforms
  • Flip-flops
  • IP networks
  • Integrated circuits
  • Logic Locking
  • Logic gates
  • RTL Locking
  • SAT Attack
  • Scalability
  • Security

ASJC Scopus subject areas

  • Software
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering


Dive into the research topics of 'Scaling Attacks on Large Logic-Locked Designs'. Together they form a unique fingerprint.

Cite this