TY - JOUR
T1 - Stripped Functionality Logic Locking with Hamming Distance-Based Restore Unit (SFLL-HD)-Unlocked
AU - Yang, Fangfei
AU - Tang, Ming
AU - Sinanoglu, Ozgur
N1 - Funding Information:
Manuscript received July 2, 2018; revised December 10, 2018 and January 27, 2019; accepted March 7, 2019. Date of publication March 13, 2019; date of current version June 14, 2019. This work was supported in part by the National Natural Science Foundation of China under Grant 61202386, Grant 61332019, and Grant 61472292, in part by the National Basic Research Program of China (973 Program) under Grant 2014CB340601, in part by the Key Technology Research of New-generation High-speed and High-level Security Chip for Smart Grid under Grant 526816160015, in part by the Technological Innovation of Hubei Province (Major Special Project) under Grant 2018AAA046, in part by the NSFC-General Technology Basic Research Joint Foundation under Grant U1636107, and in part by the Defense Advanced Research Projects Agency Obfuscated Manufacturing for GPS (OMG) Program. The associate editor coordinating the review of this manuscript and approving it for publication was Prof. Jean-Luc Danger. (Corresponding author: Ming Tang.) F. Yang is with the School of Computer, Wuhan University, Wuhan 430072, China.
Publisher Copyright:
© 2005-2012 IEEE.
PY - 2019/10
Y1 - 2019/10
N2 - Logic locking is a technique that has received significant attention. It protects a hardware design netlist from a variety of hardware security threats, such as tampering, reverse-engineering, and piracy, stemming from untrusted chip foundry and end-users. This technique adds logic and inputs to a given design netlist to make sure that the locked design is functional only when a key is applied from the new inputs; an incorrect key makes the design produce incorrect outputs. The new inputs, referred to as the key inputs, are driven by a tamper-proof memory on the chip, which stores the secret key. Research in this field has shown that this technique, if not implemented properly, may be vulnerable to attacks that extract the key of logic locking. Recently, a logic locking technique called stripped functionality logic locking (SFLL) has been proposed and shown to withstand all known attacks in a provably secure manner. SFLL strips some functionality from the original design by corrupting its output corresponding to a number of 'protected' input patterns. In one version of SFLL, referred to as SFLL-hd, these protected patterns are all of a certain hamming distance h to the key. The modified design is accompanied by additional logic that fixes the output for each protected input pattern only when the key is in the tamper-proof memory. In this paper, we present an attack that breaks SFLL-hd within a minute. Our attack exploits structural traces left behind in the locked design due to the functionality strip operation and is capable of identifying some of the protected patterns. We also present a theoretical framework that helps us develop two different techniques to complete our attack. In the first technique, we use the Gaussian elimination technique to solve a system of equations that we form based on k-identified protected patterns in O k3) time in the best case, where k is the number of key bits in key. The second technique uses one identified protected pattern to query the oracle k times. In both techniques, we successfully recover the key from the protected pattern(s). We show that our attacks work on the SFLL-locked microprocessor design (more than 50 K gates) that the authors of SFLL made available to the public; we extract the 256-bit key within a minute and reveal it in this paper. We also test our attacks on a few other SFLL-hd benchmarks provided by SFLL authors.
AB - Logic locking is a technique that has received significant attention. It protects a hardware design netlist from a variety of hardware security threats, such as tampering, reverse-engineering, and piracy, stemming from untrusted chip foundry and end-users. This technique adds logic and inputs to a given design netlist to make sure that the locked design is functional only when a key is applied from the new inputs; an incorrect key makes the design produce incorrect outputs. The new inputs, referred to as the key inputs, are driven by a tamper-proof memory on the chip, which stores the secret key. Research in this field has shown that this technique, if not implemented properly, may be vulnerable to attacks that extract the key of logic locking. Recently, a logic locking technique called stripped functionality logic locking (SFLL) has been proposed and shown to withstand all known attacks in a provably secure manner. SFLL strips some functionality from the original design by corrupting its output corresponding to a number of 'protected' input patterns. In one version of SFLL, referred to as SFLL-hd, these protected patterns are all of a certain hamming distance h to the key. The modified design is accompanied by additional logic that fixes the output for each protected input pattern only when the key is in the tamper-proof memory. In this paper, we present an attack that breaks SFLL-hd within a minute. Our attack exploits structural traces left behind in the locked design due to the functionality strip operation and is capable of identifying some of the protected patterns. We also present a theoretical framework that helps us develop two different techniques to complete our attack. In the first technique, we use the Gaussian elimination technique to solve a system of equations that we form based on k-identified protected patterns in O k3) time in the best case, where k is the number of key bits in key. The second technique uses one identified protected pattern to query the oracle k times. In both techniques, we successfully recover the key from the protected pattern(s). We show that our attacks work on the SFLL-locked microprocessor design (more than 50 K gates) that the authors of SFLL made available to the public; we extract the 256-bit key within a minute and reveal it in this paper. We also test our attacks on a few other SFLL-hd benchmarks provided by SFLL authors.
KW - Hardware
KW - hamming distance
KW - logic gates
KW - reverse engineering
KW - security
UR - http://www.scopus.com/inward/record.url?scp=85067669162&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85067669162&partnerID=8YFLogxK
U2 - 10.1109/TIFS.2019.2904838
DO - 10.1109/TIFS.2019.2904838
M3 - Article
AN - SCOPUS:85067669162
SN - 1556-6013
VL - 14
SP - 2778
EP - 2786
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
IS - 10
M1 - 8666809
ER -