Abstract

Researchers have developed numerous strategies to alleviate the threat of malicious third-party foundries, including logic locking and its numerous sophisticated variants for hardware intellectual property (IP) protection. Recent work at the register-transfer level has opened the door to “large-scale” locking of large IPs (comprising thousands of gates) with hundreds to thousands of key bits. Recent security evaluation of such techniques treats the locked design as a monolith and has suggested that large logic-locked designs are practically secure, even from powerful SAT-based attacks. In this work, we challenge such findings by proposing and evaluating a novel algorithmic method to de-obfuscate large logic-locked circuits by attacking a set of small sub-circuit cones. The algorithm chooses a sub-optimal set of sub-circuit cones and proposes an attack sequence on these cones by leveraging the observation that each locking key-bit is distributed across multiple sub-circuit cones of varying sizes. This Divide And Conquer SAT (DACSAT) attack framework can de-obfuscate large designs, like an AES IP comprising 300,000 gates, logic-locked with up to 50,000 keys in around 3600 seconds, while an out-of-the-box, state-of-the-art SAT attack tool fails.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.