Abstract
Logic encryption algorithms have gained wide popularity to safeguard Integrated Circuits (ICs) from being pirated or counterfeited in untrusted third-party foundries. However, an untrusted foundry can reverse engineer the netlist and gain important insight regarding the design of a chip. In this paper, we demonstrate how an adversary can monitor side-channel information of an activated chip and analyze the corresponding reverse engineered netlist to successfully deobfuscate the functionality of the circuit. In particular, our proposed attack is based on a Template Analysis (TA) approach which deciphers the key inputs of a locked netlist by exploiting power side-channel traces of the activated chip. The proposed methodology utilizes the fact that various key-gates of a netlist (locked using standard logic encryption algorithms) are located at different logic depths, which in turn enables a side-channel adversary to unlock the circuit functionality level-by-level following an iterative approach. The experimental results confirm that netlists locked using Random Logic Encryption, Strong Logic Encryption, and state-of-the-art point-function schemes can all be broken with a limited number of power side-channel traces by utilizing our proposed TA attack.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
