Towards Sustainable Logic Encryption in an Age of Mistrust

Rezaei, Amin

doi:https://doi.org/10.21985/n2-r7sx-6j18

Work

Towards Sustainable Logic Encryption in an Age of Mistrust

Public

Download PDF

Download All Files (.zip)

The active participation of external entities in the design and manufacturing flow has produced numerous hardware security issues. Among all the hardware security problems, piracy and overproduction are likely to be the most ubiquitous and expensive ones. Most leading-edge design houses have outsourced their fabrication to the offshore foundries for the sake of lower labor and manufacturing cost. However, these foundries are hard to be trusted since there is no well-defined universal consummate enforcement law. Add to this, the fact that powerful reverse engineering tools can efficiently extract and duplicate the circuit netlist. Logic encryption is a technique to manipulate a given circuit with added key input to make sure that the encrypted circuit will only function as the original one under a specific key value. Even though there exist different approaches for logic encryption, almost all of them are based on ad hoc solutions to insert extra gates with key bits to the original circuit. Therefore, it should not be too great a surprise that the SAT-based attack can efficiently decrypt almost all of the traditional encryption techniques. In this research, we have developed a sustainable logic encryption framework based on novel separation between two entangled goals: locking and obfuscation. We define locking as a logical request to make sure that the correct key cannot be easily figured out by studying the logic of the encrypted circuit. On the other hand, we define obfuscation as a structural request to make sure that the original circuit cannot be revealed by structural analyses of the encrypted circuit. First, we challenge the believe that cyclic combinational circuits are useless by proposing a robust cyclic combinational encryption. Both the theoretical proof and experimental results depict that powerful logic attacks are not capable of decrypting our cyclic encryption scheme. Second, we consider the concept of state unreachability precisely and discuss the opportunity that unreachable states can provide in logic encryption. In our proposed unreachable states encryption scheme, an exponential gain can be obtained in terms of attack complexity by spending a linear area overhead. Third, we propose the design for bilateral logic encryption that maintains high degree of security with small circuit modification. The scheme consists of four main stages namely sub-circuit extraction, sub-circuit locking, sub-circuit obfuscation, and sun-circuit concatenation. As long as the corruptibility and the affectability of the chosen sub-circuit is high, the security impact of its encryption is transmissible to the whole circuit. Forth, we suggest several polymorphic memrisor-based designs in order to encrypt the circuit layout. Here, our design goal is to have only one functional configuration while the other configurations are not meaningful. All of the designs can be configured in parallel if they have independent logic inputs. Fifth, we restore the glory of traditional logic encryption algorithms by first suggesting a behavioral approach to find and increase the diameter of the sequential circuit and then, proposing a lightweight structural scheme to secure the sequential circuit against the model checking attack. In our proposed scheme, wrong key insertion leads to intermittent faults when the circuit reaches to specific states. Sixth, we present a chip specific logic encryption scheme without key hiding by first selecting a sub-circuit with one critical primary output, and then substituting it with a strong physical unclonable function feeding into a MUX. The input bit length of the sub-circuit shall be sufficiently large but its observable pattern number shall be small. Our design balances efficiency, security, and yield.

Creator