Skip to main content

Tipp

Weitere Artikel dieser Ausgabe durch Wischen aufrufen

Erschienen in: Journal of Electronic Testing 5/2022

03.11.2022

AFIA: ATPG-Guided Fault Injection Attack on Secure Logic Locking

verfasst von: Yadi Zhong, Ayush Jain, M. Tanjidur Rahman, Navid Asadizanjani, Jiafeng Xie, Ujjwal Guin

Erschienen in: Journal of Electronic Testing | Ausgabe 5/2022

Einloggen, um Zugang zu erhalten
share
TEILEN

Abstract

The outsourcing of the design and manufacturing of integrated circuits has raised severe concerns about the piracy of Intellectual Properties and illegal overproduction. Logic locking has emerged as an obfuscation technique to protect outsourced chip designs, where the circuit netlist is locked and can only be functional once a secure key is programmed. However, Boolean Satisfiability-based attacks have shown to break logic locking, simultaneously motivating researchers to develop more secure countermeasures. In this paper, we present a novel fault injection-based attack to break any locking technique that relies on a stored secret key, and denote this attack as AFIA, ATPG-guided Fault Injection Attack. The proposed attack is based on sensitizing a key bit to the primary output while injecting faults at a few other key lines that block the propagation of the targeted key bit. AFIA is very effective in determining a key bit as there exists a stuck-at fault pattern that detects a stuck-at 1 (or stuck-at 0) fault at any key line. The average complexity of the number of injected faults for AFIA is linear with the key size \(\mathcal {K}\) and requires only \(\mathcal {K}\) test patterns to determine a secret key K. AFIA requires fewer injected faults to sensitize a bit to the primary output, compared to \(2\mathcal {K}-1\) faults for the differential fault analysis attack illustrated in our previous work.
Literatur
1.
Zurück zum Zitat Alkabani Y, Koushanfar F (2007) Active hardware metering for intellectual property protection and security. In: USENIX Security Symposium, pp 291–306 Alkabani Y, Koushanfar F (2007) Active hardware metering for intellectual property protection and security. In: USENIX Security Symposium, pp 291–306
2.
Zurück zum Zitat Alrahis L, Patnaik S, Khalid F, Hanif MA, Saleh H, Shafique M, Sinanoglu O (2021a) GNNUnlock: Graph Neural Networks-based Oracle-less Unlocking Scheme for provably secure logic locking. In: 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE), IEEE, pp 780–785 Alrahis L, Patnaik S, Khalid F, Hanif MA, Saleh H, Shafique M, Sinanoglu O (2021a) GNNUnlock: Graph Neural Networks-based Oracle-less Unlocking Scheme for provably secure logic locking. In: 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE), IEEE, pp 780–785
3.
Zurück zum Zitat Alrahis L, Patnaik S, Knechtel J, Saleh H, Mohammad B, Al-Qutayri M, Sinanoglu O (2021b) UNSAIL: Thwarting oracle-less machine learning attacks on logic locking. IEEE Trans Inf Forensics and Secur 16:2508–2523 CrossRef Alrahis L, Patnaik S, Knechtel J, Saleh H, Mohammad B, Al-Qutayri M, Sinanoglu O (2021b) UNSAIL: Thwarting oracle-less machine learning attacks on logic locking. IEEE Trans Inf Forensics and Secur 16:2508–2523 CrossRef
4.
Zurück zum Zitat Alrahis L, Yasin M, Limaye N, Saleh H, Mohammad B, Alqutayri M, Sinanoglu O (2019) ScanSAT: Unlocking static and dynamic scan obfuscation. Trans Emerg Topics Computing 9(4):1867-1882 Alrahis L, Yasin M, Limaye N, Saleh H, Mohammad B, Alqutayri M, Sinanoglu O (2019) ScanSAT: Unlocking static and dynamic scan obfuscation. Trans Emerg Topics Computing 9(4):1867-1882
5.
Zurück zum Zitat Azar KZ, Kamali HM, Homayoun H, Sasan A (2019) SMT attack: Next generation attack on obfuscated circuits with capabilities and performance beyond the SAT attacks. In: IACR Transactions on Cryptographic Hardware and Embedded Systems, pp 97–122 Azar KZ, Kamali HM, Homayoun H, Sasan A (2019) SMT attack: Next generation attack on obfuscated circuits with capabilities and performance beyond the SAT attacks. In: IACR Transactions on Cryptographic Hardware and Embedded Systems, pp 97–122
6.
Zurück zum Zitat Azar KZ, Kamali HM, Homayoun H, Sasan A (2021a) From cryptography to logic locking: a survey on the architecture evolution of secure scan chains. IEEE Access 9:73133–73151 CrossRef Azar KZ, Kamali HM, Homayoun H, Sasan A (2021a) From cryptography to logic locking: a survey on the architecture evolution of secure scan chains. IEEE Access 9:73133–73151 CrossRef
7.
Zurück zum Zitat Azar KZ, Kamali HM, Roshanisefat S, Homayoun H, Sotiriou CP, Sasan A (2021b) Data flow obfuscation: a new paradigm for obfuscating circuits. IEEE Trans Very Large Scale Integr Syst 29(4):643–656 Azar KZ, Kamali HM, Roshanisefat S, Homayoun H, Sotiriou CP, Sasan A (2021b) Data flow obfuscation: a new paradigm for obfuscating circuits. IEEE Trans Very Large Scale Integr Syst 29(4):643–656
8.
Zurück zum Zitat Barenghi A, Bertoni GM, Breveglieri L, Pellicioli M, Pelosi G (2010) Low voltage fault attacks to AES. In: International Symposium on Hardware-Oriented Security and Trust (HOST), pp 7–12 Barenghi A, Bertoni GM, Breveglieri L, Pellicioli M, Pelosi G (2010) Low voltage fault attacks to AES. In: International Symposium on Hardware-Oriented Security and Trust (HOST), pp 7–12
9.
Zurück zum Zitat Barenghi A, Bertoni GM, Breveglieri L, Pelosi G (2013) A fault induction technique based on voltage underfeeding with application to attacks against AES and RSA. J Syst Softw 1864–1878 Barenghi A, Bertoni GM, Breveglieri L, Pelosi G (2013) A fault induction technique based on voltage underfeeding with application to attacks against AES and RSA. J Syst Softw 1864–1878
10.
Zurück zum Zitat Barenghi A, Breveglieri L, Koren I, Naccache D (2012) Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. Proceedings of the IEEE, pp 3056–3076 Barenghi A, Breveglieri L, Koren I, Naccache D (2012) Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. Proceedings of the IEEE, pp 3056–3076
11.
Zurück zum Zitat Baumgarten A, Tyagi A, Zambreno J (2010) Preventing IC piracy using reconfigurable logic barriers. IEEE Des Test Comput 27(1):66–75 CrossRef Baumgarten A, Tyagi A, Zambreno J (2010) Preventing IC piracy using reconfigurable logic barriers. IEEE Des Test Comput 27(1):66–75 CrossRef
12.
Zurück zum Zitat Beerel P, Georgiou M, Hamlin B, Malozemoff AJ, Nuzzo P (2022) Towards a formal treatment of logic locking. Cryptology ePrint Archive Beerel P, Georgiou M, Hamlin B, Malozemoff AJ, Nuzzo P (2022) Towards a formal treatment of logic locking. Cryptology ePrint Archive
13.
Zurück zum Zitat Blömer J, Seifert JP (2003) Fault based cryptanalysis of the advanced encryption standard (AES). In: International Conference on Financial Cryptography, Springer, pp 162–181 Blömer J, Seifert JP (2003) Fault based cryptanalysis of the advanced encryption standard (AES). In: International Conference on Financial Cryptography, Springer, pp 162–181
14.
Zurück zum Zitat Boneh D, DeMillo RA, Lipton RJ (1997) On the importance of checking cryptographic protocols for faults. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp 37–51 Boneh D, DeMillo RA, Lipton RJ (1997) On the importance of checking cryptographic protocols for faults. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp 37–51
15.
Zurück zum Zitat Bushnell ML, Agrawal VD (2004) Essentials of electronic testing for digital, memory and mixed-signal VLSI circuits, Frontiers in Electronic Testing Series Volume 17. Springer Science & Business Media Bushnell ML, Agrawal VD (2004) Essentials of electronic testing for digital, memory and mixed-signal VLSI circuits, Frontiers in Electronic Testing Series Volume 17. Springer Science & Business Media
16.
Zurück zum Zitat Canivet G, Maistri P, Leveugle R, Clédière J, Valette F, Renaudin M (2011) Glitch and laser fault attacks onto a secure AES implementation on a SRAM-based FPGA. J Cryptol 247–268 Canivet G, Maistri P, Leveugle R, Clédière J, Valette F, Renaudin M (2011) Glitch and laser fault attacks onto a secure AES implementation on a SRAM-based FPGA. J Cryptol 247–268
17.
Zurück zum Zitat Castillo E, Meyer-Baese U, García A, Parrilla L, Lloris A (2007) IPP@HDL: Efficient intellectual property protection scheme for IP cores. IEEE Trans VLSI (TVLSI) 578–591 Castillo E, Meyer-Baese U, García A, Parrilla L, Lloris A (2007) IPP@HDL: Efficient intellectual property protection scheme for IP cores. IEEE Trans VLSI (TVLSI) 578–591
18.
Zurück zum Zitat Chakraborty RS, Bhunia S (2008) Hardware protection and authentication through netlist level obfuscation. In: Proceedings of IEEE/ACM International Conference on Computer-Aided Design, pp 674–677 Chakraborty RS, Bhunia S (2008) Hardware protection and authentication through netlist level obfuscation. In: Proceedings of IEEE/ACM International Conference on Computer-Aided Design, pp 674–677
19.
Zurück zum Zitat Charbon E (1998) Hierarchical watermarking in IC design. In: Proceedings of the IEEE Custom Integrated Circuits Conference, pp 295–298 Charbon E (1998) Hierarchical watermarking in IC design. In: Proceedings of the IEEE Custom Integrated Circuits Conference, pp 295–298
20.
Zurück zum Zitat Cormen T, Leiserson C, Rivest R, Stein C (2009) Introduction to algorithms. MIT Press, Computer Science MATH Cormen T, Leiserson C, Rivest R, Stein C (2009) Introduction to algorithms. MIT Press, Computer Science MATH
21.
Zurück zum Zitat Dehbaoui A, Dutertre JM, Robisson B, Tria A (2012) Electromagnetic transient faults injection on a hardware and a software implementations of AES. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 7–15 Dehbaoui A, Dutertre JM, Robisson B, Tria A (2012) Electromagnetic transient faults injection on a hardware and a software implementations of AES. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 7–15
22.
Zurück zum Zitat Dusart P, Letourneux G, Vivolo O (2003) Differential fault analysis on AES. In: International Conference on Applied Cryptography and Network Security, pp 293–306 Dusart P, Letourneux G, Vivolo O (2003) Differential fault analysis on AES. In: International Conference on Applied Cryptography and Network Security, pp 293–306
23.
Zurück zum Zitat Duvalsaint D, Jin X, Niewenhuis B, Blanton R (2019a) Characterization of locked combinational circuits via ATPG. In: IEEE International Test Conference (ITC), pp 1–10 Duvalsaint D, Jin X, Niewenhuis B, Blanton R (2019a) Characterization of locked combinational circuits via ATPG. In: IEEE International Test Conference (ITC), pp 1–10
24.
Zurück zum Zitat Duvalsaint D, Liu Z, Ravikumar A, Blanton RD (2019b) Characterization of locked sequential circuits via ATPG. In: 2019 IEEE International Test Conference in Asia (ITC-Asia), IEEE, pp 97–102 Duvalsaint D, Liu Z, Ravikumar A, Blanton RD (2019b) Characterization of locked sequential circuits via ATPG. In: 2019 IEEE International Test Conference in Asia (ITC-Asia), IEEE, pp 97–102
25.
Zurück zum Zitat Dworkin MJ, Barker EB, Nechvatal JR, Foti J, Bassham LE, Roback E, Dray Jr JF (2001) Advanced Encryption Standard (AES). NIST Publication Series: Federal Information Processing Standards (NIST FIPS)-197, pp 1–51 Dworkin MJ, Barker EB, Nechvatal JR, Foti J, Bassham LE, Roback E, Dray Jr JF (2001) Advanced Encryption Standard (AES). NIST Publication Series: Federal Information Processing Standards (NIST FIPS)-197, pp 1–51
26.
Zurück zum Zitat El Massad M, Garg S, Tripunitara M (2017) Reverse engineering camouflaged sequential circuits without scan access. In: 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), IEEE, pp 33–40 El Massad M, Garg S, Tripunitara M (2017) Reverse engineering camouflaged sequential circuits without scan access. In: 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), IEEE, pp 33–40
27.
Zurück zum Zitat Fukunaga T, Takahashi J (2009) Practical fault attack on a cryptographic LSI with ISO/IEC 18033-3 block ciphers. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 84–92 Fukunaga T, Takahashi J (2009) Practical fault attack on a cryptographic LSI with ISO/IEC 18033-3 block ciphers. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 84–92
28.
Zurück zum Zitat Guilley S, Sauvage L, Danger JL, Selmane N, Pacalet R (2008) Silicon-level solutions to counteract passive and active attacks. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 3–17 Guilley S, Sauvage L, Danger JL, Selmane N, Pacalet R (2008) Silicon-level solutions to counteract passive and active attacks. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 3–17
29.
Zurück zum Zitat Guin U, Shi Q, Forte D, Tehranipoor MM (2016) FORTIS: a comprehensive solution for establishing forward trust for protecting IPs and ICs. ACM Transactions on Design Automation of Electronic Systems (TODAES), p 63 Guin U, Shi Q, Forte D, Tehranipoor MM (2016) FORTIS: a comprehensive solution for establishing forward trust for protecting IPs and ICs. ACM Transactions on Design Automation of Electronic Systems (TODAES), p 63
30.
Zurück zum Zitat Guin U, Zhou Z, Singh A (2017) A novel Design-for-Security (DFS) architecture to prevent unauthorized IC overproduction. In: VLSI Test Symposium (VTS), pp 1–6 Guin U, Zhou Z, Singh A (2017) A novel Design-for-Security (DFS) architecture to prevent unauthorized IC overproduction. In: VLSI Test Symposium (VTS), pp 1–6
31.
Zurück zum Zitat Guin U, Zhou Z, Singh A (2018) Robust Design-for-Security architecture for enabling trust in IC manufacturing and test. Transactions on Very Large Scale Integration (VLSI) Systems, pp 818–830 Guin U, Zhou Z, Singh A (2018) Robust Design-for-Security architecture for enabling trust in IC manufacturing and test. Transactions on Very Large Scale Integration (VLSI) Systems, pp 818–830
32.
Zurück zum Zitat Hsueh MC, Tsai TK, Iyer RK (1997) Fault injection techniques and tools. Computer 30(4):75–82 Hsueh MC, Tsai TK, Iyer RK (1997) Fault injection techniques and tools. Computer 30(4):75–82
33.
Zurück zum Zitat Jain A, Rahman T, Guin U (2020) ATPG-guided fault injection attacks on logic locking. In: IEEE Physical Assurance and Inspection of Electronics (PAINE), pp 1–6 Jain A, Rahman T, Guin U (2020) ATPG-guided fault injection attacks on logic locking. In: IEEE Physical Assurance and Inspection of Electronics (PAINE), pp 1–6
34.
Zurück zum Zitat Jain A, Zhou Z, Guin U (2021) TAAL: tampering attack on any key-based logic locked circuits. ACM Trans Des Automation Electronic Syst 26(4):1–22 CrossRef Jain A, Zhou Z, Guin U (2021) TAAL: tampering attack on any key-based logic locked circuits. ACM Trans Des Automation Electronic Syst 26(4):1–22 CrossRef
35.
Zurück zum Zitat Jarvis RW, McIntyre MG (2007) Split manufacturing method for advanced semiconductor circuits. US Patent 7,195,931 Jarvis RW, McIntyre MG (2007) Split manufacturing method for advanced semiconductor circuits. US Patent 7,195,931
36.
Zurück zum Zitat Kahng AB, Lach J, Mangione-Smith WH, Mantik S, Markov IL, Potkonjak M, Tucker P, Wang H, Wolfe G (2001) Constraint-based watermarking techniques for design IP protection. IEEE Transactions on CAD of Integrated Circuits and Systems, pp 1236–1252 Kahng AB, Lach J, Mangione-Smith WH, Mantik S, Markov IL, Potkonjak M, Tucker P, Wang H, Wolfe G (2001) Constraint-based watermarking techniques for design IP protection. IEEE Transactions on CAD of Integrated Circuits and Systems, pp 1236–1252
37.
Zurück zum Zitat Kamali HM, Azar KZ, Gaj K, Homayoun H, Sasan A (2018) LUT-Lock: a novel LUT-based logic obfuscation for FPGA-Bitstream and ASIC-Hardware protection. In: 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), IEEE, pp 405–410 Kamali HM, Azar KZ, Gaj K, Homayoun H, Sasan A (2018) LUT-Lock: a novel LUT-based logic obfuscation for FPGA-Bitstream and ASIC-Hardware protection. In: 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), IEEE, pp 405–410
38.
Zurück zum Zitat Kamali HM, Azar KZ, Homayoun H, Sasan A (2019) Full-lock: Hard distributions of sat instances for obfuscating circuits using fully configurable logic and routing blocks. In: Proceedings of the 56th Annual Design Automation Conference 2019, pp 1–6 Kamali HM, Azar KZ, Homayoun H, Sasan A (2019) Full-lock: Hard distributions of sat instances for obfuscating circuits using fully configurable logic and routing blocks. In: Proceedings of the 56th Annual Design Automation Conference 2019, pp 1–6
39.
Zurück zum Zitat Kamali HM, Azar KZ, Homayoun H, Sasan A (2020) Interlock: an intercorrelated logic and routing locking. In: 2020 IEEE/ACM International Conference On Computer Aided Design (ICCAD), IEEE, pp 1–9 Kamali HM, Azar KZ, Homayoun H, Sasan A (2020) Interlock: an intercorrelated logic and routing locking. In: 2020 IEEE/ACM International Conference On Computer Aided Design (ICCAD), IEEE, pp 1–9
40.
Zurück zum Zitat Kamali HM, Azar KZ, Farahmandi F, Tehranipoor M (2022) Advances in logic locking: Past, present, and prospects. Cryptology ePrint Archive Kamali HM, Azar KZ, Farahmandi F, Tehranipoor M (2022) Advances in logic locking: Past, present, and prospects. Cryptology ePrint Archive
41.
Zurück zum Zitat Karmakar R, Chatopadhyay S, Kapur R (2018) Encrypt flip-flop: a novel logic encryption technique for sequential circuits. arXiv preprint:  arXiv:​1801.​04961 Karmakar R, Chatopadhyay S, Kapur R (2018) Encrypt flip-flop: a novel logic encryption technique for sequential circuits. arXiv preprint:  arXiv:​1801.​04961
42.
Zurück zum Zitat Lee CY, Xie J (2019) High capability and low-complexity: Novel fault detection scheme for finite field multipliers over gf (2 m) based on mspb. In: 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 21–30 Lee CY, Xie J (2019) High capability and low-complexity: Novel fault detection scheme for finite field multipliers over gf (2 m) based on mspb. In: 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 21–30
43.
Zurück zum Zitat Lee J, Tebranipoor M, Plusquellic J (2006) A low-cost solution for protecting IPs against scan-based side-channel attacks. In: 24th IEEE VLSI Test Symposium, IEEE, p 6 Lee J, Tebranipoor M, Plusquellic J (2006) A low-cost solution for protecting IPs against scan-based side-channel attacks. In: 24th IEEE VLSI Test Symposium, IEEE, p 6
44.
Zurück zum Zitat Limaye N, Sengupta A, Nabeel M, Sinanoglu O (2019) Is robust Design-for-Security robust enough? Attack on locked circuits with restricted scan chain access. arXiv preprint:  arXiv:​1906.​07806 Limaye N, Sengupta A, Nabeel M, Sinanoglu O (2019) Is robust Design-for-Security robust enough? Attack on locked circuits with restricted scan chain access. arXiv preprint:  arXiv:​1906.​07806
45.
Zurück zum Zitat Paar C, Pelzl J (2009) Understanding cryptography: a textbook for students and practitioners. Springer Science & Business Media Paar C, Pelzl J (2009) Understanding cryptography: a textbook for students and practitioners. Springer Science & Business Media
47.
Zurück zum Zitat Piret G, Quisquater JJ (2003) A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp 77–88 Piret G, Quisquater JJ (2003) A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp 77–88
48.
Zurück zum Zitat Pouget V, Douin A, Lewis D, Fouillat P, Foucard G, Peronnard P, Maingot V, Ferron J, Anghel L, Leveugle R et al (2007) Tools and methodology development for pulsed laser fault injection in SRAM-based FPGAs. In: Latin-American Test Workshop (LATW) Pouget V, Douin A, Lewis D, Fouillat P, Foucard G, Peronnard P, Maingot V, Ferron J, Anghel L, Leveugle R et al (2007) Tools and methodology development for pulsed laser fault injection in SRAM-based FPGAs. In: Latin-American Test Workshop (LATW)
49.
Zurück zum Zitat Qu G, Potkonjak M (2007) Intellectual property protection in VLSI designs: Theory and practice. Springer Sc. & Business Media Qu G, Potkonjak M (2007) Intellectual property protection in VLSI designs: Theory and practice. Springer Sc. & Business Media
50.
Zurück zum Zitat Rahman MS, Guo R, Kamali HM, Rahman F, Farahmandi F, Abdel-Moneum M (2022) O’Clock: Lock the clock via clock-gating for SoC IP protection. In: Design Automation Conf. (DAC), pp 1–6 Rahman MS, Guo R, Kamali HM, Rahman F, Farahmandi F, Abdel-Moneum M (2022) O’Clock: Lock the clock via clock-gating for SoC IP protection. In: Design Automation Conf. (DAC), pp 1–6
51.
Zurück zum Zitat Rahman MS, Nahiyan A, Rahman F, Fazzari S, Plaks K, Farahmandi F, Forte D, Tehranipoor M (2021) Security assessment of dynamically obfuscated scan chain against oracle-guided attacks. ACM Trans Des Automation Electronic Syst 26(4):1–27 CrossRef Rahman MS, Nahiyan A, Rahman F, Fazzari S, Plaks K, Farahmandi F, Forte D, Tehranipoor M (2021) Security assessment of dynamically obfuscated scan chain against oracle-guided attacks. ACM Trans Des Automation Electronic Syst 26(4):1–27 CrossRef
52.
Zurück zum Zitat Rahman MT, Asadizanjani N (2019) Backside security assessment of modern SoCs. In: International Workshop on Microprocessor/SoC Test, Security and Verification (MTV), pp 18–24 Rahman MT, Asadizanjani N (2019) Backside security assessment of modern SoCs. In: International Workshop on Microprocessor/SoC Test, Security and Verification (MTV), pp 18–24
53.
Zurück zum Zitat Rahman MT, Rahman MS, Wang H, Tajik S, Khalil W, Farahmandi F, Forte D, Asadizanjani N, Tehranipoor M (2020) Defense-in-depth: a recipe for logic locking to prevail. Integration 72:39–57 CrossRef Rahman MT, Rahman MS, Wang H, Tajik S, Khalil W, Farahmandi F, Forte D, Asadizanjani N, Tehranipoor M (2020) Defense-in-depth: a recipe for logic locking to prevail. Integration 72:39–57 CrossRef
54.
Zurück zum Zitat Rahman MT, Tajik S, Rahman MS, Tehranipoor M, Asadizanjani N (2020) The key is left under the mat: on the inappropriate security assumption of logic locking schemes. In: 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 262–272 Rahman MT, Tajik S, Rahman MS, Tehranipoor M, Asadizanjani N (2020) The key is left under the mat: on the inappropriate security assumption of logic locking schemes. In: 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 262–272
55.
Zurück zum Zitat Rajendran J, Pino Y, Sinanoglu O, Karri R (2012) Security analysis of logic obfuscation. In: Proceedings of Annual Design Automation Conference, pp 83–89 Rajendran J, Pino Y, Sinanoglu O, Karri R (2012) Security analysis of logic obfuscation. In: Proceedings of Annual Design Automation Conference, pp 83–89
56.
Zurück zum Zitat Rajendran J, Zhang H, Zhang C, Rose GS, Pino Y, Sinanoglu O, Karri R (2015) Fault analysis-based logic encryption. IEEE Transactions on Computers, pp 410–424 Rajendran J, Zhang H, Zhang C, Rose GS, Pino Y, Sinanoglu O, Karri R (2015) Fault analysis-based logic encryption. IEEE Transactions on Computers, pp 410–424
57.
Zurück zum Zitat Rajski J, Tyszer J, Kassab M, Mukherjee N (2004) Embedded deterministic test. IEEE Trans Comput Aided Des Integr Circ Syst 23(5):776–792 CrossRef Rajski J, Tyszer J, Kassab M, Mukherjee N (2004) Embedded deterministic test. IEEE Trans Comput Aided Des Integr Circ Syst 23(5):776–792 CrossRef
58.
Zurück zum Zitat Roshanisefat S, Mardani Kamali H, Sasan A (2018) SRCLock: SAT-Resistant cyclic logic locking for protecting the hardware. In: Proceedings of 2018 Great Lakes Symposium on VLSI, pp 153–158 Roshanisefat S, Mardani Kamali H, Sasan A (2018) SRCLock: SAT-Resistant cyclic logic locking for protecting the hardware. In: Proceedings of 2018 Great Lakes Symposium on VLSI, pp 153–158
59.
Zurück zum Zitat Roy JA, Koushanfar F, Markov IL (2008) EPIC: Ending Piracy of Integrated Circuits. In: Proceedings of the Conference on Design, Automation and Test in Europe, pp 1069–1074 Roy JA, Koushanfar F, Markov IL (2008) EPIC: Ending Piracy of Integrated Circuits. In: Proceedings of the Conference on Design, Automation and Test in Europe, pp 1069–1074
60.
Zurück zum Zitat Roy JA, Koushanfar F, Markov IL (2010) Ending piracy of integrated circuits. Computer 30–38 Roy JA, Koushanfar F, Markov IL (2010) Ending piracy of integrated circuits. Computer 30–38
62.
Zurück zum Zitat Savir J, Patil S (1994) Broad-side delay test. IEEE Trans Comput Aided Des Integr Circ Syst 13(8):1057–1064 CrossRef Savir J, Patil S (1994) Broad-side delay test. IEEE Trans Comput Aided Des Integr Circ Syst 13(8):1057–1064 CrossRef
63.
Zurück zum Zitat Schmidt JM, Hutter M (2007) Optical and EM fault-attacks on CRT-based RSA: Concrete results Schmidt JM, Hutter M (2007) Optical and EM fault-attacks on CRT-based RSA: Concrete results
64.
Zurück zum Zitat Selmane N, Guilley S, Danger JL (2008) Practical setup time violation attacks on AES. In: Seventh European Dependable Computing Conference, pp 91–96 Selmane N, Guilley S, Danger JL (2008) Practical setup time violation attacks on AES. In: Seventh European Dependable Computing Conference, pp 91–96
65.
Zurück zum Zitat Selmke B, Heyszl J, Sigl G (2016) Attack on a DFA protected AES by simultaneous laser fault injections. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 36–46 Selmke B, Heyszl J, Sigl G (2016) Attack on a DFA protected AES by simultaneous laser fault injections. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 36–46
66.
Zurück zum Zitat Sengupta A, Ashraf M, Nabeel M, Sinanoglu O (2018a) Customized locking of IP blocks on a Multi-Million-Gate SoC. In: International Conference on Computer-Aided Design (ICCAD), pp 1–7 Sengupta A, Ashraf M, Nabeel M, Sinanoglu O (2018a) Customized locking of IP blocks on a Multi-Million-Gate SoC. In: International Conference on Computer-Aided Design (ICCAD), pp 1–7
67.
Zurück zum Zitat Sengupta A, Nabeel M, Yasin M, Sinanoglu O (2018b) ATPG-based cost-effective, secure logic locking. In: VLSI Test Symposium (VTS), pp 1–6 Sengupta A, Nabeel M, Yasin M, Sinanoglu O (2018b) ATPG-based cost-effective, secure logic locking. In: VLSI Test Symposium (VTS), pp 1–6
68.
Zurück zum Zitat Sengupta A, Nabeel M, Limaye N, Ashraf M, Sinanoglu O (2020) Truly stripping functionality for logic locking: a fault-based perspective. IEEE Trans Comput Aided Des Integr Circ Syst 39(12):4439–4452 CrossRef Sengupta A, Nabeel M, Limaye N, Ashraf M, Sinanoglu O (2020) Truly stripping functionality for logic locking: a fault-based perspective. IEEE Trans Comput Aided Des Integr Circ Syst 39(12):4439–4452 CrossRef
70.
Zurück zum Zitat Shakya B, Xu X, Tehranipoor M, Forte D (2020) Cas-lock: a security-corruptibility trade-off resilient logic locking scheme. IACR Transactions on Cryptographic Hardware and Embedded Systems, pp 175–202 Shakya B, Xu X, Tehranipoor M, Forte D (2020) Cas-lock: a security-corruptibility trade-off resilient logic locking scheme. IACR Transactions on Cryptographic Hardware and Embedded Systems, pp 175–202
71.
Zurück zum Zitat Shamsi K, Li M, Plaks K, Fazzari S, Pan DZ, Jin Y (2019a) IP protection and supply chain security through logic obfuscation: a systematic overview. ACM Transactions on Design Automation of Electronic Systems (TODAES) 24(6):1–36 Shamsi K, Li M, Plaks K, Fazzari S, Pan DZ, Jin Y (2019a) IP protection and supply chain security through logic obfuscation: a systematic overview. ACM Transactions on Design Automation of Electronic Systems (TODAES) 24(6):1–36
72.
Zurück zum Zitat Shamsi K, Pan DZ, Jin Y (2019b) IcySAT: Improved SAT-based attacks on cyclic locked circuits. In: 2019 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), IEEE, pp 1–7 Shamsi K, Pan DZ, Jin Y (2019b) IcySAT: Improved SAT-based attacks on cyclic locked circuits. In: 2019 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), IEEE, pp 1–7
73.
Zurück zum Zitat Shamsi K, Pan DZ, Jin Y (2019c) On the impossibility of approximation-resilient circuit locking. In: 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 161–170 Shamsi K, Pan DZ, Jin Y (2019c) On the impossibility of approximation-resilient circuit locking. In: 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 161–170
75.
Zurück zum Zitat Shen H, Asadizanjani N, Tehranipoor M, Forte D (2018) Nanopyramid: an optical scrambler against backside probing attacks. In: Proceedings on International Symposium for Testing and Failure Analysis (ISTFA), p 280 Shen H, Asadizanjani N, Tehranipoor M, Forte D (2018) Nanopyramid: an optical scrambler against backside probing attacks. In: Proceedings on International Symposium for Testing and Failure Analysis (ISTFA), p 280
76.
Zurück zum Zitat Sirone D, Subramanyan P (2020) Functional analysis attacks on logic locking. IEEE Trans Inf Forensics Secur 15:2514–2527 CrossRef Sirone D, Subramanyan P (2020) Functional analysis attacks on logic locking. IEEE Trans Inf Forensics Secur 15:2514–2527 CrossRef
77.
Zurück zum Zitat Sisejkovic D, Merchant F, Reimann LM, Leupers R (2021) Deceptive logic locking for hardware integrity protection against machine learning attacks. IEEE Trans Comput Aided Des Integr Circ Syst pp 1-14 Sisejkovic D, Merchant F, Reimann LM, Leupers R (2021) Deceptive logic locking for hardware integrity protection against machine learning attacks. IEEE Trans Comput Aided Des Integr Circ Syst pp 1-14
78.
Zurück zum Zitat Skarin D, Barbosa R, Karlsson J (2010) GOOFI-2: a tool for experimental dependability assessment. In: IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), pp 557–562 Skarin D, Barbosa R, Karlsson J (2010) GOOFI-2: a tool for experimental dependability assessment. In: IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), pp 557–562
79.
Zurück zum Zitat Skorobogatov S (2010) Optical fault masking attacks. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 23–29 Skorobogatov S (2010) Optical fault masking attacks. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp 23–29
80.
Zurück zum Zitat Skorobogatov SP, Anderson RJ (2002) Optical fault induction attacks. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp 2–12 Skorobogatov SP, Anderson RJ (2002) Optical fault induction attacks. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp 2–12
81.
Zurück zum Zitat Subramanyan P, Ray S, Malik S (2015) Evaluating the security of logic encryption algorithms. In: IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp 137–143 Subramanyan P, Ray S, Malik S (2015) Evaluating the security of logic encryption algorithms. In: IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp 137–143
82.
Zurück zum Zitat Sweeney J, Zackriya VM, Pagliarini S, Pileggi L (2020) Latch-based logic locking. In: 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 132–141 Sweeney J, Zackriya VM, Pagliarini S, Pileggi L (2020) Latch-based logic locking. In: 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), IEEE, pp 132–141
85.
Zurück zum Zitat Tehranipoor M, Wang C (2011) Introduction to hardware security and trust. Springer Science & Business Media Tehranipoor M, Wang C (2011) Introduction to hardware security and trust. Springer Science & Business Media
87.
Zurück zum Zitat Torrance R, James D (2009) The state-of-the-art in IC reverse engineering. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp 363–381 Torrance R, James D (2009) The state-of-the-art in IC reverse engineering. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp 363–381
88.
Zurück zum Zitat Tsai T, Iyer R (1995) FTAPE - a fault injection tool to measure fault tolerance. In: Computing in Aerospace Conference, p 1041 Tsai T, Iyer R (1995) FTAPE - a fault injection tool to measure fault tolerance. In: Computing in Aerospace Conference, p 1041
89.
Zurück zum Zitat Vashistha N, Lu H, Shi Q, Rahman MT, Shen H, Woodard DL, Asadizanjani N, Tehranipoor M (2018) Trojan scanner: Detecting hardware trojans with rapid SEM imaging combined with image processing and machine learning. In: Proceedings on International Symposium for Testing and Failure Analysis, p 256 Vashistha N, Lu H, Shi Q, Rahman MT, Shen H, Woodard DL, Asadizanjani N, Tehranipoor M (2018) Trojan scanner: Detecting hardware trojans with rapid SEM imaging combined with image processing and machine learning. In: Proceedings on International Symposium for Testing and Failure Analysis, p 256
90.
Zurück zum Zitat Wang X, Zhang D, He M, Su D, Tehranipoor M (2018) Secure scan and test using obfuscation throughout supply chain. Transactions on Computer-Aided Design of Integrated Circuits and Systems 37(9):1867–1880 Wang X, Zhang D, He M, Su D, Tehranipoor M (2018) Secure scan and test using obfuscation throughout supply chain. Transactions on Computer-Aided Design of Integrated Circuits and Systems 37(9):1867–1880
91.
Zurück zum Zitat Wu H, Ferranti D, Stern L (2014) Precise nanofabrication with multiple ion beams for advanced circuit edit. Microelectron Reliab 1779–1784 Wu H, Ferranti D, Stern L (2014) Precise nanofabrication with multiple ion beams for advanced circuit edit. Microelectron Reliab 1779–1784
92.
Zurück zum Zitat Xie Y, Srivastava A (2016) Anti-SAT: Mitigating SAT attack on logic locking. In: International Conference on Cryptographic Hardware and Embedded Systems, pp 127–146 Xie Y, Srivastava A (2016) Anti-SAT: Mitigating SAT attack on logic locking. In: International Conference on Cryptographic Hardware and Embedded Systems, pp 127–146
93.
Zurück zum Zitat Xie Y, Srivastava A (2017) Delay locking: Security enhancement of logic locking against IC counterfeiting and overproduction. In: Proceedings of the 54th Annual Design Automation Conference, pp 1–6 Xie Y, Srivastava A (2017) Delay locking: Security enhancement of logic locking against IC counterfeiting and overproduction. In: Proceedings of the 54th Annual Design Automation Conference, pp 1–6
94.
Zurück zum Zitat Xie Y, Srivastava A (2019) Anti-SAT: Mitigating SAT attack on logic locking. IEEE Trans Comput Aided Des Integr Circ Syst 38(2):199–207 CrossRef Xie Y, Srivastava A (2019) Anti-SAT: Mitigating SAT attack on logic locking. IEEE Trans Comput Aided Des Integr Circ Syst 38(2):199–207 CrossRef
96.
Zurück zum Zitat Yasin M, Mazumdar B, Rajendran JJ, Sinanoglu O (2016a) SARLock: SAT attack resistant logic locking. In: IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp 236–241 Yasin M, Mazumdar B, Rajendran JJ, Sinanoglu O (2016a) SARLock: SAT attack resistant logic locking. In: IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp 236–241
97.
Zurück zum Zitat Yasin M, Rajendran JJ, Sinanoglu O, Karri R (2016b) On improving the security of logic locking. Transactions on Computer-Aided Design of Integrated Circuits and Systems 35(9):1411–1424 Yasin M, Rajendran JJ, Sinanoglu O, Karri R (2016b) On improving the security of logic locking. Transactions on Computer-Aided Design of Integrated Circuits and Systems 35(9):1411–1424
98.
Zurück zum Zitat Yasin M, Sengupta A, Nabeel MT, Ashraf M, Rajendran JJ, Sinanoglu O (2017) Provably-secure logic locking: from theory to practice. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, pp 1601–1618 Yasin M, Sengupta A, Nabeel MT, Ashraf M, Rajendran JJ, Sinanoglu O (2017) Provably-secure logic locking: from theory to practice. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, pp 1601–1618
99.
Zurück zum Zitat Yeh A (2012) Trends in the global IC design service market. DIGITIMES Research Yeh A (2012) Trends in the global IC design service market. DIGITIMES Research
100.
Zurück zum Zitat Zhang J, Yuan F, Wei L, Liu Y, Xu Q (2015) VeriTrust: Verification for Hardware Trust. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 34(7):1148–1161 Zhang J, Yuan F, Wei L, Liu Y, Xu Q (2015) VeriTrust: Verification for Hardware Trust. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 34(7):1148–1161
101.
Zurück zum Zitat Zhang Y, Cui P, Zhou Z, Guin U (2019) TGA: an oracle-less and topology-guided attack on logic locking. In: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop, pp 75–83 Zhang Y, Cui P, Zhou Z, Guin U (2019) TGA: an oracle-less and topology-guided attack on logic locking. In: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop, pp 75–83
102.
Zurück zum Zitat Zhang Y, Jain A, Cui P, Zhou Z, Guin U (2020) A novel topology-guided attack and its countermeasure towards secure logic locking. J Cryptogr Eng 1–14 Zhang Y, Jain A, Cui P, Zhou Z, Guin U (2020) A novel topology-guided attack and its countermeasure towards secure logic locking. J Cryptogr Eng 1–14
Metadaten
Titel
AFIA: ATPG-Guided Fault Injection Attack on Secure Logic Locking
verfasst von
Yadi Zhong
Ayush Jain
M. Tanjidur Rahman
Navid Asadizanjani
Jiafeng Xie
Ujjwal Guin
Publikationsdatum
03.11.2022
Verlag
Springer US
Erschienen in
Journal of Electronic Testing / Ausgabe 5/2022
Print ISSN: 0923-8174
Elektronische ISSN: 1573-0727
DOI
https://doi.org/10.1007/s10836-022-06028-5

Weitere Artikel der Ausgabe 5/2022

Journal of Electronic Testing 5/2022 Zur Ausgabe

EditorialNotes

Editorial