[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3508352.3549425acmconferencesArticle/Chapter ViewAbstractPublication PagesiccadConference Proceedingsconference-collections
research-article

Evaluating the Security of eFPGA-Based Redaction Algorithms

Published: 22 December 2022 Publication History

Abstract

Hardware IP owners must envision procedures to avoid piracy and overproduction of their designs under a fabless paradigm. A newly proposed technique to obfuscate critical components in a logic design is called eFPGA-based redaction, which replaces a sensitive sub-circuit with an embedded FPGA, and the eFPGA is configured to perform the same functionality as the missing sub-circuit. In this case, the configuration bitstream acts as a hidden key only known to the hardware IP owner. In this paper, we first evaluate the security promise of the existing eFPGA-based redaction algorithms as a preliminary study. Then, we break eFPGA-based redaction schemes by an initial but not necessarily efficient attack named DIP Exclusion that excludes problematic input patterns from checking in a brute-force manner. Finally, by combining cycle breaking and unrolling, we propose a novel and powerful attack called Break & Unroll that is able to recover the bitstream of state-of-the-art eFPGA-based redaction schemes in a relatively short time even with the existence of hard cycles and large size keys. This study reveals that the common perception that eFPGA-based redaction is by default secure against oracle-guided attacks, is prejudice. It also shows that additional research on how to systematically create an exponential number of non-combinational hard cycles is required to secure eFPGA-based redaction schemes.

References

[1]
R. Torrance and D. James,"The state-of-the-art in semiconductor reverse engineering," In ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 333--338, 2011.
[2]
B. Hu, J. Tian, M. Shihab, G. R. Reddy, W. Swartz, Y. Makris, B. C. Schaefer, and C. Sechen, "Functional obfuscation of hardware accelerators through selective partial design extraction onto an embedded FPGA," In Great Lakes Symposium on VLSI (GLSVLSI)), pp. 171--176, 2019.
[3]
P. Mohan, O. Atli, J. Sweeney, O. Kibar, L. Pileggi, and K. Mai, "Hardware redaction via designer-directed fine-grained eFPGA insertion," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1186--1191, 2021.
[4]
J. Bhandari, A. K. Thalakkattu Moosa, B. Tan, C. Pilato, G. Gore, X. Tang, S. Temple, P. -E. Gaillardon, and R. Karri, "Exploring eFPGA-based redaction for IP protection," In IEEE/ACM International Conference On Computer Aided Design (ICCAD), pp. 1--9, 2021.
[5]
J. Bhandari, A. K. Thalakkattu Moosa, B. Tan, C. Pilato, G. Gore, X. Tang, S. Temple, P. -E. Gaillardon, and R. Karri, "Not all fabrics are created equal: Exploring eFPGA parameters for IP redaction," In arXiv.2111.04222 [cs.CR], 2021.
[6]
Z. U. Abideen, T. D. Perez, and S. Pagliarini, "From FPGAs to obfuscated eASICs: Design and security trade-offs," In Asian Hardware Oriented Security and Trust Symposium (AsianHOST), pp. 1--4, 2021.
[7]
J. A. Roy, F. Koushanfar, and I. L. Markov, "Epic: Ending piracy of integrated circuits," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1069--1074, 2008.
[8]
J. Rajendran, Y. Pino, O. Sinanoglu, and R. Karri, "Logic encryption: A fault analysis perspective," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 953--958, 2012.
[9]
J. Rajendran, Y. Pino, O. Sinanoglu, and R. Karri, "Security Analysis of Logic Obfuscation," In Design Automation Conference (DAC), pp. 83--89, 2012.
[10]
P. Subramanyan, S. Ray, and S. Malik, "Evaluating the security of logic encryption algorithms," In International Symposium on Hardware Oriented Security and Trust (HOST), pp. 137--143, 2015.
[11]
M. Yasin, B. Mazumdar, J. Rajendran, and O. Sinanoglu, "SARLock: SAT attack resistant logic locking," In International Symposium on Hardware Oriented Security and Trust (HOST), pp. 236--241, 2016.
[12]
Y. Xie and A. Srivastava, "Mitigating SAT attack on logic locking," In International Conference on Cryptographic Hardware and Embedded Systems (CHES), p. 127--146, 2016.
[13]
M. Yasin, A. Sengupta, M. T. Nabeel, M. Ashraf, J. Rajendran, and O. Sinanoglu, "Provably-secure logic locking: From theory to practice," In ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 1601--1618, 2017.
[14]
A. Rezaei, Y. Shen, and H. Zhou, "Rescuing logic encryption in post-SAT era by locking & obfuscation," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 13--18, 2020.
[15]
K. Shamsi, M. Li, T. Meade, Z. Zhao, D. Z. Pan, and Y. Jin, "Cyclic obfuscation for creating SAT-unresolvable circuits" In Proceedings of the on Great Lakes Symposium on VLSI (GLSVLSI), pp. 173--178, 2017.
[16]
A. Rezaei, Y. Shen, S. Kong, J. Gu, and H. Zhou, "Cyclic locking and memristor-based obfuscation against CycSAT and inside foundry attacks," In 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 85--90, 2018.
[17]
H. -Y. Chiang, Y. -C. Chen, D. -X. Ji, X. -M. Yang, C. -C. Lin, and C. -Y. Wang, "LOOPLock: Logic optimization-based cyclic logic locking," In IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 39, no. 10, pp. 2178--2191, 2020.
[18]
X. -M. Yang, P. -P. Chen, H. -Y. Chiang, C. -C. Lin, Y. -C. Chen, and C. -Y. Wang, "LOOPLock 2.0: An enhanced cyclic logic locking approach," In IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 41, no. 1, pp. 29--34, 2022.
[19]
A. Rezaei, Y. Li, Y. Shen, S. Kong, and H. Zhou, "CycSAT-unresolvable cyclic logic encryption using unreachable states" In Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 358--363, 2019.
[20]
R. Afsharmazayejani, H. Sayadi, and A. Rezaei, "Distributed logic encryption: Essential security requirements and low-overhead implementation," In Great Lakes Symposium on VLSI (GLSVLSI), pp. 127--131, 2022.
[21]
A. Rezaei, J. Gu, and H. Zhou, "Hybrid memristor-CMOS obfuscation against untrusted foundries," In IEEE Computer Society Annual Symposium on VLSI (ISVLSI), pp. 535--540, 2019.
[22]
H. Zhou, Y. Shen, and A. Rezaei, "Vulnerability and remedy of stripped function logic locking," In Cyptology ePrint Archive, report 2019/139, 2019.
[23]
S. Roshanisefat, H. M. Kamali, H. Homayoun, and A. Sasan, "SAT-hard cyclic logic obfuscation for protecting the IP in the manufacturing supply chain" In IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 28, no. 4, pp. 954--967, 2020.
[24]
H. M. Kamali, K. Z. Azar, K. Gaj, H. Homayoun, and A. Sasan, "LUT-lock: A novel LUT-based logic obfuscation for FPGA bitstream and ASIC-hardware protection," In IEEE Computer Society Annual Symposium on VLSI (ISVLSI), pp. 405--410, 2018.
[25]
K. Shamsi, M. Li, D. Z. Pan, and Y. Jin, "Cross-lock: Dense layout-level interconnect locking using cross-bar architectures," In Proceedings of the on Great Lakes Symposium on VLSI (GLSVLSI), pp. 147--152, 2018.
[26]
H. M. Kamali, K. Z. Azar, H. Homayoun, and A. Sasan, "Full-Lock: Hard distributions of SAT instances for obfuscating circuits using fully configurable logic and routing blocks," In Proceedings of Design Automation Conference (DAC), pp. 1--6., 2019.
[27]
R. Karmakar, S. Chatopadhyay, and R. Kapur, "Encrypt flip-flop: A novel logic encryption technique for sequential circuits," In arXiv:1801.04961, 2018.
[28]
D. Zhang, M. He, X. Wang, and M. Tehranipoor, "Dynamically obfuscated scan for protecting IPs against scan-based attacks throughout supply chain," In VLSI Test Symposium (VTS), pp. 1--6, 2017.
[29]
R. Karmakar, H. Kumar, and S. Chattopadhyay, "Efficient key-gate placement and dynamic scan obfuscation towards robust logic encryption," In IEEE Transactions on Emerging Topics in Computing, vol. 9, no. 4, pp. 2109--2124, 2019.
[30]
U. Guin, Z. Zhou, and A. Singh, "Robust design-for-security architecture for enabling trust in IC manufacturing and test," In IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 26, no. 5, pp. 818--830, 2018.
[31]
G. Zhang, B. Li, B. Yu, D. Z. Pan, and U. Schlichtmann, "Timing camouflage: Improving circuit security against counterfeiting by unconventional timing," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 91--96, 2018.
[32]
Y. Xie and A. Srivastava, "Delay locking: Security enhancement of logic locking against IC counterfeiting," In Design Automation Conference (DAC), pp. 1--9, 2017.
[33]
A. Rezaei and H. Zhou, "Sequential logic encryption against model checking attack," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1178--1181, 2021.
[34]
J. Sweeney, V. Zackriya, V S. Pagliarini, and L. Pileggi, "Latch-based logic locking," In IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 132--141, 2020.
[35]
K. Z. Azar, H. M. Kamali, S. Roshanisefat, H. Homayoun, C. Sotiriou, and A. Sasan, "Data flow obfuscation: A new paradigm for obfuscating circuits," In IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 29, no. 4, pp. 643--656, 2021.
[36]
M. Yasin, C. Zhao, and J. Rajendran, "SFLL-HLS: Stripped functionality logic locking meets high-level synthesis," In International Conference on Computer-Aided Design (ICCAD), pp. 1--4, 2019.
[37]
C. Pilato, F. Regazzoni, R. Karri, and S. Garg, "TAO: Techniques for algorithm-level obfuscation during high-level synthesis," In Design Automation Conference (DAC), pp. 1--6, 2018.
[38]
R. Muttaki, R. Mohammadivojdan, M. Tehranipoor, and F. Farahmandi, "HLock: Locking IPs at the high-level language," In Design Automation Conference (DAC), pp. 79--84, 2021.
[39]
N. Limaye, A. Chowdhury, C. Pilato, M. Nabeel, O. Sinanoglu, S. Garg, and R. Karri, "Fortifying RTL locking against oracleLess (untrusted foundry) and oracle-guided attacks," In Design Automation Conference (DAC), pp. 91--96, 2021.
[40]
H. Zhou, R. Jiang, and S. Kong, "CycSAT: SAT-based attack on cyclic logic encryptions," In IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 49--56, 2017.
[41]
K. Shamsi, D. Z. Pan, and Y. Jin, "IcySAT: Improved SAT-based attacks on cyclic locked circuits," In International Conference on Computer-Aided Design (ICCAD), pp. 1--7, 2019.
[42]
Y. Shen, Y. Li, A. Rezaei, S. Kong, D. Dlott, and H. Zhou, "BeSAT: Behavioral SAT-based attack on cyclic logic encryption," In Asia and South Pacific Design Automation Conference (ASPDAC), pp 657--662, 2019.
[43]
Y. Shen and H. Zhou, "Double dip: Re-evaluating security of logic encryption algorithms," In Great Lakes Symposium on VLSI (GLSVLSI), pp. 179--184, 2017.
[44]
K. Shamsi, M. Li, T. Meade, Z. Zhao, D. Z. Pan, and Y. Jin, "AppSAT: Approximately deobfuscating integrated circuits," In International Symposium on Hardware Oriented Security and Trust (HOST), pp. 95--100, 2017.
[45]
X. Xu, B. Shakya, M. Tehranipoor, and D. Forte, "Novel bypass attack and BDD-based tradeoff analysis against all known logic locking attacks," In Cryptographic Hardware and Embedded Systems (CHES), pp. 189--210, 2017.
[46]
N. Limaye, S. Patnaik, and O. Sinanoglu, "Fa-SAT: Fault-aided SAT-based attack on compound logic locking techniques," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1166--1171, 2021.
[47]
M. Yasin, B. Mazumdar, O. Sinanoglu, and J. Rajendran, "Removal attacks on logic locking and camouflaging techniques," In IEEE Transactions on Emerging Topics in Computing, vol. 8, no. 2, pp. 517--532, 2020.
[48]
D. Sirone and P. Subramanyan, "Functional analysis attacks on logic locking," In IEEE Transactions on Information Forensics and Security, vol. 15, pp. 2514--2527, 2020.
[49]
K. Z. Azar, H. M. Kamali, H. Homayoun, and A. Sasan, "SMT attack: Next generation attack on obfuscated circuits with capabilities and performance beyond the SAT attacks," In IACR Transactions on Cryptographic Hardware and Embedded Systems, Vol 2019, issue 1, pp. 97--122, 2019.
[50]
M. E. Massad, S. Garg, and M. Tripunitara, "Reverse engineering camouflaged sequential circuits without scan access," In IEEE/ACM International Conference On Computer Aided Design (ICCAD), pp. 33--40, 2017.
[51]
Y. Kasarabada, S. Chen, and R. Vemuri, "On SAT-based attacks on encrypted sequential logic circuits," In International Symposium on Quality Electronic Design (ISQED), pp. 204--211, 2019.
[52]
N. Limaye, S. Patnaik, and O. Sinanoglu, "Valkyrie: Vulnerability assessment tool and attack for provably-secure logic locking techniques," In IEEE Transactions on Information Forensics and Security, vol. 17, pp. 744--759, 2022.
[53]
S. Roshanisefat, H. M. Kamali, H. Homayoun, and A. Sasan, "RANE: An open-source formal de-obfuscation attack for reverse engineering of logic encrypted circuits," In Great Lakes Symposium on VLSI (GLSVLSI), pp. 221--228, 2021.
[54]
Y. Shen, Y. Li, S. Kong, A. Rezaei, and H. Zhou, "SigAttack: New high-level SAT-based attack on logic encryptions," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 940--943, 2019.
[55]
Y. Shen, A. Rezaei, and H. Zhou, "SAT-based bit-flipping attack on logic encryptions," In Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 629--632, 2018.
[56]
Y. Shen, A. Rezaei, and H. Zhou, "A comparative investigation of approximate attacks on logic encryptions," In Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 271--276, 2018.
[57]
R. Chen and H. Zhou, "Statistical timing verification for transparently latched circuits," In IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 25, no. 9, pp 1847--1855, 2006.

Cited By

View all
  • (2024)Uncertainty-Aware Hardware Trojan Detection Using Multimodal Deep Learning2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546558(1-6)Online publication date: 25-Mar-2024
  • (2024)Evaluating the Robustness of Large scale eFPGA-based Hardware Redaction2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00092(517-522)Online publication date: 6-Jan-2024
  • (2024)Machine Learning-Based Security Evaluation and Overhead Analysis of Logic LockingJournal of Hardware and Systems Security10.1007/s41635-024-00144-88:1(25-43)Online publication date: 22-Jan-2024
  • Show More Cited By

Index Terms

  1. Evaluating the Security of eFPGA-Based Redaction Algorithms
          Index terms have been assigned to the content through auto-classification.

          Recommendations

          Comments

          Please enable JavaScript to view thecomments powered by Disqus.

          Information & Contributors

          Information

          Published In

          cover image ACM Conferences
          ICCAD '22: Proceedings of the 41st IEEE/ACM International Conference on Computer-Aided Design
          October 2022
          1467 pages
          ISBN:9781450392174
          DOI:10.1145/3508352
          Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

          Sponsors

          In-Cooperation

          • IEEE-EDS: Electronic Devices Society
          • IEEE CAS
          • IEEE CEDA

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          Published: 22 December 2022

          Permissions

          Request permissions for this article.

          Check for updates

          Author Tags

          1. SAT attack
          2. cycle breaking
          3. cycle unrolling
          4. eFPGA-based redaction
          5. hard cycles
          6. logic locking
          7. logic obfuscation

          Qualifiers

          • Research-article

          Conference

          ICCAD '22
          Sponsor:
          ICCAD '22: IEEE/ACM International Conference on Computer-Aided Design
          October 30 - November 3, 2022
          California, San Diego

          Acceptance Rates

          Overall Acceptance Rate 457 of 1,762 submissions, 26%

          Contributors

          Other Metrics

          Bibliometrics & Citations

          Bibliometrics

          Article Metrics

          • Downloads (Last 12 months)72
          • Downloads (Last 6 weeks)6
          Reflects downloads up to 19 Dec 2024

          Other Metrics

          Citations

          Cited By

          View all
          • (2024)Uncertainty-Aware Hardware Trojan Detection Using Multimodal Deep Learning2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546558(1-6)Online publication date: 25-Mar-2024
          • (2024)Evaluating the Robustness of Large scale eFPGA-based Hardware Redaction2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00092(517-522)Online publication date: 6-Jan-2024
          • (2024)Machine Learning-Based Security Evaluation and Overhead Analysis of Logic LockingJournal of Hardware and Systems Security10.1007/s41635-024-00144-88:1(25-43)Online publication date: 22-Jan-2024
          • (2023)Risk-Aware and Explainable Framework for Ensuring Guaranteed Coverage in Evolving Hardware Trojan Detection2023 IEEE/ACM International Conference on Computer Aided Design (ICCAD)10.1109/ICCAD57390.2023.10323655(01-09)Online publication date: 28-Oct-2023

          View Options

          Login options

          View options

          PDF

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader

          Media

          Figures

          Other

          Tables

          Share

          Share

          Share this Publication link

          Share on social media