Visible to the public DIP Learning on CAS-Lock: Using Distinguishing Input Patterns for Attacking Logic Locking

Submitted by grigby1 on Fri, 02/03/2023 - 5:08pm
TitleDIP Learning on CAS-Lock: Using Distinguishing Input Patterns for Attacking Logic Locking
Publication TypeConference Paper
Year of Publication2022
AuthorsSaha, Akashdeep, Chatterjee, Urbi, Mukhopadhyay, Debdeep, Chakraborty, Rajat Subhra
Conference Name2022 Design, Automation & Test in Europe Conference & Exhibition (DATE)
KeywordsCAS-Lock, Complexity theory, DIP-driven attack, Globalization, Human Behavior, integrated circuits, Logic gates, logic locking, Manufacturing industries, pattern locks, pubcrawl, resilience, Resiliency, Robustness, Scalability, Supply chains
AbstractThe globalization of the integrated circuit (IC) manufacturing industry has lured the adversary to come up with numerous malicious activities in the IC supply chain. Logic locking has risen to prominence as a proactive defense strategy against such threats. CAS-Lock (proposed in CHES'20), is an advanced logic locking technique that harnesses the concept of single-point function in providing SAT-attack resiliency. It is claimed to be powerful and efficient enough in mitigating existing state-of-the-art attacks against logic locking techniques. Despite the security robustness of CAS-Lock as claimed by the authors, we expose a serious vulnerability and by exploiting the same we devise a novel attack algorithm against CAS-Lock. The proposed attack can not only reveal the correct key but also the exact AND/OR structure of the implemented CAS-Lock design along with all the key gates utilized in both the blocks of CAS-Lock. It simply relies on the externally observable Distinguishing Input Patterns (DIPs) pertaining to a carefully chosen key simulation of the locked design without the requirement of structural analysis of any kind of the locked netlist. Our attack is successful against various AND/OR cascaded-chain configurations of CAS-Lock and reports 100% success rate in recovering the correct key. It has an attack complexity of \$\textbackslashmathcalO(m)\$, where \$m\$ denotes the number of DIPs obtained for an incorrect key simulation.
NotesISSN: 1558-1101
DOI10.23919/DATE54114.2022.9774691
Citation Keysaha_dip_2022
Groups: