Indian Institute of Engineering Science and Technology,

Shibpur

Major Project Report

Logic Locking

Report No. 01

Prepared By
Shantonu Debnath
Enrollment. 510519085

1
Introduction of Logic Locking
Logic locking transforms an original circuit into a locked circuit. It’s locked the circuit to
protect the implementation of trojan into the circuit.

2022 6th International Conference on Devices, Circuits and Systems (ICDCS) | 21-22 April 2022 | Karunya Institute of Technology and Sciences, Coimbatore, India.

Why needed Logic Locking

Due to the complexity and the cost of producing integrated circuits, most hardware
circuit designers outsource the manufacturing of their circuits to a third-party foundry.
However, a dishonest foundry may abuse its access to the circuit’s design in a variety of
ways that undermine the designer’s investment or potentially introduce vulnerabilities.
To combat these issues, the hardware community has developed the notion of logic
locking, which allows the designer to send the foundry a “locked” version of the original
circuit. After the locked circuit has been manufactured, authorized users can unlock the
original functionality with a secret key. Before Logic locking chip, design can easily be
abstracted by Reverse Engineering. But now after putting these logic gates
functionality depends on the key. So, knowing the gate structure is not only sufficient.

Ozgur Sinanoglu Youtube Channel

Logic Locking Key Management

To take the input in logic locking circuit, we are using temper proof memory.

2
Option-1

https://www.youtube.com/watch?v=NaDhdjI3frg&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=7

All the key’s which we are used in the circuit are connected with tamper proof memory.
The authentic user can set the unique key in memory.
Option-2

https://www.youtube.com/watch?v=NaDhdjI3frg&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=7

In this option, we are using two types of keys. One key used in temper proof memory
and other is loaded by User. These two keys are added using XOR gate and the final key
will be generate using XOR operation.

Types of logic locking

1. Sequential Logic Locking
2. Combinational Logic Locking

1. Sequential Logic Locking

In sequential logic locking, the data path of a design remains untouched while its
control logic, i.e., Finite State Machines (FSMs), is targeted. Here, the locking
circuitry extends the original state transitions with additional dummy states.
Details depend on the actual scheme, but common examples are states that lead
to infinite loops or wildly jump between each other. Simplified, the key nullifies

3
 the modification, e.g., by correctly traversing these dummy states or by providing
the required control signals for intended state transitions.

2. Combinational Logic Locking

Combinational logic locking performs key-dependent manipulations in the
combinational path of a design.

There are two kinds of Sequential and Combinational Logic Locking. One is Attack and
another is Défense.

Logic Locking

Sequential Combinational
Logic Locking Logic Locking

Attack Défense Attack Défense

Types of logic Attack

There are three types of logic attack.
1. Sensitization Attack
2. SAT Attack
3. Signal Probability Skew Attack

• Basically, Manufacture company have two things for attack one is Locked netlist
and another is Functional IC that’s called threat model.

1. Sensitization Attack
In this attack attacker have threat model. Attacker use sensitization individual key
bits to primary outputs. To prevent this attack the defence method is Strong Logic
Encryption.

2. SAT Attack
In this attack attacker have threat model. Attacker eliminate incorrect keys using
“distinguishing input patterns”. To prevent this attack the defence method is
SARLock, Anti-SAT etc.

4
 3. Signal Probability Skew Attack
In this attack attacker have locked netlist. Attacker identify the output of logic
locking block using signal skew as a trace. To prevent this attack the defence
method is TTLock.

https://www.youtube.com/watch?v=ke7WHIyElkE&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=3

Evolution of Logic Locking

Defenses Attacks

Random (RLL)

Fault Analysis Based (FLL) Sensitization

Strong (SLL) SAT

AES-based

SARLock

Anti-SAT Signal Probability Skew (SPS)

TTLock

5
Logic Locking Techniques (Defense)

Random LL (RLL)
1. Key-gates random location.
2. Key -gates uniformly distributed in the netlist.

https://iot4beginners.com/logic-locking-advancement-to-iot-security

In this IC we see that two gate are randomly inserted the IC.
Fault Analysis Based (FLL)
1. Key-gates at the most influential locations in the netlist.
2. Key-gates tend to be localized and mostly back -to- back.

https://iot4beginners.com/logic-locking-advancement-to-iot-security

6
Strong LL (SLL)
In this defense method we are use locked logic cone. In this technique the gates are
connected like interference graph. Each gate is node and each edges has a type like.
Mutable and non- mutable. In this algorithm insert the key- gate that interferes with all
existing key-gates.

https://www.youtube.com/watch?v=NlgSfGh34GY

• Before describe the SARLock we need to know what is Logic Cone.

Logic Cone: A logic cone is a block of combinational logic that drives a compare point.
Inputs to a logic cone include register output pins, primary input ports and black-box
output pins. Compare points include registers, primary output ports and black-box
input pins.

SARLock
To build a SAT attack resistant circuit that implements a truth table, in a light weight
and scalable fashion, we use a small comparator circuit. The comparator generates a flip
signal that is asserted for specific input and key value combinations. The flip signal will
be XOR ed with one of the primary outputs. To prevent the flip signal from being
asserted for the correct key value, such as 110, a small mask logic is inserted. The resulting
locked circuit achieves the desired resistance against the SAT attack at minimal
overhead.

https://www.researchgate.net/publication/304457091_SARLock_SAT_attack_resistant_logic_locking

7
Anti-SAT
In this defence system the authentic user is input two new blocks in the IC’s. These two
blocks are parallelly make the anti-sat blocks. These are eliminated the DIP problem. In
this method when the attacker uses any wrong key the blocks inject the error in the
circuit and the circuit loss their original functionality.

https://www.youtube.com/watch?v=wH5A9LxIlxk&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=10

TTLock
All existing logic-locking techniques are vulnerable. Thus, there is no provably-secure
logic locking. Hence, propose a provably-secure logic-locking technique TTLock:
1. TTLock, which provably resists all known attacks, i.e., SAT, sensitization, and signal skew
analysis attacks.
2. TTLock modifies the original logic cone by inverting the response to one protected
input pattern, while an additional inversion introduced by TTLock restores the correct
functionality only for the correct key.
3. Even though the TTLock logic can be identified via a signal-tracing attack, its removal
will still leave the remaining logic different than the original one, thwarting removal
attacks.
TTLock modifies the design logic cone to invert its output for a selected (protected)
input pattern. The modification can be affected via logic gate insertions/replacements.
The desired impact is an inverted output for only one input pattern corresponding to
the correct key. The restore unit of TTLock then inverts the inverted output only for the
correct key, thereby restoring the correct output. For any incorrect key, TTLock produces
an inverted output for the protected input pattern. Both the key and the protected input
pattern are the designer’s secrets.
TTLock has the following properties:

• The modification applied to the logic cone is minimal to deliver maximal SAT
attack resilience; the discriminating ability of each input pattern is limited to a
single incorrect key.

8
 • Any reverse-engineering attack on the original logic cone recovers the modified,
and thus, the incorrect functionality. The secret key should be known to
understand the modification in the logic cone, protecting against removal attacks.

https://personal.utdallas.edu/~gxm112130/papers/glsvlsi17.pdf

TTLock architecture

a) Logic cone in the original circuit. b) Modified logic cone in TTLock. G1 in logic cone is
replaced with G1' in the modified logic cone that inverts the output Ymod for IN=6

Logic Locking Techniques (Attack)

Sensitization
Goal: Determine the secret key used for logic encryption.
Attacker has:

• Locked Netlist
• Functional IC
Attacker does:

• Compute the attack patterns from the locked netlist

• Applies them on IC
• Infers key from response

9
 https://www.youtube.com/watch?v=NlgSfGh34GY&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=8

In the above-mentioned circuit attackers was sensitize key k1 to primary output o1 and
find a test pattern to do sensitization. To apply the test pattern to functional IC and
observe the responses to find the value of key.
This problem solved using RLL, FLL and SLL

SAT
Sensitization Threat model are same with SAT attack.

Show the diagram in below:

https://www.youtube.com/watch?v=y6efE5TjoCU&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=8

10
In this model attacker has locked netlist and the functional circuit. So, in this method
they are used DIP. DIP is using the all possible no and unlock the circuit.

This problem solved using

• Random (RLL)
• Fault Analysis Based (FLL)
• Strong (SLL)
• AES-based
• SARLock
• Anti-SAT

Signal Probability Skew (SPS)

https://www.youtube.com/watch?v=wH5A9LxIlxk&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=10

In this attack attacker are use skew. This attack basically destroys the defence of Anti-
Sat. In anti-sat for the blocks we know only two inputs are there one is 0 another is 1. So,
if the two block we use two different inputs ultimately the final answer will be 0 and
activate the IC without inject any error.
For this attack the defence method is TTLock.

Oracle Based Attack

In the field of security engineering, an oracle attack is an attack that exploits the
availability of a weakness in a system that can be used as an "oracle" to give a simple
go/no go indication to inform attackers how close they are to their goals.

11
So, in the above which we are discuss these are oracle-based attack. Mainly SAT is an
oracle-based attack. There is also oracle less attack.

https://www.youtube.com/watch?v=S-eTSlpCh7M&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=16

Oracle-based Attack

Core Components of logic locking

https://www.sciencedirect.com/science/article/pii/S0167926019303694

12
Logic Locking Circuit
In logic locking there are not mandatory that we need to use XOR/XNOR gate for lock
the IC’s. We also use Register, MUX etc.

https://ieeexplore.ieee.org/document/9780725

(a) Initial netlist (b) Logic locking based on XOR/XNOR (c) Logic locking based on Mux (d) Logic locking
based on LUT

Details Dividation of Logic Locking

2022 6th International Conference on Devices,

Circuits and Systems (ICDCS) | 21-22 April 2022 |
Karunya Institute of Technology and Sciences,
Coimbatore, India.

13
Now I will write about rest of the part of logic locking classification
Sequential logic locking
A state transition graph with sequential logic locking includes extra logic stages. It is
altered in a way that it can only be accessed in a valid state when the key bits are applied
in the right order. BFSM introduces an exponentially high number of obfuscated. Until
the right input (key) is applied, the FSM remains in an obfuscated state. According to
Y.Alkabani et. a1, Hardware Protection via Obfuscation of Netlist (HARPOON) guarantees
security in SoC architecture. This technique combines authentication and obfuscation
both in manufacturing and design phases by altering the internal logic structures of the
design and the state transition function. In HARPOON, an attacker can exploit a unique
border between the obfuscated and functional states. By “convoluting” the two FSMs,
multiple locking approaches boost robustness. State interlocking leads to increased
transitions between the two sets of states, blurring the FSM boundary. Several circuit
classes may be changed to operate in various modes. It may not be necessary to
implement all modes in certain applications; undesired modes indicate inappropriate
behaviour. In order to implement mode-based obfuscation, the “switches” in the filters
can be implemented in a programmable manner. For example, each switch may be
replaced by a key-controlled MUX at runtime that provides the necessary configuration
data. A.Patooghy et.al. report that the SCC attacks are designed to detect state registers,
reassemble the FSM, and reverse engineer a netlist. In these attacks, Tarjan uses its
strongly connected component (SCC) identification technique. Based on model-
checking queries, K. Shamsi uses BMC-based attacks to unroll the sequential circuit p
times. The attack ends when a unique key is found or the locked circuit becomes its
combinational equivalent. The attack can be sped up by combining iterative SAT with
dynamic simplification of difficult circumstances (SAT clauses) that accumulate across
successive iterations of the attack.

Combinational Logic Locking

Combinational logic locking performs key-dependent manipulations in the
combinational path of a design. Which part we are discuss in the above part all are
combinational logic locking.

Pre-SAT logic locking

A circuit designed with pre-SAT logic locking strategies (RLL, FLL, SLL) contained locking
gates implemented separately. Unlike other types of locking gates, these gates are hard
to remove or detect.
RLL, FLL and SLL are discussed in the above part.

14
Post-SAT logic locking
Based on M.Yasin et. al’s stripped functionality logic locking, all logic locking attacks are
resistant, and possible to choose between protection from removal attacks and SAT
attacks. Based on the “strip and restore” concept, SFLL removes certain functionality in
the original circuit and saves it in a tamper-proof memory on the chip as a secret key.
The SFLL-HD and SFLL-flex are two types of SFLL. Graph theory supports cyclic logic
locking. Combining directed acyclic graphs with combinational circuits, cyclic locking
defeats SAT-based adversaries. OWF-lock combines a one-way function with an
RLL/FLL-locked circuit to create a one-way function. The output corruptibility is
considerable due to the dispersion feature. To be safe against removal attacks, OWF-
Lock, on the other hand, relies on the combination of the secured netlist and OWF.

Attacks on logic locking

A. Algorithmic attack
To extract the hidden, unlock key, an algorithmic attack takes advantage of the logic
locking algorithm’s computational flaws. “Exact” attacks are another name for these
attacks. Differentiating input patterns (DIP) are specialized input patterns that may be
used to solve problems using the SAT attack. Multiple wrong key values may be ruled
out by a single DIP, minimizing the attack’s computing cost. CySAT is a cyclic logic
locking attack. H.Zhou et.al propose the use of a cyclic graph for the SAT attack. In the
pre-processing phase, the SAT formula is extended with additional terms. By using these
clauses, an acyclic circuit can be retrieved. SAT attacks are subsets of SMT attacks as they
can handle non-boolean variables. By using first-order theories such as arithmetic, bit
vectors, and real numbers, SMTs are designed to address a wide range of constraint
satisfaction issues. SAT attacks, and other attacks based on approximation, can also be
carried out by the SMT attack.

B. Approximate attacks
The approximation attacks produce a netlist that is almost exactly the same as the
original, but the netlist may yield wrong output for a small number of input patterns.
AppSAT and Double-DIP are examples of this type of attack. In comparison to exact
attacks, these attacks involve less computing work. AppSAT lowers a complex logic
locking approach, such as Anti-SAT+SLL, or SARLock+SLL, for a single SAT defense
technique. Within a few cycles, the attack will be unsuccessful. The SAT attack is
supplemented by periodic requests for random information to the functional IC.
Compound logic locking approaches are likewise targeted by the Double-DIP attack,
according to Y.Shen et.al. In each iteration, in this attack, two wrong keys are eliminated
by calculating DIPs.

C. Removal attacks

15
To isolate and remove the functionally correct netlist from the functionally incorrect
ones, structural/removal attacks bypass and/or delete protective logic. AppSAT guided
removal attack, Bypass attack, and Signal probability skew attack are only a few
examples. This anti-SAT block is made up of two NAND tree and a AND-tree whose
outputs are skewered towards 1 and 0, respectively. When there is structural or
functional obfuscation, the attack becomes less successful. AppSAT guided removal
attack (AGR) uses AppSAT to eliminate obfuscated Anti-SAT blocks, followed by
structural post-processing to eliminate Anti-SAT blocks that have been obfuscated.
According to H.Xu, The Bypass attack creates a functionally valid netlist by searching for
input patterns for which a randomly selected key produces wrong output. Through a
bypass circuit, the circuit output has been restored.

D. Side-channel attacks
Side-channel attacks are a form of leaking information via hidden physical routes.
Security flaws in logic synthesis are exploited in this attack. The differential power
analysis (DPA) attack proposed by M. Yasin is a side channel attack that extracts the
secret key from the power usage and the key value. After applying a variety of input
patterns to a working IC, the attack records both the power traces and the circuit output.
In spite of its effectiveness in decrypting most cryptographic algorithms, the DPA attack
is one of the most common side channel attacks ever created. Design houses use
automatic test pattern generation (ATPG) tools to create test data that is then turned
over to the foundry/dedicated test facility when ICs are being manufactured in order to
identify faulty components.

Stripped Functionality Logic Locking (SFLL)

Stripped functionality logic locking (SFLL). Stripped functionality logic locking resists all
known attacks against logic locking, and enables trade-offs between resilience to SAT
attack and the removal attacks. SFLL is based on the notion of "strip and restore", where
some functionality from the original circuit is stripped and is stored in form secret keys
in an on-chip tamper-proof memory. SFLL has two variants: SFLL-HD and SFLL-flex.
SFLL-HD. Whereas TTLock modifies and thus protects only one input pattern, SFLL-HD
allows to efficiently protect a large number of input patterns. SFLL-HD is able to protect
(~) input patterns that are of Hamming Distance (HD) h from the k-bit secret key. Only
one k-bit secret key is stored in the tamper-proof memory. As depicted in Figure (c), a
single comparator is used along with the Hamming distance compute logic. With
increasing Hamming distance, the number of protected patterns increased binomially.
The SAT attack resilience decreases logarithmically with increasing number of
protected patterns. For h=O, SFLL-HD is equivalent to TTLock.
SFLL-ftex. SFLL-HD is suitable for general applications where it is useful to protect an
arbitrary set of input patterns. However, in certain applications, a specified set of input
patterns, or a range of input patterns needs to be protected. SFLL-flex allows to

16
compactly represent the patterns-to-beprotected using a small set of input cubes. The
input cubes are stored on an on-chip look-up table as illustrated in Figure (d).

https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8203496

17
Reference
1. 2022 6th International Conference on Devices, Circuits and Systems (ICDCS) | 21-22
April 2022 | Karunya Institute of Technology and Sciences, Coimbatore, India.
2. Ozgur Sinanoglu Youtube Channel
3. https://www.youtube.com/watch?v=NaDhdjI3frg&list=PLksQ2uF05PlxaFKvcXaU7
LeaNTsVCRhuE&index=7
4. https://www.youtube.com/watch?v=ke7WHIyElkE&list=PLksQ2uF05PlxaFKvcXaU
7LeaNTsVCRhuE&index=3
5. https://iot4beginners.com/logic-locking-advancement-to-iot-security
6. https://www.youtube.com/watch?v=NlgSfGh34GY
7. https://www.researchgate.net/publication/304457091_SARLock_SAT_attack_resis
tant_logic_locking
8. https://www.youtube.com/watch?v=wH5A9LxIlxk&list=PLksQ2uF05PlxaFKvcXaU
7LeaNTsVCRhuE&index=10
9. https://personal.utdallas.edu/~gxm112130/papers/glsvlsi17.pdf
10. https://www.youtube.com/watch?v=NlgSfGh34GY&list=PLksQ2uF05PlxaFKvcXaU
7LeaNTsVCRhuE&index=8
11. https://www.youtube.com/watch?v=S-
eTSlpCh7M&list=PLksQ2uF05PlxaFKvcXaU7LeaNTsVCRhuE&index=16
12. https://ieeexplore.ieee.org/document/8735073
13. https://ieeexplore.ieee.org/document/9091551
14. https://www.researchgate.net/figure/Logic-locking-methods-a-An-original-
netlist-b-XOR-XNOR-based-logic-locking-c_fig1_346444273
15. https://personal.utdallas.edu/~gxm112130/papers/glsvlsi17.pdf
16. https://www.researchgate.net/publication/345321883_Research_Proposal?fbclid=
IwAR0SO3dFqNOpDyRm4OzskOjX8TD_EhSTZp18i8pAWLFHfCHtRMChd_DhXCk
17. https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8203496
18. https://link.springer.com/chapter/10.1007/978-3-030-15334-2_2
19. https://cse.iitk.ac.in/users/spramod/talks/vlsid19.pdf
20. https://www.sciencedirect.com/science/article/pii/S0167926019303694
21. https://ieeexplore.ieee.org/document/9780725

THE END

18