Locked Circuit Indistinguishability: A Notion of Security for Logic Locking
Download the Whitepaper
Please fill the form to access the download.
Abstract:
We address logic locking, a mechanism for securing digital Integrated Circuits (ICs) from piracy by untrustworthy foundries. We discuss previous work and the state-of-the-art, and observe that, despite more than a decade of research that has gone into the topic (resulting in both powerful attacks and subsequent defenses), there is no consensus on what it means for a particular locking mechanism to be secure. This paper attempts to remedy this situation. Specifically, it formulates a definition of security for a logic locking mechanism based on indistinguishability and relates the definition to security from actual attackers in a precise and unambiguous manner. We then describe a mechanism that satisfies the definition, thereby achieving (provable) security from all prior attacks. The mechanism assumes the existence of both a puncturable pseudorandom function family and an indistinguishability obfuscator, two cryptographic primitives that exist under well-founded assumptions. The mechanism builds upon the Stripped-Functionality Logic Locking (SFLL) framework, a state-of-the-art family of locking mechanisms whose potential for ever achieving security is currently in question. Along the way, partly as motivation, we present additional results, such as a reason founded in average-case complexity for why benchmark circuits locked with a prior scheme are susceptible to the well-known SAT attack against such schemes, and why provably thwarting the SAT attack is insufficient as a meaningful notion of security for logic locking.
SECTION I.
Introduction
This paper addresses logic locking, an approach to protect the Intellectual Property (IP) of the designer of a digital Integrated Circuit (IC, or simply, circuit) from a potentially untrustworthy semiconductor foundry [24]. Outsourcing of IC fabrication to such a foundry has economic advantages to the designer. However, it comes with a potential for misuse of their IP. If the designer provides the design to the foundry in the clear, the foundry could, for example, fabricate unauthorized copies of the IC.
The idea behind logic locking is as follows; Figure [1] is an illustration. Prior to sending the design to the foundry, the designer applies to the circuit to be protected a locking mechanism, which alters the structure of the circuit so it functions correctly only when the designer loads a certain bitstring, called the correct key, onto read-proof memory on the chip. The designer then obfuscates the circuit and and sends it to the foundry for fabrication. When the foundry sends back the fabricated chip, the designer loads the correct key on the chip in order to “activate” it.
Threat scenarios that prior work have considered involve an untrustworthy foundry obtaining (i) the locked and obfuscated circuit, and, (ii) blackbox access to the original circuit. “Black-box access” to a circuit means that the attacker can exercise the circuit with any number of inputs of their choosing and get the output while incurring a fixed cost. This scenario is realistic because the foundry may be able to purchase a working IC to use while attacking another copy of the IC. In some scenarios, the attacker is weaker – they do not have (ii). This is typical of “removal attacks” that work by removing components of the locked circuit to isolate the original circuit from the rest of the logic.
Applications & Use Cases
Black Box Chip technology is designed for organizations where exposure equals risk and capability concealment is non-negotiable.
Defense & National Security
For agencies requiring hardware assurance for critical infrastructure and national security applications where capability exposure could compromise missions.
Advanced Semiconductor R&D
For organizations developing next-generation chips that must remain protected throughout the global supply chain and deployment lifecycle.
High-Value IP Owners
For companies with proprietary hardware logic that represents significant competitive advantage and requires protection against state-sponsored theft
"Functional opacity represents a fundamental breakthrough in hardware security. It's not about making attacks harder, it's about making them impossible."
— Black Box Chip Research Team—
Stay Ahead with Black Box Chip Insights
Subscribe to our updates and gain exclusive access to the latest hardware security research, in-depth whitepapers, expert blog posts, and critical technical publications. Never miss a breakthrough.