2.6 Circuit Locking and Camouflaging

Time	Label	Presentation Title Authors
11:30	2.6.1	CYCLIC LOCKING AND MEMRISTOR-BASED OBFUSCATION AGAINST CYCSAT AND INSIDE FOUNDRY ATTACKS Speaker: Hai Zhou, Northwestern University, US Authors: Amin Rezaei, Yuanqi Shen, Shuyu Kong, Jie Gu and Hai Zhou, Northwestern University, US Abstract The high cost of IC design has made chip protection one of the first priorities of the semiconductor industry. Although there is a common impression that combinational circuits must be designed without any cycles, circuits with cycles can be combinational as well. Such cyclic circuits can be used to reliably lock ICs. Moreover, since memristor is compatible with CMOS structure, it is possible to efficiently obfuscate cyclic circuits using polymorphic memristor-CMOS gates. In this case, the layouts of the circuits with different functionalities look exactly identical, making it impossible even for an inside foundry attacker to distinguish the defined functionality of an IC by looking at its layout. In this paper, we propose a comprehensive chip protection method based on cyclic locking and polymorphic memristor-CMOS obfuscation. The robustness against state-of-the-art key-pruning attacks is demonstrated and the overhead of the polymorphic gates is investigated. Download Paper (PDF; Only available from the DATE venue WiFi)
12:00	2.6.2	TIMINGCAMOUFLAGE: IMPROVING CIRCUIT SECURITY AGAINST COUNTERFEITING BY UNCONVENTIONAL TIMING Speaker: Li Zhang, Technical University of Munich, DE Authors: Grace Li Zhang¹, Bing Li², Bei Yu³, David Z. Pan⁴ and Ulf Schlichtmann⁵ ¹TU München (TUM), DE; ²TU München, DE; ³The Chinese University of Hong Kong, HK; ⁴University of Texas at Austin, US; ⁵Technical University of Munich, DE Abstract With recent advances in reverse engineering, attackers can reconstruct a netlist to counterfeit chips by opening the die and scanning all layers of original chips. This relatively easy counterfeiting is made possible by the use of the standard simple clocking scheme where all combinational blocks function within one clock period. In this paper, we propose a method to invalidate the assumption that a netlist completely represents the function of a circuit. With the help of wave-pipelining paths, this method forces attackers to capture delay information from manufactured chips, which is a very challenging task because we also introduce false paths. Experimental results confirm that wave-pipelining paths and false paths can be constructed in benchmark circuits successfully with only a negligible cost, while the potential attack techniques can be thwarted. Download Paper (PDF; Only available from the DATE venue WiFi)
12:30	2.6.3	ADVANCING HARDWARE SECURITY USING POLYMORPHIC AND STOCHASTIC SPIN-HALL EFFECT DEVICES Speaker: Satwik Patnaik, New York University, AE Authors: Satwik Patnaik¹, Nikhil Rangarajan², Johann Knechtel³, Ozgur Sinanoglu⁴ and Shaloo Rakheja² ¹NEW YORK UNIVERSITY, US; ²New York University, US; ³New York University Abu Dhabi (NYUAD), AE; ⁴New York University Abu Dhabi, AE Abstract Protecting intellectual property (IP) in electronic circuits has become a serious challenge in recent years. Logic locking/encryption and layout camouflaging are two prominent techniques for IP protection. Most existing approaches, however, particularly those focused on CMOS integration, incur excessive design overheads resulting from their need for additional circuit structures or device-level modifications. This work leverages the innate polymorphism of an emerging spin-based device, called the giant spin-Hall effect (GSHE) switch, to simultaneously enable locking and camouflaging within a single instance. Using the GSHE switch, we propose a powerful primitive that enables cloaking all the 16 Boolean functions possible for two inputs. We conduct a comprehensive study using state-of-the-art Boolean satisfiability (SAT) attacks to demonstrate the superior resilience of the proposed primitive in comparison to several others in the literature. While we tailor the primitive for deterministic computation, it can readily support stochastic computation; we argue that stochastic behavior can break most, if not all, existing SAT attacks. Finally, we discuss the resilience of the primitive against various side-channel attacks as well as invasive monitoring at runtime, which are arguably even more concerning threats than SAT attacks. Download Paper (PDF; Only available from the DATE venue WiFi)
13:00		End of session Lunch Break in Großer Saal and Saal 1 Coffee Breaks in the Exhibition Area On all conference days (Tuesday to Thursday), coffee and tea will be served during the coffee breaks at the below-mentioned times in the exhibition area (Terrace Level of the ICCD). Lunch Breaks (Großer Saal + Saal 1) On all conference days (Tuesday to Thursday), a seated lunch (lunch buffet) will be offered in the rooms "Großer Saal" and "Saal 1" (Saal Level of the ICCD) to fully registered conference delegates only. There will be badge control at the entrance to the lunch break area. Tuesday, March 20, 2018 Coffee Break 10:30 - 11:30 Lunch Break 13:00 - 14:30 Awards Presentation and Keynote Lecture in "Saal 2" 13:50 - 14:20 Coffee Break 16:00 - 17:00 Wednesday, March 21, 2018 Coffee Break 10:00 - 11:00 Lunch Break 12:30 - 14:30 Awards Presentation and Keynote Lecture in "Saal 2" 13:30 - 14:20 Coffee Break 16:00 - 17:00 Thursday, March 22, 2018 Coffee Break 10:00 - 11:00 Lunch Break 12:30 - 14:00 Keynote Lecture in "Saal 2" 13:20 - 13:50 Coffee Break 15:30 - 16:00

Time

Label

Presentation Title
Authors

11:30

2.6.1

CYCLIC LOCKING AND MEMRISTOR-BASED OBFUSCATION AGAINST CYCSAT AND INSIDE FOUNDRY ATTACKS
Speaker:
Hai Zhou, Northwestern University, US
Authors:
Amin Rezaei, Yuanqi Shen, Shuyu Kong, Jie Gu and Hai Zhou, Northwestern University, US
Abstract
The high cost of IC design has made chip protection one of the first priorities of the semiconductor industry. Although there is a common impression that combinational circuits must be designed without any cycles, circuits with cycles can be combinational as well. Such cyclic circuits can be used to reliably lock ICs. Moreover, since memristor is compatible with CMOS structure, it is possible to efficiently obfuscate cyclic circuits using polymorphic memristor-CMOS gates. In this case, the layouts of the circuits with different functionalities look exactly identical, making it impossible even for an inside foundry attacker to distinguish the defined functionality of an IC by looking at its layout. In this paper, we propose a comprehensive chip protection method based on cyclic locking and polymorphic memristor-CMOS obfuscation. The robustness against state-of-the-art key-pruning attacks is demonstrated and the overhead of the polymorphic gates is investigated.
Download Paper (PDF; Only available from the DATE venue WiFi)

12:00

2.6.2

TIMINGCAMOUFLAGE: IMPROVING CIRCUIT SECURITY AGAINST COUNTERFEITING BY UNCONVENTIONAL TIMING
Speaker:
Li Zhang, Technical University of Munich, DE
Authors:
Grace Li Zhang¹, Bing Li², Bei Yu³, David Z. Pan⁴ and Ulf Schlichtmann⁵
¹TU München (TUM), DE; ²TU München, DE; ³The Chinese University of Hong Kong, HK; ⁴University of Texas at Austin, US; ⁵Technical University of Munich, DE
Abstract
With recent advances in reverse engineering, attackers can reconstruct a netlist to counterfeit chips by opening the die and scanning all layers of original chips. This relatively easy counterfeiting is made possible by the use of the standard simple clocking scheme where all combinational blocks function within one clock period. In this paper, we propose a method to invalidate the assumption that a netlist completely represents the function of a circuit. With the help of wave-pipelining paths, this method forces attackers to capture delay information from manufactured chips, which is a very challenging task because we also introduce false paths. Experimental results confirm that wave-pipelining paths and false paths can be constructed in benchmark circuits successfully with only a negligible cost, while the potential attack techniques can be thwarted.
Download Paper (PDF; Only available from the DATE venue WiFi)

12:30

2.6.3

ADVANCING HARDWARE SECURITY USING POLYMORPHIC AND STOCHASTIC SPIN-HALL EFFECT DEVICES
Speaker:
Satwik Patnaik, New York University, AE
Authors:
Satwik Patnaik¹, Nikhil Rangarajan², Johann Knechtel³, Ozgur Sinanoglu⁴ and Shaloo Rakheja²
¹NEW YORK UNIVERSITY, US; ²New York University, US; ³New York University Abu Dhabi (NYUAD), AE; ⁴New York University Abu Dhabi, AE
Abstract
Protecting intellectual property (IP) in electronic circuits has become a serious challenge in recent years. Logic locking/encryption and layout camouflaging are two prominent techniques for IP protection. Most existing approaches, however, particularly those focused on CMOS integration, incur excessive design overheads resulting from their need for additional circuit structures or device-level modifications. This work leverages the innate polymorphism of an emerging spin-based device, called the giant spin-Hall effect (GSHE) switch, to simultaneously enable locking and camouflaging within a single instance. Using the GSHE switch, we propose a powerful primitive that enables cloaking all the 16 Boolean functions possible for two inputs. We conduct a comprehensive study using state-of-the-art Boolean satisfiability (SAT) attacks to demonstrate the superior resilience of the proposed primitive in comparison to several others in the literature. While we tailor the primitive for deterministic computation, it can readily support stochastic computation; we argue that stochastic behavior can break most, if not all, existing SAT attacks. Finally, we discuss the resilience of the primitive against various side-channel attacks as well as invasive monitoring at runtime, which are arguably even more concerning threats than SAT attacks.
Download Paper (PDF; Only available from the DATE venue WiFi)

13:00

End of session
Lunch Break in Großer Saal and Saal 1

Coffee Breaks in the Exhibition Area

On all conference days (Tuesday to Thursday), coffee and tea will be served during the coffee breaks at the below-mentioned times in the exhibition area (Terrace Level of the ICCD).

Lunch Breaks (Großer Saal + Saal 1)

On all conference days (Tuesday to Thursday), a seated lunch (lunch buffet) will be offered in the rooms "Großer Saal" and "Saal 1" (Saal Level of the ICCD) to fully registered conference delegates only. There will be badge control at the entrance to the lunch break area.

Tuesday, March 20, 2018