Robust and Attack Resilient Logic Locking with a High Application-Level Impact

Logic locking is a hardware security technique aimed at protecting intellectual property against security threats in the IC supply chain, especially those posed by untrusted fabrication facilities. Such techniques incorporate additional locking circuitry within an integrated circuit (IC) that induces incorrect digital functionality when an incorrect verification key is provided by a user. The amount of error induced by an incorrect key is known as the effectiveness of the locking technique. A family of attacks known as “SAT attacks” provide a strong mathematical formulation to find the correct key of locked circuits. To achieve high SAT resilience (i.e., complexity of SAT attacks), many conventional logic locking schemes fail to inject sufficient error into the circuit when the key is incorrect. For example, in the case of SARLock and Anti-SAT, there are usually very few (or only one) input minterms that cause any error at the circuit output. The state-of-the-art stripped functionality logic locking (SFLL) technique provides a wide spectrum of configurations that introduced a tradeoff between SAT resilience and effectiveness. In this work, we prove that such a tradeoff is universal among all logic locking techniques. To attain high effectiveness of locking without compromising SAT resilience, we propose a novel logic locking scheme, called Strong Anti-SAT (SAS). In addition to SAT attacks, removal-based attacks are another popular kind of attack formulation against logic locking where the attacker tries to identify and remove the locking structure. Based on SAS, we also propose Robust SAS (RSAS) that is resilient to removal attacks and maintains the same SAT resilience and effectiveness as SAS. SAS and RSAS have the following significant improvements over existing techniques. (1) We prove that the SAT resilience of SAS and RSAS against SAT attack is not compromised by increase in effectiveness. (2) In contrast to prior work that focused solely on the circuit-level locking impact, we integrate SAS-locked modules into an 80386 processor and show that SAS has a high application-level impact. (3) Our experiments show that SAS and RSAS exhibit better SAT resilience than SFLL and their effectiveness is similar to SFLL.