Classical Cryptanalysis Attacks on Logic Locking Techniques

Logic locking is a protection technique for outsourced integrated circuit (IC) designs that thwarts IC piracy and IC counterfeiting by untrusted foundries. In this technique, the IC design house locks the correct functionality of the circuit using a key that is known only to the trusted entities in the design house. As the correct key values are provided by the design house after production, a malicious adversary in the foundry house will not be able to unlock overproduced or counterfeit ICs. In this paper, we mount linear approximation attacks and differential attacks on random logic locking (RLL), fault-analysis based logic locking (FLL), and strong logic locking (SLL) techniques. We present a formal approach to mount the linear approximation attack on multiple circuit partitions and thereafter combining the approximations to form the attack on a locked logic cone of the circuit. We present our results on ISCAS’85 benchmark circuits. In linear approximation attack, the combinatorial blocks are partitioned and expressed as linear expressions to derive a relation between the primary inputs and the primary outputs of the circuit. The attack aims to determine the linear approximation that has the highest probability of occurrence for the correct key input. In differential attacks, we could recover the embedded secret key in device with attack effort lesser than exhaustive search attack.