Attack of the Genes: Finding Keys and Parameters of Locked Analog ICs Using Genetic Algorithm

Acharya, Rabin Yu; Chowdhury, Sreeja; Ganji, Fatemeh; Forte, Domenic

doi:10.1109/host45689.2020.9300277

Cited by 17 publications

(10 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recommendations are also given on how to mitigate these two counter-attacks. The counter-attacks in [19], [20] are the most powerful since they are generally applicable to any biasing locking scheme, they cannot be mitigated, and also, compared to [17] where the attacker must derive circuit equations, are easier to execute even by a weak attacker with no particular circuit design expertise. The underlying idea is to remove the locked biasing circuit and replace it with an unlocked version of it and, thereafter, use optimization to synthesize the biasing circuit together with the circuit core.…”

Section: B Counter-attacks On Lockingmentioning

confidence: 99%

“…In [19], the optimization aims at matching the frequency or transient response to that of the oracle, whereas in [20] the optimization aims at satisfying the performance tradeoff promised in the datasheet without requiring an oracle. In [19], a second optimization is performed aiming at recovering the secret key by using the extracted obfuscated component value as a second fitness criterion. In this way, the search in the large space of keys, i.e., 2 n where n is the key size, can converge in reasonable time.…”

Section: B Counter-attacks On Lockingmentioning

confidence: 99%

See 1 more Smart Citation

Digitally Assisted Mixed-Signal Circuit Security

Leonhard¹,

Limaye

Turk

et al. 2022

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

The design and manufacturing steps of a chip typically involve several parties. For example, a chip may comprise several third-party Intellectual Property (IP) cores and the Integrated Circuit (IC) fabrication may be outsourced to a third-party foundry. IP cores and ICs are shared with potentially untrusted third parties and, as a result, are subject to piracy attacks. Even more, any legally purchased chip may be reverse-engineered to retrieve the design down to transistorlevel and, thereby, it is also subject to piracy attacks. In this paper, we propose MixLock, an anti-piracy countermeasure for mixed-signal IP cores and ICs. MixLock protection is based on inserting a lock mechanism into the design such that correct functionality is established only after applying a key which is the designer's secret. The lock mechanism acts on the mixedsignal performances by leveraging logic locking of the digital part. MixLock presents several key attributes. It is generally applicable, it is non-intrusive to the sensitive analog section, it incurs no performance penalty and has very low area and power overheads, it is fully automated, and it is capable of co-optimizing security in both the analog and digital domains. We demonstrate MixLock on a Σ∆ Analog-to-Digital Converter (ADC) using hardware measurements and an audio demonstrator.

show abstract

Section: B Counter-attacks On Lockingmentioning

confidence: 99%

Section: B Counter-attacks On Lockingmentioning

confidence: 99%

Digitally Assisted Mixed-Signal Circuit Security

Leonhard¹,

Limaye

Turk

et al. 2022

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

show abstract

“…The defender may choose to make additional transistors tunable via their body-bias so as to increase the functionality corruption and security level if needed. The defender can Although a large key size is a prerequisite for defending against brute-force attacks, this locking scheme remains vulnerable against optimization-based attacks [22] which aim at searching in the key space towards optimizing the performance trade-off. More specifically, the attacker can formulate an optimization problem min key |f (key) − s| to approximate a "close" key, where f (key) is the function relating the performance with the key and s denotes the specification of the performance.…”

Section: A Locking Principlementioning

confidence: 99%

“…Therefore, the proposed locking thwarts IP/IC piracy. The key has a large size, which, combined with the long analog simulation time, thwarts counter-attacks to extract the key based on brute-force or optimization [22]. The non-linear DAC transformation further slows down the optimization convergence and, in addition, protects body-bias domains that are fixed to the reference voltages.…”

Section: Locking Propertiesmentioning

confidence: 99%

Anti-Piracy of Analog and Mixed-Signal Circuits in FD-SOI

Tlili¹,

Sayed

Mahmoud³

et al. 2022

2022 27th Asia and South Pacific Design Automation Conference (ASP-DAC)

View full text Add to dashboard Cite

We propose an anti-piracy security technique based on locking for analog and mixed-signal circuits designed in FD-SOI. We show that obfuscating the body-bias voltages of tunable transistors is an effective way for inducing high functionality corruption. The obfuscation is achieved by constituting a secret key from the concatenation of the input digital codes of the body-bias generators that produce the correct body-bias voltages. We also propose a slight modification of the bodybias generator that increases prohibitively the time complexity of counter-attacks aiming at finding an approximate key. The proposed locking scheme is demonstrated on a Σ∆ modulator used in highly-digitized RF receiver architectures.

show abstract

“…The function f j (key) is intricate without a known closed-form relationship and is computed by invoking a circuit simulator. Such an optimization attack based on a GA is proposed in [34] and was originally used for breaking biasing locking. For AMS ICs it is likely that a number of keys result in a satisfactory performance trade-off, although this number is typically a very small fraction of all keys.…”

Section: G Security Analysismentioning

confidence: 99%

Locking by Untuning: A Lock-Less Approach for Analog and Mixed-Signal IC Security

Elshamy

Sayed

Louërat

et al. 2021

IEEE Trans. VLSI Syst.

View full text Add to dashboard Cite

We propose an anti-piracy security approach for programmable analog and mixed-signal (AMS) Integrated Circuits (ICs). The security approach relies on functionality locking by leveraging the inherent programmability and utilizing the configuration settings as secret keys or, equivalently, the programming bits as key-bits. When invalid keys are applied, the circuit is untuned and, as a result, its functionality breaks, i.e., at least one of the performances violates its specification. As long as the calibration algorithm that produces the configuration settings can be kept secret, the proposed approach can serve as a countermeasure against all types of counterfeiting, i.e., cloning, overbuilding, remarking, and recycling. An important advantage of the proposed approach is that it is lock-less. It leaves the design intact, there is no change to the design flow, and there is no performance penalty and no area or power overheads due to the lock operation. We demonstrate it on a Σ∆ Analogto-Digital Converter (ADC) with 194-bit programmability and complex calibration algorithm used in the context of highlydigitized, multi-standard RF receivers.

show abstract

Attack of the Genes: Finding Keys and Parameters of Locked Analog ICs Using Genetic Algorithm

Cited by 17 publications

References 32 publications

Digitally Assisted Mixed-Signal Circuit Security

Digitally Assisted Mixed-Signal Circuit Security

Anti-Piracy of Analog and Mixed-Signal Circuits in FD-SOI

Locking by Untuning: A Lock-Less Approach for Analog and Mixed-Signal IC Security

Contact Info

Product

Resources

About