簡易檢索 / 詳目顯示
| 研究生: |
王郁淇 Wang, Yu-Ci |
|---|---|
| 論文名稱: |
使用多重密鑰將有限狀態機進行邏輯混淆 Logic Obfuscation of Finite State Machine Using Multiple Keys |
| 指導教授: |
黃婷婷
Hwang, Ting-Ting |
| 口試委員: |
劉一宇
Liu, Yi-Yu 陳勇志 Chen, Yung-Chih |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 資訊系統與應用研究所 Institute of Information Systems and Applications |
| 論文出版年: | 2024 |
| 畢業學年度: | 112 |
| 語文別: | 英文 |
| 論文頁數: | 39 |
| 中文關鍵詞: | 硬體安全 、邏輯混淆 、有限狀態機 |
| 外文關鍵詞: | Hardware Security, Logic Obfuscation, Finite State Machine |
| 相關次數: | 點閱:92 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
隨著科技的進步,IC 設計的過程越來越複雜,成本也逐漸提高。為了經濟效益,IC 設計與晶片生產會被分開,導致設計有可能被不信任的第三方竊取,並採取更多非法行為。為了確保晶片的安全,其中一個保護的方法就是邏輯混淆。邏輯混淆可分為針對組合邏輯電路跟針對循序邏輯電路。循序邏輯的邏輯混淆即為加密有限狀態機,其中有兩種方法,分別是基於密鑰的以及無密鑰的。基於密鑰的加密方式是透過增加額外的邏輯閘和密鑰輸入端去保護電路。這種方法會對 IO 查詢攻擊的防護力較弱。而無密鑰的加密方式則是會在原始電路中新增一個混淆區域,需要利用輸入序列去跳脫此區域。此方法對於結構攻擊較為脆弱。
本篇論文提出一個多密鑰的密鑰式加密方法來增強對於 IO 查詢攻擊的防護力。每個有限狀態機的轉換都會被加密,而正確的密鑰會隨著不同情況而改變。攻擊者除了要知道每個密鑰的正確值,還需要知道每個密鑰的正確使用時機。這樣可以增加許多解密所需的時間。此外,由於整個有限狀態機會被重新合成,結構攻擊也難以攻擊本方法。
The increasing complexity and cost of integrated circuit (IC) design have led to the separation of chip design and production, exposing circuits to potential illicit activities by untrusted manufacturers. Ensuring the security of circuits is becoming increasingly important. One of the countermeasures against untrusted use is logic obfuscation, which is a common technique to protect circuits by making their functionality difficult to determine. Logic obfuscation can be divided into combinational logic obfuscation and sequential logic obfuscation. Sequential logic obfuscation, which encrypts the finite state machine (FSM), can be key-based or keyless. Key-based methods need additional gates and key inputs to encrypt the circuit, and they are susceptible to I/O query-based attacks like bounded model checking(BMC) attacks. Keyless methods add an obfuscated region to the original circuit and use input sequences to escape from it, but are vulnerable to structural attacks.
This thesis proposes a multi-key method to enhance key-based obfuscation against I/O query-based attacks. Every transition of the FSM will be encrypted, and the key will continuously change under different conditions. This method requires attackers to know both the correct keys and the correct mappings of keys, significantly increasing the complexity of deciphering the circuit. The FSM will be re-synthesized to further complicate attacks based on structural observations.
[1] P. Subramanyan, S. Ray, and S. Malik, “Evaluating the security of logic encryption algorithms,” 2015 IEEE International Symposium on Hardware Oriented Security and Trust(HOST), pp. 137–143, 2015.
[2] M. Yasin, B. Mazumdar, J. J. V. Rajendran, and O. Sinanoglu, “Sarlock: Sat attack resistant logic locking,” 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 236–241, 2016.
[3] F. Yang, M. Tang, and O. Sinanoglu, “Stripped functionality logic locking with hamming distance-based restore unit (sfll-hd)–unlocked,” IEEE Transactions on Information Forensics and Security, vol. 14, no. 10, pp. 2778–2786, 2019.
[4] R. Karmakar, S. Chattopadhyay, and R. Kapur, “Encrypt flip-flop: A novel logic encryption technique for sequential circuits,” CoRR, vol. abs/1801.04961, 2018.
[5] J. Maynard and A. Rezaei, “Dual key logic locking against oracle-guided attacks,” 24th International Symposium on Quality Electronic Design (ISQED), 2023.
[6] L. Li, S. Ni, and A. Orailoglu, “Janus: Boosting logic obfuscation scope through reconfigurable fsm synthesis,” IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2021.
[7] L. Li and A. Orailoglu, “Janus-hd: Exploiting fsm sequentiality and synthesis flexibility in logic obfuscation to thwart sat attack while offering strong corruption,” Design, Automation & Test in Europe Conference & Exhibition (DATE), 2022.
[8] R. S. Chakraborty and S. Bhunia, “Harpoon: An obfuscation-based soc design methodology for hardware protection,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, pp. 1493–1502, 2009.
[9] A. R. Desai, M. S. Hsiao, C. Wang, L. Nazhandali, and S. Hall, “Interlocking obfuscation for anti-tamper hardware,” Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, pp. 1–4, 2013.
[10] J. Dofe and Q. Yu, “Novel dynamic state-deflection method for gate-level design obfuscation,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2018.
[11] Y. Hu, Y. Zhang, K. Yang, D. Chen, P. A. Beerel, and P. Nuzzo, “Fun-sat: Functional corruptibility-guided sat-based attack on sequential logic encryption,” 2021 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2021.
[12] Y. Hu, Y. Zhang, K. Yang, D. Chen, P. A. Beerel, and P. Nuzzo, “On the security of sequential logic locking against oracle-guided attacks,” IEEE Transactions on Computer Aided Design of Integrated Circuits and Systems, vol. 42, pp. 3628–3641, 2023.
[13] M. E. Massad, S. Garg, and M. Tripunitara, “Reverse engineering camouflaged sequential circuits without scan access,” 2017 IEEE/ACM International Conference on Computer Aided Design (ICCAD), pp. 33–40, 2017.
[14] K. Shamsi, M. Li, D. Z. Pan, and Y. Jin, “Kc2: Key-condition crunching for fast sequential circuit deobfuscation,” Design, Automation & Test in Europe Conference & Exhibition (DATE), 2019.
[15] T. Meade1, S. Zhang, and Y. Jin, “Netlist reverse engineering for high-level functionality reconstruction,” Asia and South Pacific Design Automation Conference (ASP-DAC), 2016.
[16] T. Meade, Z. Zhao, S. Zhang, D. Pan, and Y. Jin, “Revisit sequential logic obfuscation: Attacks and defenses,” IEEE International Symposium on Circuits and Systems (ISCAS), 2017.
[17] R. Tarjan, “Depth-first search and linear graph algorithms,” SIAM Journal on Computing, vol. 1, pp. 146–160, 1972.
[18] A. Rezaei and H. Zhou, “Sequential logic encryption against model checking attack,”2021 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1178–1181, 2021.
[19] S. Y. Yang, “Logic synthesis and optimization benchmarks user guide version 3.0,” Microelectronics Center of North Carolina (MCNC), 1991.
[20] T. Kam, T. Villa, R. Brayton, and A. Sangiovanni-Vincentelli, “A fully implicit algorithm for exact state minimization,” 31st Design Automation Conference, pp. 684–690, 1994.
[21] E. Sentovich, K. Singh, C. Moon, H. Savoj, R. Brayton, and A. Sangiovanni-Vincentelli,“Sequential circuit design using synthesis and optimization,” Proceedings 1992 IEEE International Conference on Computer Design: VLSI in Computers & Processors, pp. 328–333, 1992.
[22] Brayton, Robert, Mishchenko, and Alan”, “Abc: An academic industrial-strength verification tool,” Springer Berlin Heidelberg, pp. 24–40, 2010