Attack of the Genes: Finding Keys and Parameters of Locked Analog ICs Using Genetic Algorithm
| Autor: | Sreeja Chowdhury, Fatemeh Ganji, Domenic Forte, Rabin Yu Acharya |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2020 |
| Předmět: |
FOS: Computer and information sciences
Reverse engineering Computer Science - Cryptography and Security Analogue electronics Computer Science - Neural and Evolutionary Computing 02 engineering and technology Integrated circuit computer.software_genre 020202 computer hardware & architecture law.invention Computer engineering law Genetic algorithm Obfuscation 0202 electrical engineering electronic engineering information engineering Benchmark (computing) Netlist 020201 artificial intelligence & image processing Neural and Evolutionary Computing (cs.NE) Cryptography and Security (cs.CR) computer Electronic circuit |
| Zdroj: | HOST |
| Popis: | Hardware intellectual property (IP) theft is a major issue in today’s globalized supply chain. To address it, numerous logic locking and obfuscation techniques have been proposed. While locking initially focused on digital integrated circuits (ICs), there have been recent attempts to extend it to analog ICs, which are easier to reverse engineer and to copy than digital ICs. In this paper, we use algorithms based on evolutionary strategies to investigate the security of analog obfuscation/locking techniques. We present a genetic algorithm (GA) approach which is capable of completely breaking a locked analog circuit by finding either its obfuscation key or its obfuscated parameters. We implement both the GA attack as well as a more naive satisfiability modulo theory (SMT)-based attack on common analog benchmark circuits obfuscated by combinational locking and parameter biasing. We find that GA attack can unlock all the circuits using only the locked netlist and an unlocked chip in minutes. On the other hand, while the SMT attack converges faster, it requires circuit specification to execute and it also returns multiple keys that need to be brute-forced by a post-processing step. We also discuss how the GA attack can generalize to other recent analog locking techniques not tested in the paper. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|