The SAT Attack on IC Camouflaging: Impact and Potential Countermeasures

Integrated circuit (IC) camouflaging is a promising defense against so-called IC extraction attacks that seek to reverse engineer the netlist of a packaged IC using delayering and imaging techniques. Camouflaging works by hiding the Boolean functionality of selected gates in the netlist from reverse engineering, albeit at the cost of increased gate area and power. The intuitive security claim then is that the attacker cannot infer the netlist’s exact Boolean functionality. This paper describes a powerful class of attacks on IC camouflaging referred to as SAT attacks; the attacks use the input/output (I/O) behavior of a functional camouflaged IC along with the Boolean satisfiability (SAT)-based inference to reverse the Boolean functionalities of camouflaged gates. The SAT attack is rooted in a foundational complexity theory mindset and is shown to defeat defenses that previously claimed to secure against even the most determined adversaries. This paper then highlights the subsequent impact of the SAT attack in terms of new SAT-resilient defenses that emerged, their vulnerability to enhancements of the SAT attack, and implications of the attack on provably secure defense mechanisms.