Showing papers by "Hai Zhou published in 2017"
10 May 2017
TL;DR: A SAT-based attack called Double DIP is proposed and shown to successfully defeat SARLock-enhanced encryptions, which would weaken the security of existing logic encryptions.
Abstract: Logic encryption is a hardware security technique that uses extra key inputs to lock a given combinational circuit. A recent study by Subramanyan et al. shows that all existing logic encryption techniques can be successfully attacked. As a countermeasure, SARLock was proposed to enhance the security of existing logic encryptions. In this paper, we re-evaluate the security of these approaches. A SAT-based attack called Double DIP is proposed and shown to successfully defeat SARLock-enhanced encryptions.
172 citations
13 Nov 2017
TL;DR: CycSAT as mentioned in this paper is a SAT-based algorithm based on SAT with different acyclic conditions that can efficiently decrypt cyclic encryptions, even though feedback cycles introduce extra difficulty for an attacker.
Abstract: Cyclic logic encryption is a newly proposed circuit obfuscation technique in hardware security. It was claimed to be SAT-unresolvable because feedback cycles were intentionally inserted under keys into the encryption. We show in the paper that even though feedback cycles introduce extra difficulty for an attacker, they can still be overcome with SAT-based techniques. Specifically, we propose CycSAT Algorithms based on SAT with different acyclic conditions that can efficiently decrypt cyclic encryptions. Experimental results have shown that our CycSAT is efficient and effective to decrypt cyclic encryptions, and we need to develop new encryptions with better security properties.
104 citations
Journal Article•
TL;DR: In this article, a SAT-based attack called Double DIP is proposed and shown to successfully defeat SARLock-enhanced encryptions, which is a countermeasure to enhance the security of existing logic encryptions.
Abstract: Logic encryption is a hardware security technique that uses extra key inputs to lock a given combinational circuit. A recent study by Subramanyan et al. shows that all existing logic encryption techniques can be successfully attacked. As a countermeasure, SARLock was proposed to enhance the security of existing logic encryptions. In this paper, we re-evaluate the security of these approaches. A SAT-based attack called Double DIP is proposed and shown to successfully defeat SARLock-enhanced encryptions.
99 citations
Journal Article•
TL;DR: It is shown in the paper that even though feedback cycles introduce extra difficulty for an attacker, they can still be overcome with SAT-based techniques.
Abstract: Cyclic logic encryption is a newly proposed circuit obfuscation technique in hardware security. It was claimed to be SAT-unresolvable because feedback cycles were intentionally inserted under keys into the encryption. We show in the paper that even though feedback cycles introduce extra difficulty for an attacker, they can still be overcome with SAT-based techniques. Specifically, we propose CycSAT Algorithms based on SAT with different acyclic conditions that can efficiently decrypt cyclic encryptions. Experimental results have shown that our CycSAT is efficient and effective to decrypt cyclic encryptions, and we need to develop new encryptions with better security properties.
38 citations
Journal Article•
TL;DR: A suite of scientific encryption benchmarks where a wide range of error rates are possible and the error rate can be found out by simple eyeballing is developed and a thorough comparative study on different approximate attacks is conducted.
Abstract: Logic encryption is an important hardware protection technique that adds extra keys to lock a given circuit. With recent discovery of the effective SAT-based attack, new enhancement methods such as SARLock and Anti-SAT have been proposed to thwart the SAT-based and similar exact attacks. Since these new techniques all have very low error rate, approximate attacks such as Double DIP and AppSAT have been proposed to find an almost correct key with low error rate. However, measuring the performance of an approximate attack is extremely challenging, since exact computation of the error rate is very expensive, while estimation based on random sampling has low confidence. In this paper, we develop a suite of scientific encryption benchmarks where a wide range of error rates are possible and the error rate can be found out by simple eyeballing. Then, we conduct a thorough comparative study on different approximate attacks, including AppSAT and Double DIP. The results show that approximate attacks are far away from closing the gap and more investigations are needed in this area.
21 citations
06 Mar 2017
TL;DR: A novel task mapping approach for HWNoC is introduced in order to first balance the usage of wireless links by avoiding congestion over wireless routers and second spread temperature across the whole chip by utilizing dark silicon.
Abstract: Hybrid Wireless Network-on-Chip (HWNoC) provides high bandwidth, low latency and flexible topology configurations, making this emerging technology a scalable communication fabric for future Many-Core System-on-Chips (MCSoCs). On the other hand, dark silicon is dominating the chip footage of upcoming MCSoCs since Dennard scaling fails due to the voltage scaling problem that results in higher power densities. Moreover, congestion avoidance and hot-spot prevention are two important challenges of HWNoC-based MCSoCs in dark silicon age, Therefore, in this paper, a novel task mapping approach for HWNoC is introduced in order to first balance the usage of wireless links by avoiding congestion over wireless routers and second spread temperature across the whole chip by utilizing dark silicon. Simulation results show significant improvement in both congestion and temperature control of the system, compared to state-of-the-art works.
17 citations
TL;DR: An efficient method which incorporates a set packing for generating DSA template candidates and a local search method for DSA multiple patterning and a multi-start strategy is integrated into the framework to prevent the local minima.
Abstract: Directed self-assembly (DSA) complemented with multiple patterning (MP) is an attractive next generation lithography (NGL) technique for contact-hole generation Nevertheless, a high-quality DSA-aware layout decomposer is required to enable the technology In this article, we introduce an efficient method which incorporates a set packing for generating DSA template candidates and a local search method Besides, a multi-start strategy is integrated into the framework to prevent the local minima Our framework encourages the reuse of existing coloring solvers Hence, the development cost can significantly be reduced In addition, for DSA multiple patterning where the number of masks is larger than two, we present an efficient iterative partition based method Experimental results show that compared with the state-of-the-art work, our methods can achieve roughly 100× speedup for double patterning, and 788% conflict reduction with 5× speedup for triple patterning on the dense graphs
6 citations
16 Feb 2017
TL;DR: Experimental results show that compared with a previous ILP-based method, this method can achieve a 200X speedup and competitive solution quality and inserting cuts can resolve the spacing conflicts in some circumstances.
Abstract: End Cutting 1D layout design is a promising candidate for sub-10nm process nodes. Given a 1D layout with horizontal wires, cut redistribution technique is used for sliding the line-end cuts in order to align them vertically or resolve spacing conflicts. The aligned cuts can then be merged into a single shot of cuts. In this paper, we proposed a network flow based method for efficient cut redistribution and insertion. Normally, a pair of movable cuts could have three possible relations, left-of, right-of and merge-into. We observe that if the left-right-merge orderings of cuts are fixed, the cut redistribution can be formulated as a network flow problem, which can be solved efficiently. We also find that inserting cuts can resolve the spacing conflicts in some circumstances. This cut insertion strategy is introduced in our proposed method to reduce the spacing conflicts. Moreover, the complementary e-beam lithography for printing the cuts is also considered in this paper. Experimental results show that compared with a previous ILP-based method, our method can achieve a 200X speedup and competitive solution quality.
2 citations
01 Dec 2017
TL;DR: The experimental results show that the proposed TM model can reduce 40% of transaction aborts, and improve the parallel performance 25% on software TM platform and 11% on hardware TM platform.
Abstract: Transaction memory (TM) is a programming friendly technology for thread synchronization in parallel pro- gramming paradigm. Transaction memory maintains Atomic- ity, Consistency, Isolation and Durability (ACID) characters of transactions. When data conflicts in multi-thread paradigm, the transaction has to be aborted, rolled back, and executed again and again until the transaction commits successfully. Although such infinitely retrying strategy of TM has only one exit and the programming flow of applications is very simple, its parallel efficiency is not high enough. In this paper, we proposed a new transaction memory model for parallel programming. When the transaction aborts N times for the reason of data conflict, we will append this transaction to the tail of task queue. We implement this N-retry TM model in software and hardware transaction memory platform. The experimental results show that the proposed TM model can reduce 40% of transaction aborts, and improve the parallel performance 25% on software TM platform and 11% on hardware TM platform.
2 citations
01 Jan 2017
TL;DR: This work has shown that any best-possible obfuscation of a sequential circuit can be accomplished by a sequence of four operations: retiming, resynthesis, sweep, and conditional stuttering, and a Key-Locked OBfuscation scheme is developed to protect hardware IP against piracy.
Abstract: Structural transformation-based obfuscation is an approach to avoid the manipulation of the state transition graph of design, thus avoiding the state explosion problem. An obfuscation is called best-possible if the obfuscated design leaks no more information than any other design of the same function. It is first shown that any best-possible obfuscation of a sequential circuit can be accomplished by a sequence of four operations: retiming, resynthesis, sweep, and conditional stuttering. Then a Key-Locked OBfuscation (KLOB) scheme is developed to protect hardware IP against piracy. Starting with an original circuit, KLOB first adds stuttering with conditions both on key checking and on the original circuit and then obfuscates the conditionally stuttered circuit by a sequence of retiming , resynthesis, and sweep. With the correct key, the circuit will run in the original speed; otherwise, it will run much slower. Potential attacks and the countermeasures are thoroughly discussed.
2 citations
10 May 2017
TL;DR: This paper proposes to deploy security invariant as carried proof to prevent and detect Trojans and malicious attacks and to ensure the security of hardware design.
Abstract: Due to the increasing complexity of design process, outsourcing, and use of third-party blocks, it becomes harder and harder to prevent Trojan insertion and other malicious design modifications In this paper, we propose to deploy security invariant as carried proof to prevent and detect Trojans and malicious attacks and to ensure the security of hardware design Non-interference with down-grading policy is checked for confidentiality Contrary to existing approaches by type checking, we develop a method to model-check a simple safety property on a composed machine Down-grading is handled in a better way in model-checking and the effectiveness of our approach is demonstrated on various Verilog benchmarks
01 Jul 2017
TL;DR: This paper utilizes an emerging non-volatile resistive device, memristor, with timing violation detectors to dynamically achieve local recovery from timing violation during the runtime, eliminating the necessity of testing phase.
Abstract: Process variation is the dominating factor for performance degradation in modern IC chips. The conventional guard-band design methodology leads to significant performance penalty. This paper utilizes an emerging non-volatile resistive device, memristor, with timing violation detectors to dynamically achieve local recovery from timing violation during the runtime, eliminating the necessity of testing phase. It develops a systematic self-tuning mechanism that globally adjusts the clock skew scheduling to compensate the timing violation, and determines the tunability of the memristor-based self-tunable circuits. It also proposes an algorithmic memristor placement across the clock tree to balance the tradeoff between hardware cost and system tunability. Experimental results show that our approach can improve the yield from 90% to 98% with only 4% overhead in average.
Posted Content•
TL;DR: In this paper, the SAT-based bit-flipping attack is presented, which first separates the two groups of keys via SATbased bitflippings, and then attacks the traditional encryption and the SATresilient encryption, by conventional SATbased attack and by-passing attack, respectively.
Abstract: Logic encryption is a hardware security technique that uses extra key inputs to prevent unauthorized use of a circuit. With the discovery of the SAT-based attack, new encryption techniques such as SARLock and Anti-SAT are proposed, and further combined with traditional logic encryption techniques, to guarantee both high error rates and resilience to the SAT-based attack. In this paper, the SAT-based bit-flipping attack is presented. It first separates the two groups of keys via SAT-based bit-flippings, and then attacks the traditional encryption and the SAT-resilient encryption, by conventional SAT-based attack and by-passing attack, respectively. The experimental results show that the bit-flipping attack successfully returns a circuit with the correct functionality and significantly reduces the execution time compared with other advanced attacks.
16 Feb 2017
TL;DR: A better algorithm is developed that reduces the shot numbers to less than half of theirs in average and introduces the merit frequency/area (f/A) to select candidate characters and proposes an accurate and efficient algorithm to estimate the occupied area of characters before placement.
Abstract: Character projection is a promising technique to dramatically improve throughput of E-beam lithography. However, its effectiveness depends on how good the stencils are planned and optimized. Recently Kuang and Young proposed an efficient heuristic based on 2-D bin-packing for the stencil optimization. In this paper, we identified drawbacks in their approaches, and developed a better algorithm that reduces the shot numbers to less than half of theirs in average. The key point is introducing the merit frequency/area (f/A) to select candidate characters and proposing an accurate and efficient algorithm to estimate the occupied area of characters before placement. Experimental results verify the effectiveness of the proposed method.