Document Type : Research Article


School of Electrical and Computer Engineering, College of Engineering,University of Tehran, Tehran, Iran


The growing popularity of the fabless manufacturing model and the resulting threats have increased the importance of Logic locking as a key-based method for intellectual property (IP) protection. Recently, machine learning (ML)-based attacks have broken most existing locks by exploiting structural traces or undoing optimizations that obfuscate them. A common limitation of these attacks, however, is their reliance on the correlation between the locked circuit structure and the correct key value. In this paper, we introduce structural fuzzing as a simple, nondeterministic, non-optimizing heuristic algorithm that can obfuscate the lock against learning-based attacks, preventing the attacker from predicting the key. We proceed to apply structural fuzzing to multiplexer-based logic locking and propose HyLock, a logic lock with improved resilience against learning-based attacks. In common benchmarks, when compared with a state of the art logic lock, there is on average a 17% decrease in the number of correctly predicted key bits.


[1] A. Sengupta, N. Limaye, and O. Sinanoglu. Breaking CAS-Lock and its variants by exploiting structural traces. IACR Trans. Cryptographic Hardware and Embedded Syst., pages 418–440, 2021.
[2] D. Sisejkovic, F. Merchant, L. M. Reimann, and R. Leupers. Deceptive Logic Locking for Hardware Integrity Protection Against Machine Learning Attacks. IEEE Trans. Comput.-Aided Des. Integr. Circuits and Syst., pages 1716–1729, 2022.
[3] M. Yasin, A. Sengupta, M. T. Nabeel, M. Ashraf, J. (JV) Rajendran, and O. Sinanoglu. Provably-Secure Logic Locking: From Theory To Practice. In Proc. 2017 ACM SIGSAC Conf. Comput. and Commun. Secur., pages 1601–1618, 2017.
[4] B. Shakya, X. Xu, M. Tehranipoor, and D. Forte. CAS-Lock: A Security-Corruptibility Trade-off Resilient Logic Locking Scheme. IACR Trans. Cryptographic Hardware and Embedded Syst.,pages 175–202, 2020.
[5] P. Chakraborty, J. Cruz, A. Alaql, and S. Bhunia. SAIL: Analyzing Structural Artifacts of Logic Locking Using Machine Learning. IEEE Trans. Inf. Forensics and Secur., pages 3828–3842, 2021.
[6] L. Alrahis, S. Patnaik, M. Shafique, and O. Sinanoglu. OMLA: An Oracle-Less Machine Learning-Based Attack on Logic Locking. IEEE Trans. Circuits and Syst. II: Express Briefs, pages 1602–1606, 2022.
[7] L. Alrahis, S. Patnaik, J. Knechtel, H. Saleh, B. Mohammad, M. Al-Qutayri, and O. Sinanoglu. UNSAIL: Thwarting Oracle-Less Machine Learning Attacks on Logic Locking. IEEE Trans. Inf.Forensics and Secur., pages 2508–2523, 2021.
[8] C. Pilato, A. B. Chowdhury, D. Sciuto, S. Garg, and R. Karri. ASSURE: RTL Locking Against an Untrusted Foundry. IEEE Trans. Very Large Scale Integration (VLSI) Syst., pages 1306–1318, 2021.
[9] L. Alrahis, S. Patnaik, M. Shafique, and O. Sinanoglu. MuxLink: Circumventing Learning-Resilient MUX-Locking Using Graph Neural Network-based Link Prediction. In 2022 Des., Automat. & Test in Eur. Conf. & Exhib. (DATE), pages 694–699, 2022.
[10] D. Sisejkovic, L. M. Reimann, E. Moussavi, F. Merchant, and R. Leupers. Logic Locking at the Frontiers of Machine Learning: A Survey on Developments and Opportunities. In IFIP/IEEE Int. Conf. Very Large Scale Integration (VLSI-
SoC), pages 1–6, 2021.
[11] M.C. Hansen, H. Yalcin, and J.P. Hayes. Unveiling the ISCAS-85 benchmarks: a case study in reverse engineering. IEEE Des. & Test Comput., pages 72–80, 1999.
[12] F. Brglez, D. Bryan, and K. Kozminski. Notes on the ISCAS’89 Benchmark Circuits.
Benchmarks/iscas89.pdf, 1989. Retrieved January 7, 2023.
[13] F. Corno, M.S. Reorda, and G. Squillero. RT-level ITC’99 benchmarks and first ATPG results. IEEE Des. & Test Comput., pages 44–53, 2000.
[14] Skywater PDK: Open source process design kit for usage with SkyWater Technology Foundry’s 130nm node. Retrieved January 7, 2023.
[15] C. Wolf. Yosys Open SYnthesis Suite. Retrieved January 7, 2023.