Abstract
While logic locking is a promising defense to protect hardware designs, many attacks have been shown to undermine its security by retrieving the secret key. All the powerful attacks rely on a working chip, i.e., an oracle, and in particular, heavily use the test access. The proposed technique DisORC turns the oracle into a dishonest one whenever a potential attack is detected. DisORC works on the premise that structural testing of chips need not be performed with the correct functionality. We implement this capability by adding circuitry around a logic-locked design that reconfigures its functionality upon detecting access to scan chains. Any attempt to access scan chains disconnects the secret key from the circuit, and clears all of its traces, isolating and securing it. We also pair this defense with a truly random logic locking (TRLL) scheme that makes random decisions in inserting key gates and retaining signal polarities without relying on any logic synthesis technique to perform bubble pushing. Any netlist analysis-based attack, known or anticipated, will then learn nothing useful to infer the key values. The combined defense DisORC + TRLL thwarts oracle-based and netlist analysis-based attacks while delivering sufficient corruption levels at the outputs. We also show that the proposed defense is cost effective and can be integrated into the design flow easily. The proposed logic locking defense provides protection against untrusted foundry, testing facility, end users, and any combination of them colluding together.

Abstract
Logic locking has received a lot of attention in the literature due to its very attractive hardware-security characteristics: it can protect against IP piracy and overproduction throughout the whole IC supply chain. However, a large class of logic-locking attacks, the oracle-based ones, take advantage of a functional copy of the chip, the oracle, to extract the key that protects the chip. So far, the techniques dealing with oracle-based attacks focus on the netlist that the attacker possesses, assuming that the oracle is always available. For this reason, they are usually overcome by new attacks. In this paper, we propose a hardware security scheme that targets the protection of the oracle circuit, by locking the circuit when the, necessary for setting the inputs and observing the outputs, scan in/out process begins. Hence, no correct input/output pairs can be acquired to perform the attacks. The proposed scheme is not based on controlling global signals like test_enable or scan_enable, whose values can be easily suppressed by the attacker. Security threats are identified, discussed and addressed. The developed scheme is combined with a traditional logic locking technique with high output corruptibility, to achieve increased levels of protection.

Abstract
Logic locking has been successfully used for protecting digital circuits against IC piracy. Modern logic locking techniques offer significant security advantages, like high corruptibility of the locked circuit's outputs when applying random keys (= 50% Hamming Distance -HD- compared to the correct outputs), or resilience to the key-sensitization attack. However, there are no techniques to combine both advantages. To solve this problem, weighted logic locking is proposed in this paper. Instead of the conventional single key-input control, the proposed technique uses multiple key-inputs to control every key-gate. This new, weighted key-gate control is by construction immune to the key-sensitization attack, while by employing a new key-gate insertion metric, 50% HD is obtained even for circuits with many outputs. Additionally, weighted key-gate control increases dramatically the probability of any key-gate to corrupt the circuit’s values, which means that fewer key-gates are needed to achieve 50% HD. This way, execution time for locking the circuits is drastically reduced. Apart from these advantages, weighted logic locking is fairly "generic" and can be combined with other techniques to improve security (e.g., to thwart the SAT attack).