Security Analysis for SCONE Logic Locking
Abstract
SCONE [DAC'25] expands a logic locking interface with additional encoded inputs derived from the original primary inputs, and admits two realizations: a with-ES variant, where the critical encoding stage is implemented in hardware, and a without-ES variant, where the locked design directly exposes an encoded interface of width n+m. We show that both realizations are vulnerable, but for different reasons. For the without-ES variant, we prove that, when the added encoded inputs are deterministic linear functions of the original inputs, the valid encoded-input space remains n-dimensional despite the nominal expansion to n+m inputs. Hence, the widened interface does not yield m additional or independent brute-force dimensions. For the with-ES variant, we present a polynomial-time white-box attack that exactly recovers the added-input count and the implemented linear encoding relation from the locked netlist, achieving 100\% recovery over all evaluated instances. We also develop a black-box procedure that certifies the same dimensionality collapse from valid encoded-input samples without reconstructing the hidden encoder. Experiments on ISCAS-85 and ITC-99 benchmarks validate both results, and we further demonstrate exact white-box recovery on an ARM Cortex-M0 RTL benchmark. Finally, we propose a lightweight non-linear mitigation and show that it does not exhibit the vulnerabilities identified in this paper under all representative attack sets considered in SCONE.
Turn this paper into a full lesson
ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.