{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T17:58:15Z","timestamp":1764784695720},"reference-count":0,"publisher":"Universitatsbibliothek der Ruhr-Universitat Bochum","license":[{"start":{"date-parts":[[2021,7,9]],"date-time":"2021-07-09T00:00:00Z","timestamp":1625788800000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["TCHES"],"abstract":"<jats:p>Logic locking is a prominent solution to protect against design intellectual property theft. However, there has been a decade-long cat-and-mouse game between defenses and attacks. A turning point in logic locking was the development of miterbased Boolean satisfiability (SAT) attack that steered the research in the direction of developing SAT-resilient schemes. These schemes, however achieved SAT resilience at the cost of low output corruption. Recently, cascaded locking (CAS-Lock) [SXTF20a] was proposed that provides non-trivial output corruption all-the-while maintaining resilience to the SAT attack. Regardless of the theoretical properties, we revisit some of the assumptions made about its implementation, especially about security-unaware synthesis tools, and subsequently expose a set of structural vulnerabilities that can be exploited to break these schemes. We propose our attacks on baseline CAS-Lock as well as mirrored CAS (M-CAS), an improved version of CAS-Lock. We furnish extensive simulation results of our attacks on ISCAS\u201985 and ITC\u201999 benchmarks, where we show that CAS-Lock\/M-CAS can be broken with \u223c94% success rate. Further, we open-source all implementation scripts, locked circuits, and attack scripts for the community. Finally, we discuss the pitfalls of point function-based locking techniques including Anti-SAT [XS18] and Stripped Functionality Logic Locking(SFLL-HD) [YSN+17], which suffer from similar implementation issues.<\/jats:p>","DOI":"10.46586\/tches.v2021.i3.418-440","type":"journal-article","created":{"date-parts":[[2021,7,9]],"date-time":"2021-07-09T10:07:35Z","timestamp":1625825255000},"page":"418-440","source":"Crossref","is-referenced-by-count":16,"title":["Breaking CAS-Lock and Its Variants by Exploiting Structural Traces"],"prefix":"10.46586","author":[{"given":"Abhrajit","family":"Sengupta","sequence":"first","affiliation":[]},{"given":"Nimisha","family":"Limaye","sequence":"additional","affiliation":[]},{"given":"Ozgur","family":"Sinanoglu","sequence":"additional","affiliation":[]}],"member":"25480","published-online":{"date-parts":[[2021,7,9]]},"container-title":["IACR Transactions on Cryptographic Hardware and Embedded Systems"],"original-title":[],"link":[{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/8981\/8558","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/8981\/8558","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,9]],"date-time":"2021-07-09T10:07:36Z","timestamp":1625825256000},"score":1,"resource":{"primary":{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/8981"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,9]]},"references-count":0,"URL":"https:\/\/doi.org\/10.46586\/tches.v2021.i3.418-440","relation":{},"ISSN":["2569-2925"],"issn-type":[{"value":"2569-2925","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,7,9]]}}}