In today’s world, sending a chip design to a third party foundry
for fabrication poses a serious threat to one’s intellectual property. To keep designs safe from adversaries, design obfuscation
techniques have been developed to protect the IP details of the
design. This paper explains how the previously considered secure
algorithm, TimingCamouflage+, can be thwarted and the original
circuit can be recovered [15]. By removing wave-pipelining false
paths, the TimingCamouflage+ algorithm is reduced to the insecure
TimingCamouflage algorithm [16]. Since the TimingCamouflage
algorithm is vulnerable to the TimingSAT attack, this reduction
proves that TimingCamouflage+ is also vulnerable to TimingSAT
and not a secure camouflaging technique [7]. This paper describes
how wave-pipelining paths can be removed, and this method of
handling false paths is tested on various benchmarks and shown to
be both functionally correct and feasible in complexity.
