We Built a Circuit Locking Service — and You Can Use It Right Now

Posted byMohamed El MassadPosted inUncategorizedTags:, , , , , , , , ,

If you design chips, work in hardware security, or just find the idea of cryptographically protecting a circuit interesting, this post is for you. We just launched a free web service that lets you lock any combinational circuit using a provably secure technique called Indistinguishable Locking (LCI). You upload a BLIF netlist, and we hand back a locked version that is mathematically guaranteed to be indistinguishable from a random circuit without the secret key.

No setup. No installation. Just upload and lock.

The Problem: Chip Designs Get Stolen

Modern semiconductor supply chains are complicated. A chip designed in one country gets fabricated in another, tested somewhere else, and assembled somewhere else entirely. At each step, there are opportunities for an untrusted party to reverse-engineer the design, overproduce unauthorized copies, or insert malicious modifications.

Logic locking is the field that tries to solve this. The idea is simple in principle: before you hand your design to the fab, you lock it. You add extra circuitry that makes the chip produce wrong outputs unless the correct secret key is loaded into tamper-proof on-chip memory. The fab can build it, but they can’t meaningfully copy it without the key.

The hard part is doing this in a way that’s actually secure. Many locking schemes that looked promising have been broken by algorithmic attacks — most famously the SAT attack, which frames the unlocking problem as a satisfiability query and solves it automatically in hours on many locked circuits.

The Solution: Indistinguishable Locking (LCI)

LCI, introduced at IEEE CSF 2022, takes a different approach. Instead of just adding key-controlled gates, it wraps your entire circuit in a cryptographic construction based on two well-studied primitives:

  • Trivium, a lightweight stream cipher used to generate a keystream
  • A GGM-style PRF tree, which uses that keystream to build a pseudorandom function

The result is a miter circuit: your original circuit XOR’d with this PRF, output by output. The locked circuit is delivered as a BDD (Binary Decision Diagram) representation of this miter.

The security guarantee is formal: under standard cryptographic assumptions, the locked circuit is computationally indistinguishable from any other circuit of the same size. This is a much stronger claim than most locking schemes make. It means that no polynomial-time adversary — including SAT-based attacks — can extract useful information about your design from the locked version.

The secret key is the Trivium seed, generated fresh for every locking job using your hardware’s random number generator. It never leaves your hands.

How to Use the Service

It’s straightforward. Head to https://untheologically-noncholeric-macey.ngrok-free.dev, and you’ll see a simple dashboard.

  1. Drop your BLIF file onto the upload zone (or click to browse)
  2. Click “Lock Circuit” — the job is submitted immediately and runs in the background
  3. Poll the status — the dashboard updates automatically every few seconds
  4. Download your locked circuit as a BDD when the job completes

The service accepts any combinational BLIF netlist. We’ve tested it on standard ISCAS-85 benchmarks as well as real-world designs like an ARINC 429 transmitter interface. The locked circuit is delivered as a BDD of the miter, which compactly encodes the full locked function.

A few practical notes:

  • The locking time scales with circuit complexity — small benchmarks finish in under a minute, larger ones may take several minutes
  • Memory is the main bottleneck for very large circuits; circuits with XOR-heavy structure (like c499) are particularly demanding on BDD construction
  • The service runs rate limiting and a job queue cap to keep things fair for everyone

What’s Under the Hood

The service is built on a FastAPI backend with a SQLite job store, so jobs persist across server restarts. Each locking job runs in its own process, so multiple circuits can be locked in parallel without blocking the server.

The core locking pipeline:

  1. Parse the input BLIF to extract port names and gate count
  2. Run our C++ PRF generator (setup), which instantiates Trivium+GGM with a fresh random key from random_device
  3. Build the miter: stitch PRF and original circuit together with XOR gates on the outputs
  4. Construct the BDD of the miter using our Python BDD engine with constant folding — the key optimization that makes large circuits tractable

The constant folding step is what separates our approach from running ABC directly on the miter. Since the Trivium key is hardcoded at locking time, roughly half the circuit folds to constants before BDD construction even begins. This turns a computation that would take days (or exhaust memory) into one that completes in minutes.

Try It

The service is free and open to researchers, students, and engineers. Point your browser at https://untheologically-noncholeric-macey.ngrok-free.dev and upload a BLIF netlist to get started.

If you want to dig into the theory, the original LCI paper is available at https://doi.org/10.1109/CSF54842.2022.9919691.

We’re actively working on scaling the BDD construction step to handle larger circuits. If you have a circuit that pushes the limits or you hit an issue, we’d love to hear about it.

Black Box Chip is an early-stage hardware security startup building tools for provably secure logic locking. This service is a research demo based on work published at IEEE CSF 2022.

Leave a comment