Titan: Security Analysis of Large-Scale Hardware Obfuscation Using Graph Neural Networks

Hardware obfuscation is a prominent design-for-trust solution that thwarts intellectual property (IP) piracy and reverse-engineering of integrated circuits (ICs). Researchers have proposed several large-scale obfuscation techniques that achieve high output corruption-thus offering resilience against seminal attacks along with acceptable power, performance, and area overheads. However, the research community has primarily evaluated hardware obfuscation on relatively small scales of obfuscation (i.e., a fixed number of obfuscated components). Moreover, prior art caters toward specific schemes based either on gate obfuscation or interconnect obfuscation, i.e., two prominent types of hardware obfuscation. The former shortcoming suggests focusing on large-scale obfuscation schemes, and the latter suggests the need for a holistic assessment framework. In this work, we propose Titan, a holistic framework considering large-scale gate and interconnect obfuscation schemes. More specifically, we propose a graph neural network (GNN)-based attack framework that is trained to exploit structural and functional properties of any secured circuit to recover its obfuscated components. We evaluate Titan on various obfuscation schemes, considering selected ITC-99 benchmarks with up to 50% obfuscation scale, i.e., up to 21,326 obfuscated components. We observe a substantial information leakage through structural and functional properties of secured designs even for large-scale obfuscation. We quantify the information leakage in two ways: first, an average reduction of Hamming distance (HD, a well-established metric for attack evaluation) by 23.27 and 16.19 percentage points over the baseline of random guessing for gate and interconnect obfuscation, respectively; second, an average recovery of 63.40% and 77.94% of obfuscated components for gate and interconnect obfuscation, respectively. Importantly, these results are superior to six state-of-the-art attacks. We will open-source our framework and associated artifacts to enable reproducibility and foster future work.