What is MCU Decryption?

Ⅰ. What is MCU  decryption?

Users can store programs and working data in an internal program area and a data area (or both) on a microcontroller (MCU) (or one of them). Most microcontrollers contain encrypted lock bits or encrypted bytes to prevent unauthorized access or copying of the microcontroller's on-chip code.

The program in the microcontroller cannot be read directly by a common programmer if the encryption lock bit is enabled (locked) during programming, which is known as microcontroller encryption.

(PS: MCU programs are primarily written in Flash, and the majority of them can read or identify data on Flash in order to retrieve Firmware files, allowing for product copying.)

MCU attackers can exploit loopholes or software errors in MCU chip design, and use various technical techniques to extract critical information from the chip to access the program in the MCU. Which is known as MCU decryption.

Single-chip decryption is also known as single-chip decryption, chip decryption, and IC  decryption. These names aren't scientifically correct, but they've become common terms. CPLD and DSP decryption are commonly referred to as single-chip decryption. Microcontrollers are one of the many types of semiconductors that may be programmed.

DSP, CPLD,  PLD,  AVR,  ARM, and other processors may burn encrypted code. Of course, memory chips having storing functions, such as the DS2401, DS2501, AT88S0104, DM2602, AT88SC0104D, and others, can be encrypted. Chips with encryption algorithms for professional encryption or design verification of factory code work, as well as other functional chips, are among them. It is capable of achieving the goal of preventing electronic product duplication.

Ⅱ. MCU decryption method

2.1 Software Attacks

To carry out attacks, this technique usually makes use of processor communication interfaces and exploits protocols, encryption algorithms, or security flaws in these algorithms.

The attack on the early XXX series microcontrollers, for example, is a good illustration. The attacker exploited flaws in the design of this series of microcontrollers' erasing operation sequence, and used self-programming to stop the next operation of erasing the data in the on-chip program memory after erasing the encryption lock bit, transforming the encrypted microcontroller into an unencrypted single-chip microcomputer, and then reading the on-chip program with the programmer.

Currently, some equipment can be constructed based on different encryption algorithms to do software decryption with specific software.

Some programmers, for example, are used to locate the inserted bytes and determine whether there are continuous vacancies in the chip using a specific method, i.e., to determine whether there are continuous FFFF bytes in the chip, and the inserted bytes can then execute the program to send the on-chip program to the chip. A decrypted device intercepts the off-chip instructions, allowing the program inside the chip to be decrypted.

2.2 Electronic detection attack

This technique typically monitors the analog characteristics of all of the processor's power and interface connections with a high temporal resolution during normal operation and then executes the assault by monitoring the processor's electromagnetic radiation characteristics.

Because the microcontroller is an active electronic device, the power consumption changes as the microcontroller execute new instructions. In this way, certain vital information in the microcontroller can be retrieved by analyzing and detecting these changes utilizing special electronic measuring tools and mathematical-statistical methodologies.

2.3 Fault-generating technology

The method entails infiltrating the processor through unusual operating conditions and then granting extra access to carry out the assault. Voltage and clock surges are two of the most common fault-generating attacks.

To disable protective circuits or cause the CPU to perform erroneous operations, low-voltage and high-voltage attacks can be used. Clock transients have the potential to reset the protection circuit without erasing the protected data. In some processors, power and clock transients can impact the decoding and execution of individual instructions.

(PS: This method causes the MCU to run erratically, causing the MCU to become unprotected.)

2.4 Probe technology

To carry out the assault, the method involves exposing the chip's internal circuitry and then observing, manipulating, and interfering with the microcontroller.

Ⅲ. MCU  decryption classification

People divide the above four attack strategies into two categories for ease of understanding. The first is intrusive attack (physical attack), which requires destroying the package and then using semiconductor test equipment, microscopes, and micro-positioners in a specialist laboratory. It could take hours, days, or even weeks to finish.

Invasive assaults include all micro probing approaches. The other three ways are non-invasive attacks that do not cause physical harm to the microcontroller being targeted. Non-intrusive attacks are particularly harmful in some circumstances since the equipment needed for them can easily be self-built and modified, making them very inexpensive.

The majority of non-intrusive attacks necessitate good processor and software understanding on the part of the attacker. Invasive probing attacks, on the other hand, do not require much prior knowledge, and a comparable set of techniques can usually be applied to a wide range of items.

As a result, microcontroller attacks frequently begin with invasive reverse engineering, and the acquired experience aids in the development of less expensive and faster non-intrusive attack methodologies.

Ⅳ. Intrusive decryption process

The removal of the chip package is the initial stage in an intrusive attack (referred to as "opening", sometimes called "opening", English as "DECAP", decapsulation). There are two options for accomplishing this.

The first step is to melt the chip container entirely, revealing the metal connections.

The second option is to simply remove the plastic encapsulation from the top of the silicon core.

The first technique necessitates attaching the chip to the test fixture, which is controlled by a binding table. The second way demands not just certain knowledge and abilities on the part of the attacker, but also personal wisdom and patience, but it is reasonably simple to use and can be done entirely in the lab.

The chip's plastic may be scraped away with a knife, and the epoxy that surrounds it can be etched away using powerful nitric acid. The chip package will dissolve in hot concentrated nitric acid without damaging the chip or wires. Because water can damage exposed aluminum wire connections, this technique is usually done in relatively dry conditions (which may cause decryption failure).

The chip was then immersed in an ultrasonic bath after being cleaned with acetone to eliminate any remaining nitric acid.

The final step is to locate the protection fuse and expose it to UV light. To discover the protection fuse, a microscope with a magnification of at least 100 times is usually required to trace the connection of the programming voltage input pin. A rudimentary search can be performed without a microscope by exposing different sections of the chip to UV light and observing the results.

During operation, the chip should be covered with an opaque substance to prevent UV radiation from erasing the program memory. By exposing the protection fuse to ultraviolet light for 5 to 10 minutes, the protection function of the protection bit can be damaged. After that, using a basic programmer, the contents of the program memory can be read out directly.

UV light cannot be used to reset the protection circuit on microcontrollers that use a protective layer to protect the EEPROM cells. Microprobe technology is commonly used to read the memory contents of this sort of microcontroller. Placing the chip under a microscope after it has been opened makes it easy to locate the data bus that connects the memory to the rest of the circuit.

In programming mode, the chip lock bit does not lock access to memory for some reason. By placing the probe on the data line and using this flaw, you may read all of the desired data. Restart the read operation in programming mode and attach the probe to a different data line to read out all of the information in the program and data memory.

Another way of attack is to detect protective fuses using microscopes and laser cutters, as well as all signal lines related to this area of the circuit.

Because of the weakness in the design, you can link 1 to 3 gold wires (commonly dubbed FIB: focused ion beam) to a signal line from the protective fuse to other circuits (or turn off the entire encryption circuit). The complete protection feature is turned off, allowing the contents of the program memory to be read without the use of a programmer.

Because general-purpose low-end single-chip microcomputers are not positioned to make safety products, they often do not provide targeted preventive measures and have low-security levels, despite the fact that most common single-chip microcomputers have the function of the fuse blowing to protect the code in the single-chip microcomputer.

Furthermore, the single-chip microcomputer has a wide range of applications, a high sales volume, frequent entrusted processing and technology transfer between manufacturers, and a large amount of technical data leakage, all of which make the use of design loopholes in this type of chip and the manufacturer's test interface, as well as modification of fuse protection bits and other intrusive types, possible. Attacking or non-invasive attacking methods make it easier to read the internal program of a single-chip microprocessor.

Ⅴ. Suggestions on Decryption of MCU 

With enough money and time, an attacker could possibly decrypt any single chip using the methods described above. This is a fundamental notion that system designers must always remember.

As a result, as an electronic product design engineer, it is critical to understand the latest single-chip attack technology, to know oneself and the enemy, and to know what to do in order to effectively prevent products that they have spent a lot of money and time painstakingly designing from being counterfeited overnight. occur.

The following are recommendations based on a company's decryption practices:

(1) Before choosing an encryption chip, thoroughly research and comprehend recent advances in single-chip breaking technology, particularly which single-chip microcomputers have been confirmed to be crackable. Choose single-chip microcomputers with fresh technology, new structure, and shorter time to market over chips that can be cracked or chips from the same series and model.

(2) Avoid using the most popular and well-researched chips for projects with high-security requirements.

(3) The product's original developer is usually characterized by high production. As a result, a somewhat uncommon and unpopular single-chip microcomputer can be chosen to make counterfeiting more difficult, and several uncommon single-chip microcomputers can be chosen.

(4) If the design cost allows, a smart card chip with a hardware self-destruction function should be chosen to effectively deal with physical attacks; additionally, when programming, add time to the timing function, such as using for a year, and all functions will be automatically stopped, increasing the cracker's cost.

(5) If the circumstances allow, two MCUs of different types can be utilized as backups and verification for each other, lowering the cost of cracking.

(6) To make it false, grind off details such as the chip model or reprint other models.

(7) Unpublished and unused microcontroller flag bits or units can be repurposed as software flag bits.

(8) In order to acquire legal protection, you need to mention the development time of your daimyo unit and the declaration that imitation must be investigated in the program area; also, while writing your daimyo, it can be random, that is, use some type of name. Because your name is different under different external situations, such as www.XXXXX.com, www.XXXXX.cn, www.XXXXX.com.cn, etc., it is more difficult to decompile and adapt your algorithm.

(9) You can blow out some of the internal pins using a high-end programmer, and you can also blast out the gold wire with homemade equipment. In China, decryption is nearly difficult at the moment. Even if decryption is possible, it will cost tens of thousands of dollars and require many master chips.

(10) Seal the entire circuit board with secret silica gel (epoxy potting glue). On the PCB, there are even more pointless pads. In addition, several non-essential components can be doped in the silica gel. Components make an attempt to obliterate the model number.

(11) You can use the programmer to alter the FF in the blank area to 00, thus filling in some vacant space in the chip, preventing the general decryptor from detecting the emptiness, and performing the following decryption operations.

Of course, fundamentally preventing the decryption of the single-chip microcomputer is impossible. Encryption and decryption technologies are continually evolving. Now, it can effectively be done with any single-chip microcomputer as long as someone is ready to pay for it, but programmers can also safeguard their development through legal measures in terms of cost and cycle length (such as patents).