As we all know, China's chip manufacturing technology has been far behind the European and American countries, and chip decryption technology is a key link in our study and exploration of chip encryption technology. So chip decryption technology occupies a very important position in China's scientific and technological strength, how to carry out chip decryption, is also a topic we need to understand.
Next, I will introduce the knowledge about how to decrypt the chip from three aspects.
l Conditions for chip decryption.
l The method of chip decryption.
l Classification of chip decryption methods.
To decoding a chip for effective chip crack, or program decryption, we need to have two conditions, first of all, we must have a certain knowledge of science and technology, understand the different chip is suitable for what kind of encryption method, and understand all kinds of chip decryption method, know how to turn encrypted chips into not encrypted; Second, there must be a tool to read the program -- the programmer. Not all programmers have the ability to read programs. This is why we sometimes develop a readable programmer in order to decrypt a chip.
There are a variety of chip decryption methods, we need to make a suitable choice according to the type of chip, the environment and the actual situation, after a preliminary summary, about a total of 6 chip decryption methods.
1. Software attacks. This technique typically uses processor communication interfaces and exploits protocols, encryption algorithms, or security holes in these algorithms to attack. The attacker took advantage of the loophole in the design of the timing sequence of the erasure operation of the series of single-chip microcontrollers. After erasing the encryption lock location, the attacker used self-programmed programs to stop the next operation of erasing the in-chip program memory data, so that the over encrypted single-chip microcontroller became the unencrypted one, and then used the programmer to read the in-chip program.
2. Electronic detection. The technology typically monitors the analog characteristics of all power and interface connections of the processor during normal operation at the high temporal resolution, and attacks by monitoring its electromagnetic radiation characteristics. In this way, by using special electronic measuring instruments and mathematical statistical methods to analyze and detect these changes, specific key information in the single chip microcomputer can be obtained. As for the RF programmer, it can directly read the program in the older model of encrypted MCU, using this principle.
3. Fault occurring. This technique uses abnormal operating conditions to cause the processor to fail, and then provides additional access to attack. The most widely used fault generating attack means include voltage shock and clock shock. Low - and high-voltage attacks can be used to disable protective circuits or force the processor to perform incorrect operations. A clock transient jump may reset the protected circuit without destroying the protected information. Power and clock transient jumps can affect the decoding and execution of a single instruction in some processors.
4. Probe technology. The technology is to directly expose the internal connection of the chip, and then observe, control, interfere microcontroller to achieve the purpose of the attack.
5. Ultraviolet method. Ultraviolet attack is also known as the UV attack method, is to use ultraviolet radiation chip, so that the encrypted chip into the unencrypted chip, and then use the programmer directly read the program.
6. Chip vulnerabilities. Many chips are designed with encryption flaws that can be exploited to attack the code in the chip's read-out memory.
For convenience, the first four attack techniques have been grouped into two categories. One is intrusive (physical) attacks, which require breaking the package and then taking hours or even weeks to complete in a dedicated laboratory with the help of semiconductor testing equipment, microscopes and microlocators. All microprobe techniques are intrusive attacks. The other type is non-invasive attack.
We are Shenzhen Bo Yun Fa Technology Co.,Ltd, Since its establishment, we have been committed to providing global customers with high-precision PC machines, parts procurement and PC unit assembly tasks. Compared with other companies of the same type, we have the following advantages: One-stop service, fair prices, fast and punctual orders, high quality customer service and quality assurance services, and no minimum quantity requirements for customers to order, etc., which provides customers with a more convenient and economical shopping mode. In the future, we will continue to carry forward our advantages, to provide customers with more intimate service.
Boyunfa is a printed circuit board company, Located in Shenzhen,520 employees,16000 square feet, Who have offered PCB Manufacturing Service for more than 10 years.With the state-of-the-art technologies we employ, along with our highly trained workforce we are able to ensure that every PCB we provide matches your design requirements.