Break IC, Recover MCU, Microcontroller Reverse Engineering

Posts Tagged ‘dsp mcu source code decryption’

MCU Code Decryption happens after extract microcontroller heximal file out from its embedded program and data memory through unlock MCU method;

In terms of non-invasive MCU Code Decryption, EPROM memory has some advantages over EEPROM and Flash memories as it is more robust against power glitch decryptions. This happens because it has a simpler structure, larger cell size, thicker gate oxide and no on-chip high-voltage charge pumps.

The sense amplifiers used to distinguish between ‘0’ and ‘1’ logic states are much simpler in EPROM and less sensitive to the power supply voltage. Against semi-invasive mcu source code decryption, EPROM memory is also better than EEPROM and Flash. For example, the fault injection decryption that will be discussed later can be used to modify the contents of the cell but for EPROM much higher power is required.

That makes OTP microcontrollers more attractive in the applications where high security is required. Unfortunately modern microcontrollers do not use this type of memory any more as it cannot be reprogrammed, has lower density than the Flash memory and is thus more expensive. That forces semiconductor manufacturers to introduce additional protection against unauthorised access to the memory contents.

For example, modern smartcards do not have hardware control for access to the on-chip Flash and EERPOM memories, but only a bootstrap loader located in the Flash memory that overwrites itself during first initialisation, eliminating any possible access to the information (unless implemented by the customer). Hardware access to the memory has multi-level security protection ensuring that access will not be granted unless all the requirements are met. In some microcontrollers, very sophisticated access password protection is implemented.