Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Security Software IT Hardware

Semi-Automatic Hacking of Masked ROM Code From Microscopic Images 42

Posted by Soulskill
from the making-a-computer-read-a-computer dept.
An anonymous reader writes "Decapping chips and recovering code or data is nothing new, but the old problem of recovering Masked ROM through visual inspection (binary '0' and '1' can be distinguished within the images) is normally done by crowd sourcing a manual typing effort. Now a tool that semi-automates this process and then recovers the data automatically has been released."
This discussion has been archived. No new comments can be posted.

Semi-Automatic Hacking of Masked ROM Code From Microscopic Images

Comments Filter:
  • Nice 8085 example (Score:5, Interesting)

    by ranulf (182665) on Wednesday February 06, 2013 @04:34AM (#42806433)
    For a nice example of this being done by humans, see Ken Shirriff's decoding of the 8085 instruction decode logic [].
  • This is awesome... (Score:5, Interesting)

    by jonwil (467024) on Wednesday February 06, 2013 @05:54AM (#42806751)

    Could be useful for future MAME work if someone is able to decap (and photograph) various otherwise un-dumpable mask-ROM-based MCUs and other chips.

  • by Rik Sweeney (471717) on Wednesday February 06, 2013 @06:40AM (#42806927) Homepage

    Interestingly, this was done for Bubble Bobble to ensure that the emulation was perfect: []

  • by Anonymous Coward on Wednesday February 06, 2013 @09:43AM (#42808125)
    I also work at a large semiconductor company. There is some interesting research in both mitigating and defeating chip security. One attack technique for breaking into chips is to hold the debug line high and scan a laser over the surface of the chip to randomly flip bits, hoping to flip the one that is locking the debug line low. If the hardware designers were not thinking about redundantly, physically separating things on the chip, you might enable debug mode which bypasses all the lockdowns and encryptions.

    Hardware designers are wise to this of course, and now there are often entirely separate ARM cores with no purpose other than as a data integrity watchdog on the 'main' system(s) that can shut everything down. There are some very popular chips which use 2 identical ARM cores, one of which is delayed by 2 cycles. There is a dedicated circuit that performs a CMP on the output of the two chips and shuts everything down if there are any differences.

    I have seen designs that hardware encrypt everything including the bus and the EEPROM, so all program code is stored in the EEPROM encrypted, so who cares if you can image it? The decryption key is stored, also encrypted, in the EEPROM as well. There is a separate master boot key which decrypts the memory decryption key stored in a special battery-backed RAM register, which does not leave an 'after-image'. If the hardware watchdog system detects any shenanigans, or if you try to remove the chip from the system without preserving the battery backing, the master key is simply flushed and the chip rebooted. At that point it looks like a blank chip that hasn't been through UV erase (random data everywhere).

    I'm not a uC or hardware guy so some of this might be old news, but I found it interesting at least.

The universe is all a spin-off of the Big Bang.