Technical Articles
2025-01-18

How Early MCU Chips Were Encrypted?

Follow+Star PublicNumber, don’t miss the wonderful content

How Early MCU Chips Were Encrypted?

Source | IoVSecurity

Arrangement | strongerHuang

Since the birth of MCU in the 1970s, the technology for cracking chips and the solutions to prevent chips from being cracked have been in a constant chase of “the higher the skill, the higher the devil”, with one mountain higher than another.

This article will share the development history of microcontrollers in terms of security protection, and at the end of the article, summarize the advantages and disadvantages of the currently highest security level smart card chips.

Embedded Column

1

Single Board Machine Era

In the early 1970s, embedded systems were composed of separate components such as:CPU, ROM, RAM, I/O cache, serial ports, and other communication and control interfaces.

During this period, there were almost no protective measures to prevent intruders from copying the data in the ROM area on the single board machine, except for legal protections.

Embedded Column

2

Microcontroller Era

With the development of large-scale integrated circuit technology, the central processing unit (CPU), data memory (RAM), program memory (ROM), and other I/O communication ports have been integrated into a single microcontroller chip, replacing the single board machine. As shown:

How Early MCU Chips Were Encrypted?
During this period, the internal memory EEPROM and MCU were separately sealed within the same package. Intruders could use microprobes to obtain data.

Embedded Column

3

Security Fuse

With the increase in intruders, the MCU later added security fuses to prohibit access to data for its own safety. As shown:

How Early MCU Chips Were Encrypted?
Advantages:It is very easy to implement, requiring no complete redesign of the MCU architecture, just using fuses to control data access.
Disadvantages:Fuses can be easily located and attacked. For example, the state of a fuse can be modified by directly connecting the bit output to power or ground. Some can be cut with laser or focused ion beams to break the sensing circuit of the fuse. Non-invasive attacks can also succeed because a separate fuse layout differs from the normal storage array, allowing external signals to cause bits to be in a state that cannot be read correctly, thereby accessing information on the internal chip. Semi-invasive attacks can quickly lead to success for the attacker but require opening the chip packaging to approach the die. A well-known method is to use ultraviolet light to erase the security fuse.

Embedded Column

4

Security Fuse Becomes Part of Memory Array

Later, MCU manufacturers made security fuses part of the memory array, as shown:

How Early MCU Chips Were Encrypted?
Common fuses are very close to the main memory or share some control lines, manufactured using the same process as the main memory, making it difficult to locate the fuses. Non-invasive attacks can still be used, and external signals can cause the fuse bits to be in a state that cannot be read correctly. Similarly, semi-invasive attacks can also be used. Of course, attackers need more time to find the security fuses or the control circuits responsible for security monitoring, but this can be automated. Conducting invasive attacks will be very difficult and require manual operations, which will cost more to crack.

Embedded Column

5

Using Part of the Main Memory to Control External Data Access

By locking specific address areas of information upon power-up, it can be used as a security fuse.Or use a password to control access to memory.For example, Texas Instruments’ MSP430F112 can only perform read-back operations after entering the correct 32-byte password.If not entered, only after erasing the byte password can read-back operations be performed.Although this protection method seems more effective than previous ones, it has some disadvantages that can be cracked using low-cost non-invasive attacks, such as timing analysis and power consumption. If the state of the security fuse is part of the memory after power-up or reset, it gives attackers the opportunity to crack it using power noise, forcing the route into an erroneous state in the memory.

Embedded Column

6

Using Top Metal Networks

Using top metal network design increases the difficulty of intrusion.All grids are used to monitor short circuits and open circuits, and once triggered, will cause the memory to reset or clear. As shown:

How Early MCU Chips Were Encrypted?
Ordinary MCUs do not use this protection method because the design is difficult, and it can also be triggered under abnormal operating conditions, such as high-intensity electromagnetic noise, low or high temperatures, abnormal clock signals, or poor power supply. Therefore, some ordinary MCUs use cheaper pseudo-top metal grids, which can be attacked by very efficient optical analysis. Moreover, these grids cannot prevent non-invasive attacks. Similarly, they cannot effectively prevent semi-invasive attacks because there is capacitance between the wires, and light can reach the effective area of the circuit through the wires. In smart cards, some such grid lines are also laid between power and ground. Some programmable smart cards go further, simply cutting off the standard programming interface, or even removing the EEPROM reading interface, replacing it with a boot module that can erase or shield itself after code is loaded, and then only respond to functions supported by the user’s embedded software. This effectively prevents non-invasive attacks.

Embedded Column

7

Smart Card Chip Security Design

In recent years, some smart cards use memory bus encryption (Bus Encryption) technology to prevent probing attacks. As shown:

How Early MCU Chips Were Encrypted?
Data is stored in the memory in encrypted form. Even if an intruder obtains data from the data bus, it is impossible to know the key or other sensitive information (such as data restoration methods). This protection effectively prevents invasive and semi-invasive attacks. Some smart cards can even achieve different bus encryption keys for each card, so even if an intruder completely cracks it, they cannot produce chips with the same functionality because each smart card chip has a unique ID number, and it is impossible to buy smart cards with the same ID number. Additionally, it is worth mentioning that some smart cards design standard modular structures like decoders, register files, ALUs, and I/O circuits using similar ASIC logic. These designs become mixed logic (Gle Logic) designs. Mixed logic makes it practically impossible to obtain information about the card through physical attacks by manually searching for signals or nodes. This greatly enhances the performance and security of the CPU core. The physical location of the bus in mixed logic design is almost impossible to know, effectively preventing reverse engineering and micro-probing attacks.

Embedded Column

8

Advantages and Disadvantages of Smart Card Chip Encryption Schemes

For developers, choosing a more secure design microcontroller can provide better protection.Compared to most microcontrollers, even smart cards designed ten years ago can offer better protection.Modern smart cards provide more anti-attack protection, with internal voltage sensors protecting against power glitch attacks, over-voltage and under-voltage protection.Clock frequency sensors prevent attacks that lower clock frequencies due to static analysis.They can also prevent clock noise attacks that increase clock frequencies.Top metal grids and internal bus hardware encryption can prevent micro-probing attacks.However, compared to microcontrollers, smart card chips also have disadvantages, such as:The chip is expensive, and small batches are difficult to obtain.Development tools are expensive, and confidentiality agreements must be signed with manufacturers, even for manuals.Many manufacturers only sell large quantities of smart cards to specific customers.Another disadvantage is that the I/O functionality is limited; ordinary smart card chips usually only have ISO7816 interfaces, and very few have separate I/O ports.This means that in most applications, they cannot replace microcontrollers and can only be used in industries with very high security requirements, such as:Pay TV set-top boxes, bank cards, SIM cards, second-generation ID cards, high-end encryption chips, and so on.The application of smart card chips in the field of encryption chips will be a good direction.Because smart card chips have high security levels and limited IO resources.While ordinary MCUs have abundant hardware resources, their security level is low, and some key algorithms and operating parameters can be stored in special forms in smart card chips to achieve powerful functions with high security strength.

Embedded Column

9

Postscript

The endless struggle between groups attempting to break protective mechanisms and manufacturers continuously introducing new security measures has no end.“The higher the skill, the higher the devil,” or “the evil cannot suppress the righteous,” will continue to unfold between the two factions!

Disclaimer:This article’s material is sourced from the internet, and copyright belongs to the original author. If there are copyright issues, please contact me for deletion.

———— END ————

Reply to “MCU” “Microcontroller” “Science Knowledge” in the background to read more related articles.

FollowWeChat public account “Embedded Column”, and view more content in the bottom menu, reply “Join Group” to join the technical exchange group according to the rules.

How Early MCU Chips Were Encrypted?

Click “Read Original” to see more shares, welcome to share, collect, like, and review.

Related posts

Leave a Comment

Your email address will not be published. Required fields are marked *