INSIGHTS, NEWS & DISCOVERIES
FROM IOACTIVE RESEARCHERS

Friday, March 16, 2012

Atmel AT90SC3232CS Smartcard Destruction

Having heard that Atmel actually produced three variants of the AT90SC3232 device, we did some digging and found some of this previously never-seen-by-Flylogic AT90SC3232CS.  We had already several AT90SC3232 and AT90SC3232C.  We assumed that the CS was just a 3232C with an extra IO pad.  Well, one should never ass-u-me anything!  The AT90SC3232CS is a completely new design based on the larger AT90SC6464C device.


Above:  A decapsulated sample of the TQFP44 packaged AT90SC3232CS devices we received.



Decapsulation revealed that Atmel actually did place an active shielding over the surface of the device.  A 350nm, 4 metal process was used on the AT90SC3232CS where the AT90SC6464C was a 350nm, 3 metal.


Above: Active shield metal was removed with wet-etching leaving the oxide residue.

A quick polishing session removes that residue you saw in the previous photo.  Now the device looks very similar to the AT90SC6464C.


Above:  With the mesh removed Metal 3 is now exposed.



Given the AT90SC family all run encrypted code that even Atmel claims they don't know the key on.  It's mandatory to polish down the device and image areas of interest at each level to trace through the logic.


Above:  Polished to Metal 2 in our area of interest.


With the chip at Metal 2, it was time to go to Metal 1.  This is where the actual transistor is put together to become something such as AND, OR, INVert, ...


Above:  Metal 1 ready for imaging.

While not really required but always desired, removal of Metal 1 leaves us with the poly/diffusion areas visible.  This is always helpful to explain P/N FETs for our purposes.


Above:  Poly/Diffusion layer exposed.



All of the images above were quick 50x mosaics.  Clicking on any of them will open the full version of the image.

Given the feedback received from the recent 3 Metal display, we thought we would do it again.  This time however, we imaged it at 1000x for a distance of 25,000 pixels across by 2413 down (25,000 is the max a JPEG will allow).

Having no knowledge of how the Atmel AVR smart card family works means we have to tear it down and trace out the databus paths.  The next 4 images are just a sample of the real image we created.  The real image is so huge, it would take days to download.

The next four images can be clicked on to open up the full 25,000 pixel JPEG.  Metal 4 was not imaged because it was the active shield.  The active shield is an obstacle  that can be ignored until the signals determined to be important are identified.

Metal 3:



Metal 2:



Metal 1:



Poly:





Each of those files are 37.9 MB each.  They are aligned for use in GIMP or Photoshop.  If you wish to download these same 4 images in higher quality overlaid already, please click here.  This image is a layered TIFF and is 1.6 GB.

None of these images have been watermarked.  We ask that people respect our work and give proper credit if they are reused.  In these images, you have 28 EEPROM bit outputs (most likely the crypto key unique per part) and a 16 bit databus coming into the area from the top of the picture.  When I briefly looked at the cropped image 'section.tif', I immediately spotted several 2 in, 1 out MUXes, several FlipFlops (I caught 2 variants) and random glue-logic.

This is definitely the memory encrypt-decrypt block (MED) or at least the entry of it ;).

- - - - - - - - - - -

Update 03-17-2012 :: Added a few more hi-res but smaller pics


Above:  Small section taken from the section.tif image.  The layers have been tiled for view but should be stacked over each other if section.tif is opened a proper viewer (Photoshop or GIMP will work).

The file above can be downloaded quickly in it's layered form as a Photoshop .PSD or a layered .TIFF.

Please let us know if anyone is having problems with the images.

- - - - - - - - - - -

Update 03-18-2012 ::  Hosted the 1.6GB layered TIFF on Bit Torrent here.

Llink above in case of problems: http://flylogic.net/chippics/at90sc3232cs/section.torrent

6 comments:

  1. Do you have a pinout for the AT90SC6464-USB-AL perchance?

    -Martin

    ReplyDelete
  2. Let me look into my magic hat....


    ReplyDelete
  3. Is the image from poly layer acquired from SEM? If yes, under which conditions? Really nice and clean images. I can't compare my results with you :)

    -Hynek

    ReplyDelete
  4. No Hyna, this is just optically taken in monochrome (the poly)

    ReplyDelete
  5. Hello

    Where is the flash on this chip? Two array blocks on left are the crypto rom of sc16? Can you make an image indicating each part of the chip?

    Thanks

    ReplyDelete
  6. section.tiff noted as 25k*2.5k 4 layered tiff, but gimp reports 35k*3.5k 1 layered tiff. It looks like m3 only. Could you fix it?

    ReplyDelete