Thursday, May 24, 2012

Prevent Spam

Hello, to prevent the Blog from SPAM we installed a Captcha system for comments. We had to filter lots of comments a day and this takes time to read and sort. I hope that we can approve faster comments or questions for you. Thank you for your attention....your Blog Ghost

QR Fuzzing Fun

QR codes [1] have become quite popular due to their fast readability and large storage capacity to send information. It is very easy to find QR codes anywhere these days with encoded information such as a URL, phone number, vCard information, etc. There exist tons of apps on smartphones that are able to read / scan QR codes.

Monday, May 21, 2012

ST19XL18P - K5F0A Teardown

4 Metal, 350 nanometer fabrication process, EAL4+ smart card.  A device fabricated in 2002 and yet, today the latest ST19W/N series only main differences are the ROM data bus output width into the decrypt block and the fabrication process (180nm and 150nm shrink).

Figure 1:  Logo of the ST19XL18 die coded K5F0A.  Notice active shielding presence.

The device was dipped into a HydroFluoric (HF) bath until the active shielding fell off.  The result of this saved about 10 minutes of polishing to remove the surface oxide and Metal 4 (M4).  This also helps begin the polishing process on the lower layers fairly evenly.

Figure 2:  Active shield is removed.  Device needs polishing now.

The oxide thickness of a layer once the passivation oxide is removed requires less than 2 minutes per layer to remove.  We purposely stop just before the Metal 3 (M3) surface is exposed leaving the vias visibly clear (there are several gates tied to the ground of the mesh on Metal 4 (M4) as well as the active shield's begin and end vias.

Figure 3:  Metal 3 (M3) polish until only a thin layer of oxide remains.

The device was very modularly placed n' routed.  The picture below is not 100% to scale but more less highlights the various blocks present.  The MAP consists of asymmetric and symmetric crypto functions (DES, RSA, etc).

Figure 4:  M3 with comments drawn into place.

The EEPROM control logic is actually in the lower left corner of the EEPROM block.  When drawing on the picture, highlighting that area was forgotten ;).

Figure 5:  M2 layer

As Metal 3 (M3) was removed exposing the M2 layer, the device is beginning to not look so complicated.

Figure 6:  M1 layer

Metal 1 (M1) shows us all the transistors.  We did not polish down to the poly.  Most of the gates are understandable without it for the purposes of finding the clear data bus.

Figure 7:  Small memory area located behind EEPROM block.

Figure 8:  Second small memory area located behind the EEPROM block.

Most likely, these NVM areas in Figure 7 & 8 are trimming or security violation related.  No further investigation is planned on these areas (it isn't necessary).

 Figure 9:  Clear ROM drivers feeding the 'clear' data bus highlighted on each of the 3 layers.

Strangely enough, it is now understandable why ST cannot achieve high performance on the ST19 platform.  Each logic area with access to the clear data bus runs via a high-output driver that is tri-stated (hi-z) when not driven.  This means that all drivers are OR-tied and only one set of 8 drivers are ever active at a time.  This is a very large and cumbersome way of creating a MUX.

As time permits, the ST19W and ST19N series will be looked at.  It is expected to again find this kind of pattern.  Overall, finding the clear data bus took 1.5 hours once the images were created.  Most of the 1.5 hours was the alignment of the layers.

Tuesday, May 15, 2012

#HITB2012AMS: Security Bigwigs and Hacker Crème de la Crème Converge in Amsterdam Next Week

Hi guys! We’re less than a week away from #HITB2012AMS and we’re super excited to welcome you there! 

Thursday, May 3, 2012