IC Unlock

One-stop expert service for IC unlock( integrated circuit), IC decryption, and circuit board clone.
IC Unlock

What is IC Unlock?

IC unlock is also called IC decrypt, IC attack or IC reverse engineering. An IC Unlock is any of several processes that enable the decryption of ICs of final products, which are normally encrypted. Reverse engineering methods are used to decrypt ICs. An IC Unlock allows programmers to read the program of ICs after the ICs are decrypted.

Our IC Unlock Services

How to Unlock IC?

1. Software attack

We usually exploit a protocol or encryption algorithm encryption weakness to perform an decryption. The weakness in the design of the erasing operation sequence in the early ATMEL AT89C microcontrollers was exploited in a successful software attack. Once the next erasing of program data in on-chip program memory is being prevented after erasing the encryption lock bit, An unencrypted single-chip microcomputer (MCU) will occur that could be read with a programmer.

IC Unlock by software: Pocket-CHM-Pro-59
Pocket-CHM-Pro-59

It’s possible to research and develop software attacks using other encryption algorithms. There are flaws in the development process that make it possible for some programmers to locate and insert bytes. Find whether there are constant vacancies in the chip by locating continuous FFFF bytes, which execute the chip’s program and then send it to the off-chip, and then intercept the decrypted device.

2. Electronic detection attack

This technique is used to decrypt the encrypted MCU programmes. A microcontroller’s analog connections and emissions are monitored for high temporal resolution during operation to detect an attack. Because operating instructions cause power consumption to fluctuate, observing the electromagnetic emissions allows for detection of specific information. Using statistical analysis and electronic measuring equipment, this approach is able to infer specific information from microcontroller power consumption changes.

3. Fault generation technology

Fault-based attacks are accomplished by exploiting the processor’s vulnerability to abnormal operating conditions. Voltage and clock surges are the most common fault-generating attacks. The processor can be disabled by low-voltage or high-voltage attacks, or it can be forced to perform incorrect operations. Fault-based attacks can be used to disable protection circuitry or force the processor to perform the wrong things. Even though protected data is not destroyed, a protection circuit may be reset by clock transients. In some processors, individual instructions may not be decoded and executed correctly.

4. Probe test Decrypt

Flying Probe Test is commonly used for IC and circuit board (PCB) testing. We can assess an IC’s functionality by transmitting a current and frequency from the test object to a testing substrate using probe sockets or fixtures. Additionally, we can directly view and decrypt the internal wiring of the microcontroller.

schematic of test probe on pcb
schematic of test probe on pcb

5. UV attack method

UV attack, also known as UV irradiation method. It is used to erase the encryption on One Time Programmable (OTP) chips. An OTP chip, which has become an unencrypted chip after being UV irradiated, can be directly read using a programmer.

UV attack IC decrypt
UV attack IC decrypt

6. Exploiting chip vulnerabilities

Chips are frequently created with encryption flaws, allowing attackers to read the code stored in memory. For example, the code on a chip may have contact FFs, which can be used to decrypt the code. By inserting bytes, you can accomplish decryption if you can find these FFs.

IC Unlock: finding vulnerabilities in chip code
loopholes or vulnerabilities in chip code

You can also search for a certain byte in the code to decrypt the program. ATMEL’s 51 series AT89C51 decryption is decrypted by exploiting a byte vulnerability in the code.

7. FIB recovery encryption fuse method

FIB (Focused Ion Beam) devices are usually used to reconnect a line or restore a line with laser-altered equipment. This method is not the finest because it requires equipment and consumables. However, if there are a lot of chips that must be unlocked, this approach will be excellent. At first, the wafer in the chip is exposed by dissolving a specific lipid. Then, a high-powered microscope and FIB are used to locate the encrypted location of the chip. After the chip is exposed, its circuit is altered so that it is decrypted. Finally, the programmer is used to read the program out of the chip.

FIB (focused ion beam) (1)
FIB-(focused-ion-beam)-(2)
FIB-(focused-ion-beam)-(2)

Many chips with fuse encryption can be decrypted using this method. The MSP430 is one of the most prominent examples because the MSP430 must burn the fuse when encrypting. If the fuse can be restored, it will become an unencrypted chips, such as MSP430F1101A, MSP430F149, MSP430F425, etc.

8. The method of modifying the encrypted line

CPLD and DSP chips are difficult to decrypt with the method described above, and they have high encryption performance. To decrypt these chips, you must first understand their structure, then search for the encryption circuit, and then use the chip’s circuit to modify the device. Make some alterations to the circuit of a chip so that the encryption circuit is not working, and the encrypted CPLD or DSP becomes unlocked so that the code can be accessed. TMS320LF2407A decryption, TMS320F28335 decryption, and TMS320F2812 decryption are examples of this approach.

Decryptable IC Series

In past years, we have done IC more than 1000 unlock projects. Our customers range from start-ups to enterprises operating in various industries like manufacturing, IT & software, health care, e-commerce, telecom, real estate, e-learning, education, public sector and much more. We are also a preferred choice for businesses that wish to outsource their data entry and data processing tasks. For more IC models, please contact us directly.

Available IC Unlock Models

MCU

ATMEL

Microchip

ST

TI

STC

FPGA

FPGA

ACTEL

Lattice

CPLD

TI

LATTICE

ALTERA

ATMEL

ARM

ARM

ADI

ATMEL

ST

DSP

DSP

Freescale

TI

ADI

Why Choose Us?

13 Years Experiences

Our IC development and decryption experts have over 13 years of technical experience.

Guaranteed Benefit

We promise that if your IC decryption project is unsuccessful, no related fees will be charged.

Advanded Equipment

We utilise Focused Ion Beam (FIB), Scanning Electron Microscope (SEM), and Transmission Electron Equipment (TEM) to provide the best service possible.

Explore more about IC Knowledges

Contact Us

Phone: +86 134 8072 0771
Email: info@reversepcb.com
B205, Block 7, Phase 2, D & J Innovation Park, 73 Bulan Road, Longgang, Shenzhen, China
MON-FRI 09:00 - 19:00, SAT-SUN 10:00 - 14:00
welldone pcb manufacturer

Start to Achieve Your PCB Project

Open chat
Scan the code
Hello 👋
Can we help you? Chat with us on WhatsApp↓, or send an email to us: info@reversepcb.com