ICs Unlock Chip
What is IC Unlock?
ICs unlock is also called Chip unlock, Chip attack or ICs attack. An IC Unlock is any of several processes that enable the decryption of ICs of final products, which are normally encrypted. Reverse engineering methods are used to decrypt ICs. An IC Unlock allows programmers to read the program of ICs after the ICs are decrypted.
Our IC Unlock Services
- International advanced IC testing algorithms and research;
- IC programming, disassemble bin files;
- FIB(focused ion beam), SEM(scanning electron microscope), TEM(transmission electron microscopy);
- Single-chip microcomputer (MCU) and DSP system development;
- Integrated circuit decrypting, designing and developing, failure analysing;
- Secondary development and upgrade of chip programs;
- Support IC types: DSP,CPLD,PLD,AVR,ARM;
- One-stop reverse engineering services for integrated circuit, semiconductor;
Supportable IC Series
In past years, we have done IC more than 1000 unlock projects. Our customers range from start-ups to enterprises operating in various industries like manufacturing, IT & software, health care, e-commerce, telecom, real estate, e-learning, education, public sector and much more. We are also a preferred choice for businesses that wish to outsource their data entry and data processing tasks. For more IC models, please contact us directly.
Available IC Unlock Models
MCU
ATMEL
- AT90
- AT89
- AT87
- T89
- ATA
Microchip
- PIC16
- PIC18
- PIC24
ST
- STM8S003
- STM8S005
- STM8S903
TI
- TMS320F2802
- TMS320F28034
- TMS320F28027
- TMS320F2808
STC
- STC10
- STC11
- STC12
FPGA
ACTEL
- ProASIC3L
- ProASIC3 nano
- ProASIC3
- IGLOO PLUS
- IGLOO nano
- M1 Fusion
- M7 Fusion
Lattice
- MachXO2
- MachXO3
- SC/M
- ECP2
- ECP3
- iCE40
- ECP5
CPLD
TI
- PAL16
- TIB
- TIC
LATTICE
- GAL
- ISPLSI
- ISPGAL
- MACH
- ISPPAC
- LFXP
- LX
- M4
ALTERA
- 5M
- EPM
ATMEL
- ATF
- ATV
ARM
ADI
- ADUCM360
- ADUCM361
- ADUCRF101
- ADUC7091
- ADUC7020
- ADUC812
- ADUC832
- ADUC845
ATMEL
- AT91SAM7XC512C
- AT91SAM7XC512A
- AT91SAM7XC256C
- AT91SAM7XC128A
- AT91SAM7XC512AU
- AT91SAM7SE512A
- AT91SAM7SE31AU
- AT91SAM7S161
- AT91SAM7L128
ST
- STM32
- STR71
DSP
Freescale
- DSP56F827
- DSP56F826
- DSP56F805
- DSP56F803
- DSP56F802
- DSP56F801
TI
- TMS320F
- TMS28F
- TMS27PC
- TMS29F
- TMS28F
- TMS27C
ADI
- ADSP-TS101S
- ADSP-TS203S
- ADSP-2161
- ADSP-2189M
- ADSP-2189N
- ADSP-2185N
- ADSP-21990
How to Unlock IC?
1. Software attack
We usually exploit a protocol or encryption algorithm encryption weakness to perform an decryption. The weakness in the design of the erasing operation sequence in the early ATMEL AT89C microcontrollers was exploited in a successful software attack. Once the next erasing of program data in on-chip program memory is being prevented after erasing the encryption lock bit, An unencrypted single-chip microcomputer (MCU) will occur that could be read with a programmer.
It’s possible to research and develop software attacks using other encryption algorithms. There are flaws in the development process that make it possible for some programmers to locate and insert bytes. Find whether there are constant vacancies in the chip by locating continuous FFFF bytes, which execute the chip’s program and then send it to the off-chip, and then intercept the decrypted device.
2. Electronic detection attack
This technique is used to decrypt the encrypted MCU programmes. A microcontroller’s analog connections and emissions are monitored for high temporal resolution during operation to detect an attack. Because operating instructions cause power consumption to fluctuate, observing the electromagnetic emissions allows for detection of specific information. Using statistical analysis and electronic measuring equipment, this approach is able to infer specific information from microcontroller power consumption changes.
3. Fault generation technology
Fault-based attacks are accomplished by exploiting the processor’s vulnerability to abnormal operating conditions. Voltage and clock surges are the most common fault-generating attacks. The processor can be disabled by low-voltage or high-voltage attacks, or it can be forced to perform incorrect operations. Fault-based attacks can be used to disable protection circuitry or force the processor to perform the wrong things. Even though protected data is not destroyed, a protection circuit may be reset by clock transients. In some processors, individual instructions may not be decoded and executed correctly.
4. Probe test Decrypt
Flying Probe Test is commonly used for IC and circuit board (PCB) testing. We can assess an IC’s functionality by transmitting a current and frequency from the test object to a testing substrate using probe sockets or fixtures. Additionally, we can directly view and decrypt the internal wiring of the microcontroller.
5. UV attack method
UV attack, also known as UV irradiation method. It is used to erase the encryption on One Time Programmable (OTP) chips. An OTP chip, which has become an unencrypted chip after being UV irradiated, can be directly read using a programmer.
6. Exploiting chip vulnerabilities
Chips are frequently created with encryption flaws, allowing attackers to read the code stored in memory. For example, the code on a chip may have contact FFs, which can be used to decrypt the code. By inserting bytes, you can accomplish decryption if you can find these FFs.
You can also search for a certain byte in the code to decrypt the program. ATMEL’s 51 series AT89C51 decryption is decrypted by exploiting a byte vulnerability in the code.
7. FIB recovery encryption fuse method
FIB (Focused Ion Beam) devices are usually used to reconnect a line or restore a line with laser-altered equipment. This method is not the finest because it requires equipment and consumables. However, if there are a lot of chips that must be unlocked, this approach will be excellent. At first, the wafer in the chip is exposed by dissolving a specific lipid. Then, a high-powered microscope and FIB are used to locate the encrypted location of the chip. After the chip is exposed, its circuit is altered so that it is decrypted. Finally, the programmer is used to read the program out of the chip.
Many chips with fuse encryption can be decrypted using this method. The MSP430 is one of the most prominent examples because the MSP430 must burn the fuse when encrypting. If the fuse can be restored, it will become an unencrypted chips, such as MSP430F1101A, MSP430F149, MSP430F425, etc.
8. The method of modifying the encrypted line
CPLD and DSP chips are difficult to decrypt with the method described above, and they have high encryption performance. To decrypt these chips, you must first understand their structure, then search for the encryption circuit, and then use the chip’s circuit to modify the device. Make some alterations to the circuit of a chip so that the encryption circuit is not working, and the encrypted CPLD or DSP becomes unlocked so that the code can be accessed. TMS320LF2407A decryption, TMS320F28335 decryption, and TMS320F2812 decryption are examples of this approach.
Why Choose Us?
13 Years Experiences
Our IC development and decryption experts have over 13 years of technical experience.
Guaranteed Benefit
We promise that if your IC decryption project is unsuccessful, no related fees will be charged.
Advanded Equipment
We utilise Focused Ion Beam (FIB), Scanning Electron Microscope (SEM), and Transmission Electron Equipment (TEM) to provide the best service possible.
Explore more about IC Knowledges
Everything You Need to Know About Gold Fingers PCBs!
Gold Fingers PCBs are one of the most popular printed circuit boards (PCBs) used in electronics and computing applications. They are essential components of many
ESP32 Cam Project Development Example on Ubuntu
About ESP32-CAM ESP32-CAM is a small-sized camera module released by Ai-Thinker Co., Ltd, which can work independently as the smallest system, with a size of
Exploring the 7408 Integrated Circuit: datasheet and pinout
Introduction to the 7408 Integrated Circuit The 7408 Integrated Circuit (IC) is a great tool for building basic logic gates. It is made up of
English
French
German
Italian
Russian
Spanish