Archive for the ‘Device Teardowns’ Category

Parallax Propeller P8X32A Quick Teardown

Saturday, August 7th, 2010

Parallax has a really neat 8 core 32 bit CPU called the ‘Propeller’.  It’s been out for a few years but it is gaining popularity.  There is no security with the device as it boots insecurely via a UART or I2C EEPROM.  None the less, we thought it was interesting to see an 8 core CPU decapsulated!

The image above is the Propeller optically imaged 50x magnification.  One can clearly see 8 columns that appear almost symmetric (except in the middle region).  The upper 8 squares are each ‘cogs’ 512 * 32 SRAMs as described in the manual.  The middle left 4 and right 4 squares are the ROM’s Parallax describes.  The 8 rectangular objects are the 32KB SRAM as described.  The 8 cores are basically the 8 columns above the middle ROM’s to include the 512 * 32 SRAMs because they describe each cog as having it’s own 512 * 32 SRAM :) .

After removing the top metal (consisted mainly of routing tracks), we can see the 8 cores a little more clearly.  The metal over the 4 left ROMs has begun to remove as well in the image.

Above is a single COG rotated 90 degrees clockwise.  There are 8 of these objects in the upper half of the die.

Last but not least is the logo by Parallax.  Nice job Parallax on this beast!  We have one favor-  implement some flash on the next generation with a security bit ;) .

Posted in Device Teardowns | 18 Comments »

The KEYLOK USB Dongle. Little. Green. And dead before it was born!

Thursday, November 15th, 2007

We decided to do a teardown on a Keylok USB based dongle from Microcomputer Applications, Inc. (MAI).

A picture of the dongle is to the right.

Opening the dongle was no challenge at all. We used an x-acto knife to slit the sidewall of the rubber protective coating. This allowed us to remove the dongle’s circuit board from the surrounding protective coating.

The top side of the printed circuit board (PCB) is shown above. MAI did not try to conceal anything internally. We were a little surprised by this :( .

The backside consists of two tracks and a large ground plane. The circuit is very simple for an attacker to duplicate.

With the devices removed, a schematic can be created literally within minutes. The 20-pin version of CY7C63101A can even be used in place of the smaller SOIC 24-pin package (which is difficult for some to work with). The 20-pin is also available in a dual-inline-package (DIP) making it a great candidate for an attacker to use.

Red pin denotes pin 1 on the device.

You might have seen this picture from the iKey1000 teardown. That’s because we borrowed the Cypress pictures from that teardown :) .

We performed some magic and once again we have success to unlock the once protected device. A quick look for ASCII text reveals a bunch of text beginning around address $06CB: .B.P.T. .E.n.t.e.r.p.r.i.s.e.s…D.o.n.g.l.e. .D.o.n.g.l.e. .C.o.m.m.<
.E.n.d.P.o.i.n.t.1. .1.0.m.s. .I.n.t.e.r.r.u.p.t. .P.i.p.e.

Ironically, they say, “There are many advantages to using a hardware–based security solution – AKA, a Dongle. There are even more advantages however to using KEYLOK Dongles over other competing solutions.”

Statement’s such as the one above are the reason Flylogic Engineering started this blog. We have heard this just one too many times from companies who are franckly pushing garbage. Garbage in, garbage out. Enough said on that.

This dongle is the weakest hardware based security token we have ever seen!! The outer physical protection layers ease of entry places this dongle last on our list of who’s hot and who’s not!

Tags:, , ,
Posted in Device Teardowns | 23 Comments »

Safenet iKey 1000 In-depth Look Inside

Saturday, November 3rd, 2007

We received a lot of attention from our previous article regarding the iKey 2032.  We present to you a teardown of a lesser, weaker Safenet, Inc. iKey 1000 series USB token.

We had two purple iKey 1000 tokens on hand that we took apart-

Cypress 24 pin CY7C63001/101 type USB controller is a likely candidate underneath the epoxy above

Cypress’ USB controllers run from a 6 Mhz oscillator and an 8 pin SOIC EEPROM might be beneath this smaller epoxy area

Once we took our initial images of the two sides, it was time to remove whatever was under the epoxy.

If needed, we can clean off the remaining epoxy

There was indeed a serial EEPROM underneath the bottom side.  Removing took some heat and we lost the cover to our oscillator during the process.

Opening the device revealed exactly what we suspected (we could sort-of tell by the 24 pin SOIC) being familiar with the Cypress family of processors.  We discovered a Cypress CY7C63101.

The red pin denotes pin 1 of this Cypress CY7C63101

 

A 200x magnification photo of the die above shows a 20 pin version of the CPU used in the iKey1000 token.

The Cypress CY7C63 family of USB microcontrollers have serious security issues.  This family of processors should not be used by anyone expecting their security token to be secure.  Unfortunately, we’ve seen a lot of dongles using this family of CPU’s.

We successfully read out the CPU (using our magic wand again).  Poking around the code looking for ASCII text we found the USB identifier string at address offset $0B7:  ”i.-.K.e.y”

The code contained inside the Cypress CPU is always static between iKey1000 tokens.  The Cypress CPU is a One-Time Programmable (OTP) type device.  There is no non-volatile type memory inside except for for the EPROM you may program once (hence OTP).  The only changes possible are within the external EEPROM which is a dynamic element to the token.  The EEPROM turned out to be a commonly found 24LC64 8K byte EEPROM. 

Given the above, we can then assume that the iKey1032 is identical to this token with the except of replacing the 24LC64 with a larger 24LC256 32K byte EEPROM.  This is a logical assumption supported by Safenet’s brochure on the token.

Are you securing your laptop with this token?  We are not…

Tags:, , ,
Posted in Device Teardowns | 7 Comments »

Safenet iKey 2032 In-depth Look Inside

Tuesday, October 30th, 2007

[We are aware of issues regarding the images when viewed in the latest Firefox browser.  This page has been tested on both Internet Explorer and Opera to properly display the pictures.] 

Chances are you have probably seen one of these little USB based tokens made from Safenet, Inc.

The one we opened was in a blue shell.

Safekey says, iKey 2032 is a compact, two-factor authentication token that provides client security for network authentication, e-mail encryption, and digital signing applications.”

As well, the brochure the link above takes you too states, ”iKey 2032s small size and rugged, tamperresistant construction, make it easy to carry so users can always have their unique digital  entities with them.” 

Now we’re not really sure what tamperresistant construction has to do with making things easy for a user to carry around but let’s get down to the good stuff.

So we took our token apart and the following pictures are what we found:

Above:  Main CPU side of the token. 

Our suspicion:  Could there be a Cypress CY7C63xxx series CPU present?

 

Above:  Something buried under epoxy.  Appears to be die-bonded to the PCB.

Once initial images of the PCB intact were taken.  It was time to remove the CPU.

We carefully decapsulated the epoxy covering the die buried inside the 24 pin SOIC part.  What did we find?  We found a Cypress CY7C63613!  We suspected it might be this part because of the pinout.  This is why scratching off the top of the part does not always help.  Even with the silkscreen scratched away, there are only a few possible candidates using this pinout.  Additionally, this CPU is very common used in USB applications.

Here is the CPU opened up.  Note that pin 1 on the PCB is in the upper-right corner while in our picture we rotated the device so pin 1 is in the lower-left (we labeled it with a red dot).

Above:  Cypress CY7C63613 USB CPU (Click on picture for a larger size)

 

Above:  Actual closer view of the bare CPU substrate (Click to see commented higher-res image)

Once the CPU was decapsulated, we performed some tests on the device.  After executing some tricks, the software contained internally was magically in our hands.

We looked for some type of copyright information in the software but all we found was the USB identifier string at address offset $3C0: i.K.e.y. .2.0.3.2

Now that we successfully analyzed the CPU, the protocol for communications to whatever is present under the epoxy is available to us.  At this point, we believe it’s more than an serial EEPROM because this CPU is not strong enough to calculate asymmetric cryptographic algorithms in a timely manner.

Next we carefully removed the die-bonded substrate from the PCB:

With the die-bonded device removed and a little cleanup, we can clearly see the bondout pattern for a die-bonded smartcard IC.   In the picture above, we can see VCC, RST, CLK, IO, and GND layed out according to the ISO-7816 standard which Flylogic Engineering are experts on.

After completely decapsulating the smartcard processor, we found a quite common Philips smartcard IC.  We will call this part from now on the Crypto-Coprocessor (CCP).  Notice there is still a small spec of dirt in the middle of the die.  We decided to leave it since it’s not in our way.

Rotating this picture of the CCP (50x magnified) 90 degrees counter-clockwise, you can see how it fits into place on the PCB.  It is glued down and then five alluminum wires were wedge-bonded to the PCB.  Alluminum wedge-bonding was used so the PCB would not need to be heated which would help them cut down the time required on the assembly line.

 

In preparation for analysis, we had to rebond the CCP into a 24-pin ceramic dip (CDIP).  Although we only needed five contacts rebonded, the die-size was too large to fit into the cavity of an 8-pin CDIP.

The CCP is fabricated by Philips.  It appears to be a ~250nm, five metal layer technology based on the Intel 8051 platform.  It contains 32k of EEPROM, two static ram areas and a ROM nested underneath a mesh made up of someone(s) initials (probably the layout designers).

This CPU (The CCP is also a CPU but acting as a slave to the Cypress CPU) is not secure.  In fact, this CPU is also all over the globe in GSM SIM cards.   The only difference is the code contained inside the processor. 

Some points of interest:

Point #1-  The ‘mesh’ protecting probing from the ROM’s databus outputs is NOT SECURE!

When we cropped and shrunk this picture, it came out pretty bad.  However, you can see that there is now an opening where we wrote our url.  The device is alive still but now has a gaping hole over the signature-mesh.

Point #2-  A quick search on the internet and we came across a public document from when Philips tried to get this part or a part very close to this one common criteria certified.  You can find this document here.  Alternatively in case that link goes bad, we have saved a copy of the document here.  You will need Adobe Acrobat reader to view the document.

The document labels this assumed to-be part as a, “Philips P8WE5033V0F Secure 8-bit Smart Card Controller.

Reading over this document, we find a block diagram on page 8.

In the above diagram they mention, “Security Sensors” as a block of logic.  That’s ironic considering we opened a gaping hole in their “mesh” over the ROM and the processor still runs 100% functional.

Point #3-  For such a “secure” device, Philips could have done a lot more.  The designer’s were pretty careless in a lot of areas.  Below are some photo’s showing a sawn-off test-enable line.  Simply reconnecting the two tracks together will definately be helpful to an attacker.  A Focused Ion-Beam Workstation can make bond-pads for those two tracks that we can then bond out to the CDIP.  This way we can short or open this test-circuit.

Above:  Two test tracks (inside the red box) lead off to the left edge of the die.

Above:  Notice on the very right lower edge there is a wire in orange.  This was the loop back of the track that has now been sawn off.  This orange loopback would have belonged to the die to the right of this die when still present on the wafer.

 Now ask yourself if you are a potential customer to Safenet, Inc-  Would you purchase this token?

Tags:, , ,
Posted in Device Teardowns | 18 Comments »