Travis Goodspeed - An Amateur's Guide to Microchip Decapsulation Chemistry

all right and now we have an amateur's guide to microchip encapsulation chemistry with travis goodspeed [Music]

all right who likes microchips all right and if you really love something you should boil it in acid right okay [Applause] this here let's jump in a little bit closer this is a complete 32-bit computer including ram rom it's connected to some other ships on a board this is from a pcmcia card that stands for people can't memorize corporate identification acronyms um for you youngins in the audience it used to be that you'd buy a laptop and it would weigh more than a brick and it would not have wi-fi or ethernet and if you wanted to get online you'd have to install an extra card this particular chip is from a cryptography card back then they didn't want you to have

cryptography and software for fear that it would help the nazis or something so they they made you buy it as a physical unit and this was in a fortezza card which is the replacement to the clipper chip and it had a law enforcement access field in it so you could you could have cryptography but the cops could undo it if they filed the right paperwork um thankfully this standard died off in the mid 90s and we don't use it anymore so today i'm going to teach you how to take a part a microchip and turn it into bear glass like this and also how to turn the bear glass into a full photograph of the entire die

and how to do some other cool stuff like if you zoom in close enough um does anyone see this like egyptian tablet like thingy right here just to the the right of my finger if you zoom in really close on that tablet and you squint a little you can actually see the ones and zeros of the boot rom of this chip and so when the chip is locked and you're not allowed to read them you can recover it photographically and then from the photographs you can get out like a file that you would load into ida pro or gydra to reverse engineer another thing that's pretty cool to do within the the lab this is one of my good fete boards i

designed these as an undergrad as like a bus adapter but the cool thing about this one is that little uh circle that's burnt out of the side chip this chip is an msp430f220 it's a 16-bit microcontroller that contains the firmware to make it this device and by burning a hole in the outside i can now shine lights into this chip in order to mess with it as it's running so despite the whole burned in the packaging of this chip this board is still fully functional and still does everything it's supposed to this is a another msp430 chip which i've live decapped the um the hole in this package allows the dye to be exposed so that i

can shine a camera flash on it and i'm not doing this to take pictures i'm although we do have cool pictures of it i'm shining the camera flash because every transistor on this microchip die is a photo transistor and if you hit it with light it starts conducting electricity even though maybe it's not supposed to and if you hit the entire chip at once with a very bright light sometimes the readout protection on this chip will fail and you will be allowed to connect a debugger even though the chip is locked and is not supposed to allow its software to be read and this is how you can get the firmware out of a protected chip

you'll need some equipment to do this this is my handy dandy hot plate you'll note that the heat settings are just in numbers from 0 to 10. these very loosely correlate to to real temperatures so you shouldn't trust that it will keep the right temperature at any given time you need some beakers in order to hold the acids these are pyrex glass and they're great for everything except for the hydrofluoric acid and the reason for that is that the hydrofluoric acid will eat the glass and that winds up ruining your glassware and your experiments you'll need pipettes so these little doohickeys allow you to pick acid out of one jar and put it into another

the big one on the left is what i use for transferring large amounts in the order of like 5 or 10 milliliters in order to entirely drown a chip and then boil it on the hot plate the little one i use for stronger acids in order to do the live decapping and in that style i need a stronger acid because the weak ones include water and the water as a catalyst will burn off the bonding wires that connect the chip to the packaging i've got these little squirt gun bottles with acetone and water and isopropyl alcohol this is not the type of ipa that you drink basically we're using the acetone to clean gunk off of the chip because

it's really good at dissolving stuff we do this after the acid has broken it apart the ipa the isopropyl alcohol is not as good as acetone at like picking up junk but it's a lot easier to manufacture ipa cleanly so if i let acetone dry on the chip then it will leave a residue behind but if i use isopropyl alcohol in a second bath for the chip then i can get that residue off and have clean photographs instead of dirty ones you'll need a microscope this is the cheap one that i keep in my lab i've had this one since grad school it's um you know there's a single column that you look down it's metallurgical which

means that the light comes through the lens to hit the surface rather than coming up through a glass slide like you might have in high school biology class and the reason for this is that the silicon dioxide is opaque to light when it becomes thick enough to be a chip so if you try to shine a light through it it gets blocked and you see nothing we also need some chemicals this is um 65 nitric acid this is the weaker nitric acid that i use and um it's nice for destroying the packaging of the entire chip because the water inside of it will also take off the bonding wires and that gets me a very thin piece of glass that i can

photograph i also got the good this is red fuming nitric acid instead of being 65 pure this stuff is 90 pure uh it is at least 90 nitric acid and it is at most 2 percent water and that means that it will do very little damage to the bonding wires and this is how i'm able to remove the packaging from a chip without damaging it you can use regular nail polish remover as your acetone like i said this stuff is not completely clean if you let it dry on a surface you will then see gunk left over but i don't care because i've got isopropyl alcohol and for this stage the 99 reagent grade is a lot better as far

as cleaning stuff off giving you good pictures do not use this without a proper fume hood but you can also use hydrofluoric acid which is available commercially as rust stain remover to remove layers of the microchip after you have extracted the glass from the package um this is useful because as we burn lower into the chip we have fewer things on the surface blocking our view on a smart card this is absolutely essential because smart cards will have like a maze of wiring on the surface in order to detect your messing around with them and you have to remove all of those wires in order to photograph any of the organs of the chip like where the cpu is

or where the ram is where the rom is and because the hydrofluoric acid dissolves glass you have to use these like plastic beakers in order to heat it up to knock the chip out so we're now ready for our first experiment um we are going to use 65 nitric acid and we are going to dissolve a chip packaging in it in order to get the bare glass and then we're going to photograph the glass so this is the acid that we're using this is the big two and a half liter jug we're not going with the the stronger stuff these are our two chips this is the ch-582m from a company called wch they're a chinese chip manufacturer

who has been making lots of different microcontroller class and radio class chips over the past few years they're doing many which are compatible with western ships in order to be drop-in replacements so i bought the entire series and now i'm photographing all of them in order to see how they relate um you begin with a beaker with the two chips in it can anyone spot what's dangerous in this photo exactly the fingers and the gloves so you put the gloves on you open up the nitric acid i use this little storage bottle so that i don't have to bring the the big jug around because if i spill something out of that jug i can like

dissolve my oven um after dropping the acid onto the chips and before any heat is applied the uh the liquid will turn green and you'll see this as like it looks like ink coming off of the bottom of the chip packaging this is the ground pad and the pins of the chip dissolving within the acid um green or blue will indicate metals like copper um a proper chemist could tell you more about which means which and why we then heat the packaging up we're aiming at about 100 degrees celsius which is beneath the boiling point of the acid but the hotter the acid is the faster the reaction is and at room temperature this acid is not strong

enough to dissolve the chip packaging which is why we have to bump it up a bit you are aiming for a temperature that is high enough that the package will dissolve but not so high that the acid will boil off and all of this is being performed inside of a fume hood with forced air ventilation so all of the air is being sucked out of the front of the fume hood where i sit and then pulled out through the top of the fume hood and then vented out of a window in order to keep my air clean after a while you'll start seeing the the package fall apart and the bare dye will be visible but it

will still be covered with a little bit of gunk or residue left over from the chip here you can see there's like a chip in the bottom right and all those little specks all of that used to be packaging on this chip remember this was these were two packaged chips and some clear liquid when we began now the liquid is green and the packaging is crumbling apart like a wet oreo here are the two of them um this little square here and that one up there um because they're still covered in gunk we can't photograph them yet so to fix that we spray acetone over them in order to uh knock off a bit of the surface gunk

and this leaves us with the um the two bear dice at the bottom of a beaker of acetone which we put into an ultrasonic bath this is a commercial jewelry cleaner some other people who do this sort of work they don't like to use the ultrasonic bath because the sharp edges of the chips hitting against the side of the beaker will sometimes chip or damage them and you can see this damage in my dive photographs

here's a close-up you can see the two dice here the gray one on the left is upside down you will see a flat gray for the bottom side of almost every chip the front side is what has all of the pretty colors and the fancy wiring in it and that's usually covered in more gunk than the back side is as soon as you hit the button on your ultrasonic cleaner all of this black gunk will start shaking around and very quickly falling off of the chip and dissolving within the acetone so very quickly we have two clean dice we then take these to the cheap microscope this is the one in the lab and we put it under the light and we

look at it and all we're looking to see at this point is like how much gunk is left on the dye if i see a lot of it i'll dump it into another acid bath i might use a different acid such as sulfuric acid depending upon the epoxy chemistry of that individual package

and then the end result is this clean dye floating in sorry this is floating in isopropyl alcohol and remember isopropyl alcohol is good because it is clean i take it down to my photography table this way still in the beaker and then as i remove it i have one remaining problem which is that even though the isopropyl alcohol is a lot cleaner than the acetone it's still not perfectly clean there is some microscopic stuff dissolved in it and if i allow it to dry on the surface of my chip then it's going to leave behind a little residue that will show up in my photographs to fix that i use computer air duster and with my tweezers i hold the dye in place

as i do a burst of air from the side this causes all of the isopropyl alcohol to fly off the side taking its dissolved stuff with it and that gives me a clean dye that i can photograph if this step messes up or if i don't use clean tweezers or if like dirt from the surrounding area or maybe a moth comes in and flies onto it i've not ruined everything i just have less clear photographs so many of these stages can be skipped if you just need to quickly know answer some small question like does the chip have mask rom visible from the surface at this point i use a better microscope this microscope is still a cheaper model

it's an m scope it's about yay tall it has two binoculars for my eyes and then it has a third trinocular adapter for a camera this is a usbc camera that runs straight to my desktop and i have a hot key whenever i hit the power button on my sun type 6 keyboard it snaps a photograph and stores that as part of the set at low magnification sometimes you can fit the entire chip within view but we want like crazy details we would rather have an image of a size that we could blow up to fill an entire wall rather than of a size that you know is napkin or book sized so the way to do that is just to switch to the

higher magnification lens within the microscope and as we do that we have the problem that we only get to see one corner of the chip and not everything is in focus over here on the the far right side the focus is off so what we can do is we can move around right if i move the microscope a little bit to the right i get another view and if i move it a bit further i get a third view jumping back to the far left here we can start stacking these images together right because these three are the same chip just shown in different positions so if we photograph the entire chip that way we can overlap them in order to

create a single panorama with the entire chip in view doing this manually works fine for a chip like this where i can fit the entire width in only three photographs but it is excruciating for larger chips that require many different many different steps so there's this computer program called hug in huggin is a graphical user interface for another package called pano tools and hug in has looked at all of the images in my collection and all of these little points that you see highlighted are the same point between the left image and the right image even though the left image and the right image are at different locations and so huggin is able to identify all of

these overlapping points and crunch the numbers together and then throw out the ones that are false positives or poor matches and if it works out right it can then take all of the different photos that i've taken maybe 100 of them maybe 500 and it can stitch them into a single composite image of very high resolution where i can zoom in on any details that i need or or see any piece of the chip conveniently and you can recognize a few details of this from the surface like on the bottom you see that some of those little squares have a circle in them and some of them don't those are bonding pads and anything with

a circle on it has had a bonding wire ripped off anything without a circle never had a connection so maybe if we touch a needle to one of those we can access a special test mode of the chip that was used during manufacturing but never packaged on this particular chip there was a second die that would sit in the middle and this upper row on the bottom would connect to that second die while the bottom row would connect to the outside of the physical packaging so we might be able to tap the communication between the two dice within this package by touching needles to one and not to the other we also see those like

octagons in the the top right those are inductors that tells us that this is a radio chip and not a simple microcontroller but sometimes we need to see beneath the surface so the next experiment we're going to do is um using rust stain remover this is um like three percent hydrofluoric acid um do any of you watch breaking bad do you remember in the first season when uh he kills the bad guy in his basement and they have to get rid of the body so he brings some chemical jugs home from uh the high school that he works at and dissolves the bodies on them that's hydrofluoric acid it is not true that it would dissolve the whole body but it

would dissolve the bathtub so they got the math half right um because it dissolves glass you need to use a plastic beaker for this um of a particular sort that can handle the the temperatures and um the reason why we do this uh this is a surface photograph of a chip from a blood glucose sensor if you're diabetic and you want to check your insulin without having to stab your finger you can put one of these things on your shoulder and then you can tap it with your phone and your phone will ask this chip what your blood glucose is um it's a medical god send especially um you know for stubborn patients who don't

want to deal with finger pricking um but if you look at the surface of it you see that it's like kind of faint and blurry and if you zoom all the way in you can see that there's this pattern of like little metal dots and this pattern is a fill layer in order to have you know fewer gaps on the surface smart cards will go a step further and all of this metal will be connected into a crazy maze so that the maze can't be broken while keeping the chip functional for photography we've already broken the chip we've already removed all of the bonding wires but we want to know what's beneath the surface so this is the chip at the top

and if we boil it in hydrofluoric acid for like five minutes we can remove that top layer and begin to see more organs of the chip we can now see where the rom is we can see where the s-ram is this chip has a crazy non-volatile memory called fram and we can also identify that visually and you can see uh pieces of it like if i flip between them some of these large areas are completely invisible from the surface some of these big rectangles and then as i jump down they become visible and if i go just a bit further they become really well separated and i can now see that like the the cpu is

probably that t on the right and that the um the memories are in different locations and this lets me understand more about the chip that i'm working with at the extreme end of this is reverse engineering the um uh the gate structure of the chip uh which i've not done firsthand but which you can find in literature for um like the the myfair classic had its cryptography reverse engineered this is a an nxp rfid tag used for building access uh karsten knoll and starbug and uh henrik platz and a few other fine people they they took these de-layered photographs of that rfid tag and they were able to reverse engineer the proprietary cryptographic algorithm used

by the tag in order to recover the keys of all of the tags and break that system so this is great if you're trying to photograph a dead thing if you're trying to see what what used to be there and then get rid of it our final experiment for today is going to involve the stronger acid this is red fuming nitric acid this is at least 90 percent nitric acid this is at most 2 percent water when you open this bottle there is like a mist of uh acid fumes that come out of it um this is the one that you really want the gloves on for and use latex gloves do not use nitrile gloves

not the blue ones the blue ones will catch on fire if you put three drops of this stuff on them this is our friendly neighborhood fortesa card trademarked by the nsa i think in the mid 90s you would use this for secure telephones you would have a pcmcia slot on the side of the phone you would insert your card you would know your pin number and this would allow you to make secret phone calls you could also plug it into your laptop and your laptop could use it to send secret emails all of these cards have long died they depended upon a battery that would back up ram in order to hold the keys so as

the batteries died all of the keys died with them a fellow who also does chip photography by the name of john mcmaster just sent me a giant box of them and i'm going to see if i can get the code out or or something fun with them but for today we're going to use this as our target example so this is the pcmc card with the metal packaging removed you can see the the card slot on the right which is what we connect to the laptop motherboard and this big microtronics chip the myk-82 by vlsi semiconductor this is the secret sauce chip and you can see there's an arm logo in the corner of the chip that's how we

know that this contains a cpu in order to live decap this we first heat it up on the hot plate and then we take some of the red fuming nitric acid and we move it to a beaker using the the large pipet this is the last time that i will use the large pipette because the small pipette with a very teeny tip allows me to put very little acid onto my target when i first started doing this i would use a metal mask using um like metal duct tape i stopped doing that because i found that it was easier to just put a very little amount of acid in the center of the chip patiently wait for it to

drill down and then wash it off with acetone so we take just the tiniest bit out you can see the the yellow in the pipette is very very little and then i put just a single smallest possible drop and this drop has to come directly from the tip like you would use in a fountain pen this can't be a drop that builds up and then falls off of the tip because that will be too much acid um i let it sit there and sort of bubble away for just a second and then i move the board over to a large beaker and i squirt acetone out of my squirt gun bottle at it and you can see the the acetone sort of

running down the side of it um the boiling point of acetone is very low so as i squirt the stuff out the board still dries off very quickly and i'm not leaving behind any residue you can see that the there's this little circle in the center and that the vlsi logo is damaged um this acid has torn away that small bit of the packaging of the chip while leaving everything else intact all of the other pins are intact there is no rust elsewhere on the board there is no damage i keep repeating this i keep putting just the tiniest bit in to fill that cavity that i'm drilling down under heat i wait for that cavity to

expand and then i put more onto it and with each step the circle grows a little bit wider and a little bit deeper um and eventually we start seeing stuff inside this piece here is actually a copper ground plane i don't know whether it's a security feature or whether it's a coincidence but the dye in this chip is actually stored upside down this does become a good demonstration though for why the copper metal on the top of the chip is not damaged by the red female nitric acid in this photo i've only used red fuming nitric if i then put a little drop of the 65 nitric it starts changing color becoming less shiny and if i leave that drop there

it boils in this green color which as i told you before indicates that metal is breaking apart and then forming compounds with the acid and if i go far enough through this using red nitric again this little glass here is the back side of the microchip which has none of the interesting details but we'll do things like allow infrared light to leak out so you can run the chip in a dark room under a microscope and then record the the session in infrared light in order to see which pieces are lighting up a fellow by the name of dimitri no nasal does some experiments with that i can then repeat this on the sram chip u4 down in this corner in

order to expose it but what i really want is the top of the vlsi chip to see that that same picture in the glass so i turn it upside down you can see here that the secret government chip was made in taiwan and then i repeat the the same experiment i put a tiny amount of acid in the middle of it i allow that to boil up i wash it off with acetone this forms like a little cavity and then as i repeat this eventually the dye is exposed and now i've got the functioning microchip visible from the surface without damaging any of the bonding wires or breaking the chip or its functionality

these experiments are not so useful on their own or without combining it with something else so you might want photographs of a chip in order to know what model number it is many times when you're taking something apart you'll find a black epoxy blob on the board with no package that has a part number but you still need to know what's inside and this sort of chemistry can answer that question for you you can also you also sometimes find a chip that is locked and you're not allowed to read the firmware out of it by removing the lid of the package and shining a light in either a laser at some particular area or by hitting a

camera flash the entire thing you can confuse the flip-flops that record the state of whether or not you're allowed to read the memory out of the chip and by knocking them loose you can then freely read the firmware out and get a copy of like the firmware to protected medical equipment you can stick needles into the chip they make these micro positioner probes that have like an etched tungsten needle coming off the edge of them and they have little knobs that you turn in order to move that needle around the chip and touch a particular area and then they have an amplifier so that you can see that signal on your oscilloscope even though that signal never was

supposed to have been brought out of the chip if you can touch an address or a data line this way you can then leak memory out of the chip or sort of watch as it's doing its thinking um and uh it's a hell of a lot of fun to be able to do this um i got out of this hobby for 10 years and i recently got back into it i converted my upstairs kitchen uh all of the all of the photos that you've seen today and all of the uh techniques are from my home lab so um and this is nacho he's nacho cat um thank you for your time and attention and if you have any questions um

i'd like to hear them and i've also got a couple of books to give away of um pocket gtfo from no starts press yes oh um so so the question was how did i discover all of this um very little of this is entirely new work um most of this i've learned from books or from discussions with other people chris tarnowski and brookhill helped me out when i was getting started and john mcmaster helped me get back into this hobby after i left it and all of my tools in storage the the proper technical name for this in forward engineering as opposed to reverse engineering it's called failure analysis and you can find books on failure

analysis chemistry that walk you through all of these procedures but they sort of assume that you're going to have a very well-funded lab to do it in and so they don't answer such questions as like what's the best equipment to purchase by ebay or which chemicals can i get at the home depot questions which are important if you're trying to do this at home so yes why can't you use a plastic or sorry a metal applique instead of the plastic pipette to gently apply the higher strength acid to d-cap so it's not that the acid has no reaction against the metal it's the the reaction becomes buffered by the initial reaction sort of like stainless steel and atmosphere um the

surface of stainless steel is a very fine layer of rust um which is why like and same for um aluminum so if you put gallium or mercury on top of aluminum you can rust it all to hell similarly the the pipette the plastic one has no reaction against the acid i can leave a pipet sitting in the acid for a week come back and none of it has been damaged for metal it buffers enough that i'm not going to damage the wires during any individual reaction but if i were to like forget that i had the acid there and i would leave it then eventually the water from the atmosphere would be enough of a catalyst to melt a metal

pipette yes so so for light camera flash everything just booms uh but with a laser how how accurate can you get uh as in can you touch a single transistor or is it right so the and again the signal transistor thing is something that i've read about but not done firsthand um in cmos you basically have one transistor that is pulling the voltage high and another that pulls it low and you balance all of these so that they don't conflict with each other the easiest thing that you can do with a laser focus through a microscope is you can hit the transistor that is supposed to not be conducting and then it will conduct a little bit

and you will be wasting electricity between high and low voltage there's a fellow by the name of sergey so i hope that i'm pronouncing that right he did a dissertation on um on these sort of like semi-invasive photovoltaic attacks where you have opened up the packaging invasively but you are um you're not sticking any needles in you're only shining light in as for light against the whole package you are damaging or you are damaging the state of like half the flip-flops s-ram will sometimes go wonky um you have to arrange it so that when everything gets scrambled the piece that you wanted to hit also flips over and then you can correct everything else so in in my case

for using that technique against an msp430 that allowed me to connect to debugger and then through the debugger i was able to like reset all of the values that i needed for the flash memory to work and all of the other configurations that i owe cool um yes any other questions uh yes yes is there any that this won't work on or will it work on most of them so the question was is there any chip that this won't work on um there are chips that i've read about which will include like a mems function like an accelerometer and then if the mems you know micro electron micro electrical mechanical systems they're really tiny and fragile

and the acids that i'm using might damage that as i'm taking the chip apart so you can use that as a sort of sensor you can also include um like a photo transistor in order to intentionally recognize the background light i've read about these being in smart cards but most of my practical experience has been with consumer microcontrollers which do not include these features because they would decrease the reliability and increase the cost of the chip without providing any advantage to the manufacturer so defenses against this are possible but they're rare even the microtronics chip that i showed you know it has the die upside down but it has nothing else that i've found that tries

to make it hard to take apart so yes [Music] excellent question no i'm a bit lazy about that i i use um i boil it off where i use baking soda what was the question oh the question was do i use any bases to react against the acid in order to make it neutral before disposing of it for a spill i drown and drown the finger in soap and i cuss like a sailor um it is important to know the difference the 65 nitric it's like um it numbs your nerves before it starts melting your flesh so if you spill some of it it's like a little tingly feeling but it doesn't actually hurt until the next day when a

big chunk of your finger is gone and when you start using latex gloves with it you'll notice that they turn yellow which is all of the acid that you would have gotten on your fingers if you hadn't used the gloves and that's why it's important to use these safety things ritualistically rather than only when you expect that you're doing something dumb as um it's the the hold my beer principle of safety so how how do you want to give away these books all right ask some questions you want to do some challenges or um so so those are for a different thing oh these are for different these are for the uh the lock picking challenge okay

um the kid in the black hills shirt if you could pass this back to him and um i've got volumes two and three who would like each yes and one more all right if you could pass that to him so that i don't uh gentlemen in the besides maroon b-sides t-shirt which b-sides is that tampa i like it i like the pirate theme cool and that's the end of my show thank you for your time and attention [Applause]