tcmay@got.net (Timothy C. May) writes:

The surface layers above the active portion of a chip can be stripped away and chip remains functional. This includes the outer packaging layers (epoxy, or of course, ceramic with metal lids) and parts of the so-called "scratch protection," usually a type of silicate glass.

The active capacitors are not affected by removal of these layers.

True, but removing packaging materials and protective layers is a long way from imaging the charges tunneled to and from the floating gates of EEPROM cells, which is the particular application we are discussing. Also bear in mind that in a real device, the tamper-resistant packaging will be considerably more intractable than conventional semiconductor packaging, and these devices are often designed to automatically erase all data if signs of tampering are detected.

Actually, we did it all the time in my lab at Intel, and I understand from my former co-workers that the technology has only gotten better. (This does not mean voltage contrast is easy. For one thing, modern chips have 3-5 metal layers, due to spectacular advances in chem-mechanical polishing, and each metal layer acts as a ground plane shielding the lower layers from visibility and inspection with electron beams.

Yes. This is truely impressive technology which continues to improve with leaps and bounds. SEM/TEM/STEM voltage-contrast techniques are a major tool for failure analysis of semiconductor devices, and AFM instruments can do voltage measurements on running devices down to nanometer and picosecond resolutions.

And EPROM and EEPROM cells are effectively impossible to analyze, for various reasons.)

Correct. Which is one of the reasons why they are currently the favored mode of storage for smart card applications.

This does not mean I think reverse-engineering of smart cards or satellite boxes is easy.

While I don't necessarily disagree with Perry that sufficiently advanced technology can reverse-engineer almost anything (the kind of advanced technology that is indistinguishable from magick), I think there are practical engineering difficulties in doing such things today which are either insurmountable or at the very least a strong indication that there are better ways to approach the problem.

SQUIDs won't do it, either.

At the risk of offending Mr. Squid, I must say that SQUIDs were a big disappointment given the initial hype and expended research funds. BTW, I attempted to read all your writings on "Tamper-Resistant Modules" in the list archives, but as fate would have it, hks.net has taken the archives offline for a few days to do some sort of upgrade. I did get this very nice Cyber Wallet thing off their Web Page, however, which uses "DES and Full 768 Bit RSA." Although I must admit I'm not exactly sure what "full" means in this particular context. :) -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $