The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks

Cover
No Starch Press, 21.12.2021 - 512 Seiten
The Hardware Hacking Handbook takes you deep inside embedded devices to show how different kinds of attacks work, then guides you through each hack on real hardware.

Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks.

Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget.

You’ll learn:
  • How to model security threats, using attacker profiles, assets, objectives, and countermeasures
  • Electrical basics that will help you understand communication interfaces, signaling, and measurement
  • How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips
  • How to use timing and power analysis attacks to extract passwords and cryptographic keys
  • Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization

    • Whether you’re an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource – one you’ll always want to have onhand.
     

    Ausgewählte Seiten

    Inhalt

    Dental Hygiene Introduction to Embedded Security
    		1
    Software Components
    		4
    Types of Attacks
    		12
    Assets and Security Objectives
    		22
    Disclosing Security Issues
    		33
    Reaching Out Touching Me Touching You Hardware Peripheral Interfaces
    		35
    Interface with Electricity
    		39
    LowSpeed Serial Interfaces
    		46
    Splitting the Difference Differential Power Analysis
    		293
    Sexy XORy Example
    		299
    An Advanced Encryption Standard Crash Course
    		308
    Summary
    		322
    Gettin Nerdy with It Advanced Power Analysis
    		323
    Measurements on Real Devices
    		331
    Trace Set Analysis and Processing
    		342
    Summary
    		358

    Parallel Interfaces
    		59
    Summary
    		70
    Casing the Joint Identifying Components and Gathering Information
    		71
    Mapping the PCB
    		102
    Summary
    		118
    Bull in a Porcelain Shop Introducing Fault Injection
    		119
    Fault Injection Bull
    		125
    Fault Searching Methods
    		131
    Summary
    		146
    Dont Lick the Probe How to Inject Faults
    		147
    Voltage Fault Injection
    		158
    Bench Time Fault Injection Lab
    		189
    Differential Fault Analysis
    		215
    Summary
    		222
    X Marks the Spot Trezor One Wallet Memory Dump
    		223
    Ive Got the Power Introduction to Power Analysis
    		245
    Bench Time Simple Power Analysis
    		265
    Chip WhispererNano Example
    		284
    Summary
    		291
    Bench Time Differential Power Analysis
    		361
    Obtaining and Building the Bootloader Code
    		365
    Recovering the IV
    		374
    Attacking the Signature
    		380
    Summary
    		386
    No Kiddin RealLife Examples
    		387
    Power Analysis Attacks
    		393
    Think of the Children Countermeasures Certifications and Goodbytes
    		401
    Countermeasures
    		402
    Industry Certifications
    		420
    Maxing Out Your Credit Card Setting Up a Test Lab
    		425
    50 to 500
    		426
    5 to 700
    		434
    300 to 8000
    		445
    250 to 6000
    		451
    All Your Base Are Belong to Us Popular Pinouts
    		467
    Index
    		471
    Urheberrecht

    Andere Ausgaben - Alle anzeigen

    The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks
    Jasper van Woudenberg,Colin O'Flynn
    Eingeschränkte Leseprobe - 2021
    The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks
    Jasper van Woudenberg,Colin O'Flynn
    Eingeschränkte Leseprobe - 2021
    The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks
    Jasper van Woudenberg,Colin O'Flynn
    Keine Leseprobe verfügbar - 2021

    Häufige Begriffe und Wortgruppen

    algorithm Arduino block boot bootloader bytes capacitor capture Chapter chip ChipWhisperer ChipWhisperer-Nano circuit clock connected correlation countermeasures CPA attack crypto cryptographic cycles debug decryption DRAM ECDSA embedded encryption entropy example fault injection firmware flash flash memory FPGA frequency function glitch Hamming weight header hypervisor implementation injector inout input interface JTAG key guess leakage Listing logic logic analyzer look loop means measure memory microcontroller MOSFET notebook OpenSSH operation oscilloscope output package parameters password perform plaintext power analysis power consumption power supply power trace probe protocol pulse random require reset resistor reverse engineering S-box sample scope serial setup shows side-channel analysis side-channel attack signal signature simple solder specific switching target device tion Trezor trigger typically voltage waveform wires

    Autoren-Profil (2021)

    Jasper van Woudenberg is the CTO of Riscure North America. He has been involved in embedded device security on a broad range of topics, including finding and helping fix bugs in code that runs on hundreds of millions of devices, using symbolic execution to extract keys from faulted cryptosystems, and using speech recognition algorithms for side channel trace processing. Jasper is a father of two and husband of one and lives in California, where he likes to bike mountains and board snow. He has a cat that tolerates him but is too cool for Twitter.

    Colin O'Flynn runs NewAE Technology Inc., a startup designing tools and equipment to teach engineers about embedded security. He started the open-source ChipWhisperer project as part of his PhD, and was previously an assistant professor with Dalhousie University teaching embedded systems and security. He lives in Halifax, Canada, and you can find his dogs featured in many of the products developed with NewAE.

    Bibliografische Informationen

    TitelThe Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks
    AutorenJasper van Woudenberg, Colin O'Flynn
    Ausgabeillustriert
    VerlagNo Starch Press, 2021
    ISBN1593278748, 9781593278748
    Länge512 Seiten
      
    Zitat exportierenBiBTeX EndNote RefMan