Book description
Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks.
Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget.
You’ll learn:
•How to model security threats, using attacker profiles, assets, objectives, and countermeasures
•Electrical basics that will help you understand communication interfaces, signaling, and measurement
•How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips
•How to use timing and power analysis attacks to extract passwords and cryptographic keys
•Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization
Whether you’re an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource – one you’ll always want to have onhand.
Table of contents
- Title Page
- Copyright
- Dedication
- About the Authors
- Foreword
- Acknowledgments
- Introduction
- Chapter 1: Dental Hygiene: Introduction to Embedded Security
- Chapter 2: Reaching Out, Touching Me, Touching You: Hardware Peripheral Interfaces
- Chapter 3: Casing the Joint: Identifying Components and Gathering Information
- Chapter 4: Bull in a Porcelain Shop: Introducing Fault Injection
- Chapter 5: Don’t Lick the Probe: How to Inject Faults
- Chapter 6: Bench Time: Fault Injection Lab
- Chapter 7: X Marks the Spot: Trezor One Wallet Memory Dump
- Chapter 8: I’ve Got the Power: Introduction to Power Analysis
- Chapter 9: Bench Time: Simple Power Analysis
- Chapter 10: Splitting the Difference: Differential Power Analysis
- Chapter 11: Gettin’ Nerdy with It: Advanced Power Analysis
- Chapter 12: Bench Time: Differential Power Analysis
- Chapter 13: No Kiddin’: Real-Life Examples
- Chapter 14: Think of the Children: Countermeasures, Certifications, and Goodbytes
-
Appendix A: Maxing Out Your Credit Card: Setting Up a Test Lab
- Checking Connectivity and Voltages: $50 to $500
- Fine-Pitch Soldering: $50 to $1,500
- Desoldering Through-Hole: $30 to $500
- Soldering and Desoldering Surface Mount Devices: $100 to $500
- Modifying PCBs: $5 to $700
- Optical Microscopes: $200 to $2,000
- Photographing Boards: $50 to $2,000
- Powering Targets: $10 to $1,000
- Viewing Analog Waveforms (Oscilloscopes): $300 to $25,000
- Viewing Logic Waveforms: $300 to $8,000
- Triggering on Serial Buses: $300 to $8,000
- Decoding Serial Protocols: $50 to $8,000
- CAN Bus Sniffing and Triggering: $50 to $5,000
- Ethernet Sniffing: $50
- Interacting Through JTAG: $20 to $10,000
- PCIe Communication: $100 to $1,000
- USB Sniffing: $100 to $6,000
- USB Triggering: $250 to $6,000
- USB Emulation: $100
- SPI Flash Connections: $25 to $1,000
- Power Analysis Measurements: $300 to $50,000
- Triggering on Analog Waveforms: $3,800+
- Measuring Magnetic Fields: $25 to $10,000
- Clock Fault Injection: $100 to $30,000
- Voltage Fault Injection: $25 to $30,000
- Electromagnetic Fault Injection: $100 to $50,000
- Optical Fault Injection: $1,000 to $250,000
- Positioning Probes: $100 to $50,000
- Target Devices: $10 to $10,000
- Appendix B: All Your Base Are Belong to Us: Popular Pinouts
- Index
Product information
- Title: The Hardware Hacking Handbook
- Author(s):
- Release date: December 2021
- Publisher(s): No Starch Press
- ISBN: 9781593278748
You might also like
book
The Web Application Hacker's Handbook, 2nd Edition
The highly successful security book returns with a new edition, completely updated Web applications are the …
book
Hacking: The Art of Exploitation, 2nd Edition
Hacking is the art of creative problem solving, whether that means finding an unconventional solution to …
book
Code: The Hidden Language of Computer Hardware and Software, 2nd Edition
Computers are everywhere --- most obviously in our laptops and smartphones, but also our cars, televisions, …
book
Hands on Hacking
A fast, hands-on introduction to offensive hacking techniques Hands-On Hacking teaches readers to see through the …