The Hardware Hacking Handbook takes you deep inside embedded devices to show how different kinds of attacks work, then guides you through each hack on real hardware. Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks. Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget. You’ll learn: • How to model security threats, using attacker profiles, assets, objectives, and countermeasures • Electrical basics that will help you understand communication interfaces, signaling, and measurement • How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips • How to use timing and power analysis attacks to extract passwords and cryptographic keys • Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization Whether you’re an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource – one you’ll always want to have onhand. Contents 1: Dental Hygiene: Introduction to Embedded Security Hardware Components Software Components Initial Boot Code Bootloader Trusted Execution Environment OS and Trusted Applications Firmware Images Main Operating System Kernel and Applications Hardware Threat Modeling What Is Security? The Attack Tree Profiling the Attackers Types of Attacks Software Attacks on Hardware PCB-Level Attacks Logical Attacks Noninvasive Attacks Chip-Invasive Attacks Assets and Security Objectives Confidentiality and Integrity of Binary Code Confidentiality and Integrity of Keys Remote Boot Attestation Confidentiality and Integrity of Personally Identifiable Information Sensor Data Integrity and Confidentiality Content Confidentiality Protection Safety and Resilience Countermeasures Protect Detect Respond An Attack Tree Example Identification vs. Exploitation Scalability Analyzing the Attack Tree Scoring Hardware Attack Paths Disclosing Security Issues Summary 2: Reaching Out, Touching Me, Touching You: Hardware Peripheral Interfaces Electricity Basics Voltage Current Resistance Ohm’s Law AC/DC Picking Apart Resistance Power Interface with Electricity Logic Levels High Impedance, Pullups, and Pulldowns Push-Pull vs. Tristate vs. Open Collector or Open Drain Asynchronous vs. Synchronous vs. Embedded Clock Differential Signaling Low-Speed Serial Interfaces Universal Asynchronous Receiver/Transmitter Serial Serial Peripheral Interface (SPI) Inter-IC Interface (I2C) Secure Digital Input/Output and Embedded Multimedia Cards CAN Bus JTAG and Other Debugging Interfaces Parallel Interfaces Memory Interfaces High-Speed Serial Interfaces Universal Serial Bus PCI Express Ethernet Measurement Multimeter: Volt Multimeter: Continuity Digital Oscilloscope Logic Analyzer Summary 4: Bull in a PORCELAIN Shop: Introducing Fault Injection Faulting Security Mechanisms Circumventing Firmware Signature Verification Gaining Access to Locked Functionality Recovering Cryptographic Keys An Exercise in OpenSSH Fault Injection Injecting Faults into C Code Injecting Faults into Machine Code Fault Injection Bull Target Device and Fault Goal Fault Injector Tools Target Preparation and Control Fault Searching Methods Discovering Fault Primitives Searching for Effective Faults Search Strategies Analyzing Results Summary 6: Bench Time: Fault Injection Lab Act 1: A Simple Loop A BBQ Lighter of Pain Act 2: Inserting Useful Glitches Crowbar Glitching to Fault a Configuration Word Mux Fault Injection Act 3: Differential Fault Analysis A Bit of RSA Math Getting a Correct Signature from the Target Summary 7: X Marks the Spot: Trezor One Wallet Memory Dump Attack Introduction Trezor One Wallet Internals USB Read Request Faulting Disassembling Code Building Firmware and Validating the Glitch USB Triggering and Timing Glitching Through the Case Summary 8: I’ve Got the Power: Introduction to Power Analysis Timing Attacks Hard Drive Timing Attack Power Measurements for Timing Attacks Simple Power Analysis Applying SPA to RSA Applying SPA to RSA, Redux SPA on ECDSA Summary The Hardware Hacking Handbook Is A Deep Dive Into Embedded Security, Perfect For Readers Interested In Designing, Analysing, And Attacking Devices. You'll Start With A Crash Course In Embedded Security And Hardware Interfaces And Learn How To Set Up A Test Lab. Real-world Examples And Hands-on Labs Throughout Allow You To Explore Hardware Interfaces And Practice Various Attacks. "A deep dive into hardware attacks on embedded systems explained by experts in the field through real-life examples and hands-on labs. Topics include the embedded system threat model, hardware interfaces, various side-channel and fault injection attacks, and voltage and clock glitching"-- Provided by publisher "A deep dive into hardware attacks on embedded systems explained by experts in the field through real-life examples and hands-on labs. Topics include the embedded system threat model, hardware interfaces, various side-channel and fault injection attacks, and voltage and clock glitching"-- Résumé de l'éditeur