Hardware Hacking Handbook

The Hardware Hacking Handbook

Breaking Embedded Security with Hardware Attacks
by Colin O'Flynn and Jasper van Woudenberg
November 2021, 300 pp.
ISBN-13: 
9781593278748

Use coupon code PREORDERHARDWARE to get 30% off!


Look Inside!

The Hardware Hacking Handbook Page 22-23The Hardware Hacking Handbook pages 78-79The Hardware Hacking Handbook page 102 and 103The Hardware Hacking Handbook pages 122 and 123

Download Chapter 8: I’VE GOT THE POWER...


Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks.

Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget.

You’ll learn:

  • How to model security threats, using attacker profiles, assets, objectives, and countermeasures
  • Electrical basics that will help you understand communication interfaces, signaling, and measurement
  • How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips
  • How to use timing and power analysis attacks to extract passwords and cryptographic keys
  • Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization

Whether you’re an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource – one you’ll always want to have onhand.

Author Bio 

Colin O’Flynn runs NewAE Technology, Inc., a startup that designs tools and equipment to teach engineers about embedded security. He started the opensource ChipWhisperer project as part of his PhD research and was previously an assistant professor with Dalhousie University, where he taught embedded systems and security. He lives in Halifax, Canada, and you can find his dogs featured in many of the products developed with NewAE.

Jasper van Woudenberg has been involved in embedded device security on a broad range of topics: finding and helping fix bugs in code that runs on hundreds of millions of devices, using symbolic execution to extract keys from faulted cryptosystems, and using speech recognition algorithms for side-channel trace processing. Jasper is a father of two, husband of one, and CTO of Riscure North America. He lives in California, where he likes to bike mountains and boardsnow. The family cat tolerates him but is too cool for Twitter.

Table of contents 

Introduction
Chapter 1: Dental Hygiene: Introduction to Embedded Security
Chapter 2: Reaching Out, Touching Me, Touching You: Hardware Peripheral Interfaces

Chapter 3: Casing the Joint: Identifying Components and Gathering Information
Chapter 4: Bull in a China Shop: Introducing Fault Injection
Chapter 5: Don’t Lick the Probe: How to Inject Faults
Chapter 6: Bench Time: Fault Injection Lab
Chapter 7: X Marks the Spot: EMFI Memory Dumping of Trezor
Chapter 8: I’ve Got the Power: Introduction to Power Analysis

Chapter 9: Bench Time: Simple Power Analysis
Chapter 10: Splitting the Difference: Differential Power Analysis
Chapter 11: Advanced Power Analysis
Chapter 12: A DPA/SCA Lab: Breaking an AES-256 Bootloader
Chapter 13: No Kiddin’: Real-Life Examples
Chapter 14: Think of the Children: Countermeasures, Certifications, and Goodbytes
Appendix A: Maxing Out Your Credit Card: Setting Up a Test Lab
Appendix B: All Your Base Are Belong to Us: Popular Pinouts

The chapters in red are included in this Early Access PDF.