Elementary Secondary Higher Ed Common Reads
0 0
Download high-resolution image Look inside

The Hardware Hacking Handbook

Breaking Embedded Security with Hardware Attacks

Author Jasper van Woudenberg, Colin O'Flynn
Look inside
Paperback
$49.99 US
No Starch | No Starch Press
On sale Dec 21, 2021 | 512 Pages | 9781593278748
Add to cart Add to list Exam Copies

See Additional Formats
The Hardware Hacking Handbook takes you deep inside embedded devices to show how different kinds of attacks work, then guides you through each hack on real hardware.

Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks.

Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget.
 
You’ll learn:
  • How to model security threats, using attacker profiles, assets, objectives, and countermeasures
  • Electrical basics that will help you understand communication interfaces, signaling, and measurement 
  • How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips 
  • How to use timing and power analysis attacks to extract passwords and cryptographic keys
  • Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization

    • Whether you’re an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource – one you’ll always want to have onhand.
    Introduction
    Chapter 1: Dental Hygiene: Introduction to Embedded Security
    Chapter 2: Reaching Out, Touching Me, Touching You: Hardware Peripheral Interfaces
    Chapter 3: Casing the Joint: Identifying Components and Gathering Information
    Chapter 4: Bull in a China Shop: Introducing Fault Injection
    Chapter 5: Don’t Lick the Probe: How to Inject Faults
    Chapter 6: Bench Time: Fault Injection Lab
    Chapter 7: X Marks the Spot: EMFI Memory Dumping of Trezor
    Chapter 8: I’ve Got the Power: Introduction to Power Analysis
    Chapter 9: Bench Time: Simple Power Analysis
    Chapter 10: Splitting the Difference: Differential Power Analysis
    Chapter 11: Advanced Power Analysis
    Chapter 12: A DPA/SCA Lab: Breaking an AES-256 Bootloader
    Chapter 13: No Kiddin’: Real-Life Examples
    Chapter 14: Think of the Children: Countermeasures, Certifications, and Goodbytes
    Appendix A: Maxing Out Your Credit Card: Setting Up a Test Lab
    Appendix B: All Your Base Are Belong to Us: Popular Pinouts
    Jasper van Woudenberg is the CTO of Riscure North America. He has been involved in embedded device security on a broad range of topics, including finding and helping fix bugs in code that runs on hundreds of millions of devices, using symbolic execution to extract keys from faulted cryptosystems, and using speech recognition algorithms for side channel trace processing. Jasper is a father of two and husband of one and lives in California, where he likes to bike mountains and board snow. He has a cat that tolerates him but is too cool for Twitter.

    Colin O'Flynn runs NewAE Technology Inc., a startup designing tools and equipment to teach engineers about embedded security. He started the open-source ChipWhisperer project as part of his PhD, and was previously an assistant professor with Dalhousie University teaching embedded systems and security. He lives in Halifax, Canada, and you can find his dogs featured in many of the products developed with NewAE.
    Jasper van Woudenberg View titles by Jasper van Woudenberg
    Colin O'Flynn View titles by Colin O'Flynn

    About

    The Hardware Hacking Handbook takes you deep inside embedded devices to show how different kinds of attacks work, then guides you through each hack on real hardware.

    Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks.

    Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget.
     
    You’ll learn:
  • How to model security threats, using attacker profiles, assets, objectives, and countermeasures
  • Electrical basics that will help you understand communication interfaces, signaling, and measurement 
  • How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips 
  • How to use timing and power analysis attacks to extract passwords and cryptographic keys
  • Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization

    • Whether you’re an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource – one you’ll always want to have onhand.

    Table of Contents

    Introduction
    Chapter 1: Dental Hygiene: Introduction to Embedded Security
    Chapter 2: Reaching Out, Touching Me, Touching You: Hardware Peripheral Interfaces
    Chapter 3: Casing the Joint: Identifying Components and Gathering Information
    Chapter 4: Bull in a China Shop: Introducing Fault Injection
    Chapter 5: Don’t Lick the Probe: How to Inject Faults
    Chapter 6: Bench Time: Fault Injection Lab
    Chapter 7: X Marks the Spot: EMFI Memory Dumping of Trezor
    Chapter 8: I’ve Got the Power: Introduction to Power Analysis
    Chapter 9: Bench Time: Simple Power Analysis
    Chapter 10: Splitting the Difference: Differential Power Analysis
    Chapter 11: Advanced Power Analysis
    Chapter 12: A DPA/SCA Lab: Breaking an AES-256 Bootloader
    Chapter 13: No Kiddin’: Real-Life Examples
    Chapter 14: Think of the Children: Countermeasures, Certifications, and Goodbytes
    Appendix A: Maxing Out Your Credit Card: Setting Up a Test Lab
    Appendix B: All Your Base Are Belong to Us: Popular Pinouts

    Author

    Jasper van Woudenberg is the CTO of Riscure North America. He has been involved in embedded device security on a broad range of topics, including finding and helping fix bugs in code that runs on hundreds of millions of devices, using symbolic execution to extract keys from faulted cryptosystems, and using speech recognition algorithms for side channel trace processing. Jasper is a father of two and husband of one and lives in California, where he likes to bike mountains and board snow. He has a cat that tolerates him but is too cool for Twitter.

    Colin O'Flynn runs NewAE Technology Inc., a startup designing tools and equipment to teach engineers about embedded security. He started the open-source ChipWhisperer project as part of his PhD, and was previously an assistant professor with Dalhousie University teaching embedded systems and security. He lives in Halifax, Canada, and you can find his dogs featured in many of the products developed with NewAE.
    Jasper van Woudenberg View titles by Jasper van Woudenberg
    Colin O'Flynn View titles by Colin O'Flynn

    Additional formats

    Related Articles

    Books for National Depression Education and Awareness Month
    Psychology

    Books for National Depression Education and Awareness Month

    For National Depression Education and Awareness Month in October, we are sharing a collection of titles that educates and informs on depression, including personal stories from those who have experienced depression and topics that range from causes and symptoms of depression to how to develop coping mechanisms to battle depression.

    Read more

    Books for National Depression Education and Awareness Month

    Psychology
    Literature

    Horror Titles for the Halloween Season

    In celebration of the Halloween season, we are sharing horror books that are aligned with the themes of the holiday: the sometimes unknown and scary creatures and witches. From classic ghost stories and popular novels that are celebrated today, in literature courses and beyond, to contemporary stories about the monsters that hide in the dark, our list

    Read more

    Horror Titles for the Halloween Season

    Literature
    History Gender and Sexuality Studies

    Books for LGBTQIA+ History Month

    For LGBTQIA+ History Month in October, we’re celebrating the shared history of individuals within the community and the importance of the activists who have fought for their rights and the rights of others. We acknowledge the varying and diverse experiences within the LGBTQIA+ community that have shaped history and have led the way for those

    Read more

    Books for LGBTQIA+ History Month

    History Gender and Sexuality Studies
    Subscribe

    Penguin Random House Higher Education

    © 2025 Penguin Random House

    Back to Top
    0
    • 0
    Wish List (0)