دانلود کتاب The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks

فهرست مطالب :

Contents
1: Dental Hygiene: Introduction to Embedded Security
Hardware Components
Software Components
Initial Boot Code
Bootloader
Trusted Execution Environment OS and Trusted Applications
Firmware Images
Main Operating System Kernel and Applications
Hardware Threat Modeling
What Is Security?
The Attack Tree
Profiling the Attackers
Types of Attacks
Software Attacks on Hardware
PCB-Level Attacks
Logical Attacks
Noninvasive Attacks
Chip-Invasive Attacks
Assets and Security Objectives
Confidentiality and Integrity of Binary Code
Confidentiality and Integrity of Keys
Remote Boot Attestation
Confidentiality and Integrity of Personally Identifiable Information
Sensor Data Integrity and Confidentiality
Content Confidentiality Protection
Safety and Resilience
Countermeasures
Protect
Detect
Respond
An Attack Tree Example
Identification vs. Exploitation
Scalability
Analyzing the Attack Tree
Scoring Hardware Attack Paths
Disclosing Security Issues
Summary
2: Reaching Out, Touching Me, Touching You: Hardware Peripheral Interfaces
Electricity Basics
Voltage
Current
Resistance
Ohm’s Law
AC/DC
Picking Apart Resistance
Power
Interface with Electricity
Logic Levels
High Impedance, Pullups, and Pulldowns
Push-Pull vs. Tristate vs. Open Collector or Open Drain
Asynchronous vs. Synchronous vs. Embedded Clock
Differential Signaling
Low-Speed Serial Interfaces
Universal Asynchronous Receiver/Transmitter Serial
Serial Peripheral Interface (SPI)
Inter-IC Interface (I2C)
Secure Digital Input/Output and Embedded Multimedia Cards
CAN Bus
JTAG and Other Debugging Interfaces
Parallel Interfaces
Memory Interfaces
High-Speed Serial Interfaces
Universal Serial Bus
PCI Express
Ethernet
Measurement
Multimeter: Volt
Multimeter: Continuity
Digital Oscilloscope
Logic Analyzer
Summary
4: Bull in a PORCELAIN Shop: Introducing Fault Injection
Faulting Security Mechanisms
Circumventing Firmware Signature Verification
Gaining Access to Locked Functionality
Recovering Cryptographic Keys
An Exercise in OpenSSH Fault Injection
Injecting Faults into C Code
Injecting Faults into Machine Code
Fault Injection Bull
Target Device and Fault Goal
Fault Injector Tools
Target Preparation and Control
Fault Searching Methods
Discovering Fault Primitives
Searching for Effective Faults
Search Strategies
Analyzing Results
Summary
6: Bench Time: Fault Injection Lab
Act 1: A Simple Loop
A BBQ Lighter of Pain
Act 2: Inserting Useful Glitches
Crowbar Glitching to Fault a Configuration Word
Mux Fault Injection
Act 3: Differential Fault Analysis
A Bit of RSA Math
Getting a Correct Signature from the Target
Summary
7: X Marks the Spot: Trezor One Wallet Memory Dump
Attack Introduction
Trezor One Wallet Internals
USB Read Request Faulting
Disassembling Code
Building Firmware and Validating the Glitch
USB Triggering and Timing
Glitching Through the Case
Summary
8: I’ve Got the Power: Introduction to Power Analysis
Timing Attacks
Hard Drive Timing Attack
Power Measurements for Timing Attacks
Simple Power Analysis
Applying SPA to RSA
Applying SPA to RSA, Redux
SPA on ECDSA
Summary