3

Can you point me to any book, blog, paper, anything about IT security on the lowest possible level (hardware)? I'm primary interested in the motherboard, CPU & GPU, however, if you know any good reading about network equipment (on this subject), please share.

I'm not interested in how you can hack Wi-fi with aircrack or how to make a buffer overflow script. What I'm interested is, e.g., "This CPU instruction under these circumstances can give you access to this protected data". Or, something like "When you access the motherboard like this, you can bypass the BIOS password".

Jeff Ferland
  • 38,090
  • 9
  • 93
  • 171
StupidOne
  • 2,802
  • 21
  • 35
  • 2
    Something more indepth than say: http://www.amazon.com/Security-Engineering-Building-Dependable-Distributed/dp/0470068523/ref=sr_1_1?ie=UTF8&qid=1315498496&sr=8-1 ? – Steve Sep 08 '11 at 16:15
  • Well, chapters 3 (Protocols) and 4 (Access Control) sound interesting but the book itself seems to be written for managers, not for IT (security) professionals. – StupidOne Sep 08 '11 at 16:34
  • No, it's most definitely written for technical people. – Steve Sep 08 '11 at 17:30
  • Did you read it? I got that impression by looking at table of context. I'm definitely going to buy it (40$ for over 1000 pages book), just not sure is this what I'm looking for. – StupidOne Sep 08 '11 at 17:56
  • 2
    I have read it. It was very in depth in some places, and it glossed over things in some places. It came across as generic enough to still be viable 5-10 years after print for the most part but still technically dense. I *think* it was designed as a textbook. – Steve Sep 08 '11 at 18:16
  • Sounds like a worthwhile answer to me, @SteveS.... – nealmcb Sep 16 '11 at 15:53

2 Answers2

8

Andrew "Bunnie" Huang hacked the XBox by attaching monitoring equipment to the memory bus and reverse engineering security protocols by monitoring the data on the bus. He wrote a paper and a book about it.

Huang, Andrew "Keeping Secrets in Hardware: the Microsoft XBox Case Study."(http://web.mit.edu/bunnie/www/proj/anatak/AIM-2002-008.pdf) AI Memo 2002-008

Huang, Andrew "Bunnie" Hacking the Xbox : an introduction to reverse engineering (Unlimited ed. ed.). San Francisco: No Starch Press. (2003) ISBN 9781593270292

For a discussion of Intel and AMD CPU security functions McCune et al How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution" (2008) is essential reading.

No discussion of hardware security would be complete without discussing FPGAs. Huffmire et al "Moats and drawbridges: An isolation primitive for reconfigurable hardware based systems" (2007) is a great overview of the use of FPGAs in secure systems.

The challenge of building solid hardware security is illustrated in Kocher et al "Differential Power Analysis" (1999). In it they describe a brillant side-channel attack based on power consumption.

On the theory side Lie et al "Specifying and Verifying Hardware for Tamper-Resistant Software" (2003) is a good discussion of adding execute only control to memory to enforce access control.

this.josh
  • 8,843
  • 2
  • 29
  • 51
4

A few thoughts off the top of my head (all googleable):

  • The Windows PatchGuard attack that made use of an alternative page directory (Skywing's many papers on this subject)
  • Look up split-TLB attacks
  • There was a Firewire-based attack on the host a few years go

No time to google or I'd find you the references, but that should get you started.

Steve Dispensa
  • 3,441
  • 16
  • 20