| 1 |
On Sun, Jun 17, 2012 at 1:34 PM, Sascha Cunz <sascha-ml@×××××××××.org> wrote: |
| 2 |
> |
| 3 |
> Given the fact that the keys in the BIOS must somehow get there and it must |
| 4 |
> also be able to update them (how to revoke or add keys else?). |
| 5 |
|
| 6 |
Based on what I've read the keys are stored in flash. The flash |
| 7 |
module itself is protected. There are a number of ways to implement |
| 8 |
something like this fairly securely. The simplest is to have an |
| 9 |
unprotected area of the flash that the OS can write to. Upon bootup |
| 10 |
the firmware looks in this area for a signed message. If the message |
| 11 |
is signed by a trusted source, then the firmware interprets it as |
| 12 |
instructions to update itself, add/remove keys, or whatever. Then |
| 13 |
before booting the OS the firmware sets the protect flag on the |
| 14 |
protected area of flash that is only unset by a hardware reset. |
| 15 |
|
| 16 |
The only software exploit against something like this is to find a bug |
| 17 |
in the code that inspects the flash (overflow/etc) to trick it into |
| 18 |
running an unsigned blob. There are also hardware attacks, like |
| 19 |
bypassing flash protection hardware, directly accessing flash, or |
| 20 |
controlling what shows up on the data bus when the CPU tries to read |
| 21 |
the firmware. Any of these can be made fairly difficult, and extreme |
| 22 |
case being how modern gaming consoles work (flash embedded in CPU, and |
| 23 |
so on). |
| 24 |
|
| 25 |
> |
| 26 |
> Unless this is completely done in hardware, there must be a software doing it. |
| 27 |
> Software can - by design - be reverse engineered; in some countries even |
| 28 |
> legally without any further agreement or license. |
| 29 |
|
| 30 |
With the scheme above no software need be distributed that contains |
| 31 |
any information useful for anything other than a replay attack. The |
| 32 |
blob would be signed prior to distribution. You could read the code |
| 33 |
that loads it into the flash, but that need not be kept secret. You |
| 34 |
can load whatever you want into the flash and it won't matter unless |
| 35 |
it is signed. |
| 36 |
|
| 37 |
If the hardware is fancy enough you could even update settings without |
| 38 |
having to reboot, and again unless the hardware isn't done right |
| 39 |
you're not going to be able to get around it without tapping |
| 40 |
busses/etc. |
| 41 |
|
| 42 |
Rich |
Archives