BIOS and Firmware Security
Exploring secure boot mechanisms, trusted hardware, and device protection in transit.
Modern hardware devices are complex systems. There is a complex supply chain involved in their manufacturing process that consists of a set of upstream component originators that are transferred to a set of downstream component users to produce more complex sub-devices and assembled by the final vendor. As a hardware device moves in this supply chain, there is a potential threat of tampering. This is of significant concern since there is an increased emphasis on using trusted hardware devices to provide security services. Even if the software is trusted and bug-free, if it is run on an untrusted device, not many security guarantees can be expected from it. The project assumes that the manufacturer of a product is trusted not to have tampered with the product before sending it downstream. Thus, the protection in transit problem is reduced to the problem of ensuring that the first-time use of a product after it has left the vendor is only by the rightful/authorized immediate downstream user. This is achieved by having the manufacturer of the product lock it down after production and introducing a mechanism by which the product can authenticate the rightful user and self-unlock to allow the use of the product. For a proof-of-concept, we are investigating the problem in the context of a complex product such as a workstation or laptop being shipped to a human end user. We are using hardware trusted root of trust to perform authentication, locking, and unlocking of devices. The locking of the device is performed at the BIOS/BMC level by the vendor. Authentication is based on sharing secrets. We use a mesh of trusted agents for the secure sharing of secrets.