[Arm-netbook] Microsoft confirms UEFI fears, locks down ARM devices

Henrik Nordström henrik at henriknordstrom.net
Sun Jan 15 04:11:55 GMT 2012


lör 2012-01-14 klockan 23:49 +0000 skrev Alain Williams:

> But if it is internal to the CPU then it will be quite hard to change if/when
> someone creates a signed versions of grub (or something) that will then
> happily load anything.... this only will need to be done once.

If the scheme used is one that makes sense (and from my understanding of
TrustZone it is or at least can be) then each CPU have it's own private
encryption/signing key, only accessible to trusted code.

Internal bootloader + device key, loads a larger signed and encrypted
bootloader from boot media (NAND or whatnot), using the key unique to
the CPU. This boot loader then has the full sign&encrypt scheme for the
device firmware.

If you want to go fancy then the whole device firmware is also stored
encrypted uniquely for the device, blocking flash level cross flashing.

This is btw the scheme used by the Cell CPU (PS3), which held tight
until a flaw was found in how the firware updates were signed, and which
have been patched up pretty good after.

But device manufactures have learnt from the Sony case, and it should be
expected most do not use a single master signing key any more, instead
multiple keys for smaller groups of devices, or maybe even unique per
device.

This combined with the ability to replace the firmware signing keys in
the next upgrade mitigates the above claim completely, even if ignoring
the computational impossibility of breaking the encrypt/sign process
unless keying meaterial is leaked.

And if you are of the really paranoid nature then encryption is also
applied to your memory buses so even if someone is snooping on the DRAM
lines then all they see is garbage.

And all this to protect some DRM keys which restricts users right to
access the content they have bought.

Regards
Henrik




More information about the arm-netbook mailing list