AMD64: Something's missing?

SONE Takeshi ts1 at tsn.or.jp
Wed Oct 22 12:37:00 CEST 2003


On Wed, Oct 22, 2003 at 08:25:28AM -0700, Alan Mimms wrote:
> One thing that encryption in the bootstrap CAN do is prevent Trojan
> attacks against the kernel image.  If attackers can't find out what the
> encryption key is they can't create a substitute Trojan kernel.  It
> plugs a hole.

That is authorization rather than encryption.
For this purpose, public key cryptography is used, so you don't
have to have the secret key in the ROM.
And the entire image is not encrypted for this purpose, because
it needs lots of CPU power. Usually 128 or 160-bit hash is only
encrypted.

This is much like Xbox.
But who has the secret key is the system admin, not Microsoft.

IMHO the system is already broken so bad when an attacker can replace
the boot image.
But maybe some real use exists..
-- 
Takeshi



More information about the coreboot mailing list