Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Matthew Garrett Explains UEFI Again

Hash: SHA1

Management of UEFI secure booting

,----[ Quote ]
| The FSF have released a statement on UEFI secure boot. It explains the 
| fundamental issue here, which isn't something as simple as "will OEMs let me 
| install Linux". It's "Does the end user have the ability to manage their own 
| keys".
| Secure boot is a valuable feature. It does neatly deal with the growing threat 
| of pre-OS malware. There is an incentive for it to be supported under Linux. I 
| discussed the technical aspects of implementing support for it here - it's not 
| a huge deal of work, and it is being worked on. So let's not worry about that 
| side of things. The problem is with the keys.
| Secure boot is implemented in a straightforward way. Each section of a PE-COFF 
| file is added together and a hash taken[1]. This hash is signed with the 
| private half of a signing key and embedded into the binary. When you attempt 
| to execute a file under UEFI, the firmware attempts to decrypt the embedded 
| hash. This requires that the firmware have a either a copy of the public half 
| of the signing key in its key database, or for there to be a chain of trust 
| from the signing key to a key in its key database. Once it has the decrypted 
| hash, it generates its own hash of the binary and compares them. If they 
| match, the binary is executed.
| What happens if it doesn't match? Per the UEFI specification, the firmware can 
| then prompt the user and ask if they want to execute it anyway. If the user 
| accepts then the hash of the binary is remembered[4] and can continue to be 
| executed in future. This is similar to what you get when you visit a self-
| signed https site, or when you connect to an ssh server for the first time - 
| the user must explicitly state that they trust the software that is being 
| booted.

Version: GnuPG v1.4.10 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index