[2020] Securing the Boot Process

Abstract: The goal of a hardware root of trust is to verify that the software installed in every component of the hardware is the software that was intended. This way you can verify and know without a doubt whether a machine’s hardware or software has been hacked or overwritten by an adversary. In a world of modchips, supply chain attacks, evil maid attacks, cloud provider vulnerabilities in hardware components, and other attack vectors it has become more and more necessary to ensure hardware and software integrity.

@article{10.1145/3380774.3382016,
author = {Frazelle, Jessie},
title = {Securing the Boot Process: The hardware root of trust},
year = {2020},
issue_date = {November-December 2019},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {17},
number = {6},
issn = {1542-7730},
url = {https://doi.org/10.1145/3380774.3382016},
doi = {10.1145/3380774.3382016},
abstract = {The goal of a hardware root of trust is to verify that the software installed in every component of the hardware is the software that was intended. This way you can verify and know without a doubt whether a machine’s hardware or software has been hacked or overwritten by an adversary. In a world of modchips, supply chain attacks, evil maid attacks, cloud provider vulnerabilities in hardware components, and other attack vectors it has become more and more necessary to ensure hardware and software integrity.},
journal = {Queue},
month = {feb},
pages = {5–21},
numpages = {17}
}

My highlights: elopio-papers : Free Download, Borrow, and Streaming : Internet Archive

Recently I’ve been thinking about a decentralized software based root-of-trust. A significant advantage of that is to dodge all the obvious problems caused by the hardware root-of-trust, like root key extraction and the data loss due to hardware availability.

Have you seen Project T-TEE: From Trusted to Trustless Execution Environments ?

We could use your help there :slight_smile:

2 Likes