The Future of Low Level Hardware

Matthew Schwaberow CSE 494M 28 February, 2005

The BIOS
 computer interface code that locates and loads the operating system into RAM. It provides low-level communication, operation and configuration to the hardware of a system, which at a minimum drives the keyboard and provides primitive output to a display -Wikipedia

Extensible Firmware Interface

Intel Corporation

Extensible Firmware Interface

 Currently used in IA-64 Systems  Boot Services
Gets rid of MBR Booting
No more virii living here!

PXE Support built in Used to select OS, no more boot loaders Operating System is sandboxed so all networking and memory management handled by EFI

Extensible Firmware Interface, cont.

 Runtime Services
Currently Limited
Set Boot Order Change RealTime Clock

 Other features
Disk & Partition headers written twice
Protection against bad blocks & viruses OS verifies these headers are the same

No bootcode at the start of partitions

One less place for viruses to hide

Extensible Firmware Interface, cont.

 Possible Security Issues
Virus may overwrite the ESP (EFI Storage Partition) Any OEM can create a partition on the drive with tools, why not a virus writer? Virus writers may still be able to get into disk & partition headers by modifying both of them

TrustedCore
Phoenix Technologies

TrustedCore
 The Phoenix TrustedCore family is an example of what Phoenix and Microsoft refer to as an entirely new category, Core System Software. Core System Software is pre-OS software that incorporates all the legacy functionality of BIOS while providing an additional element for secure storage of encrypted private keys within a users computer. In addition, TrustedCore allows for digitally signed firmware updating to preempt hostile attacks at the core of the device, and a built-in root of trust that can be leveraged for native x86 device authentication on both enterprise and service provider networks.

TrustedCore
 Uses Windows CryptoAPI to
Ensure FlashBIOS updates are correctly signed and not modified Authenticate connected devices managed within Active Directory to networks and network applications Work with and authenticate Pre-OS Applications (recovery, anti-virus, etc) Securely store certificates for Microsoft applications and infrastructure

 Integrates EFI

Next Generation Secure Computing Base

Microsoft Corporation

Influentials Input (Stolen from Microsoft WinHEC 2004 Presentation)

 Subtle, important changes since initial reactions from a few years ago  USENIX 2002 response was yikes!  USENIX 2003 I heard lots of genuine interest in TWC

 Youve put secure OS development back on the map  I just want to play with the hardware!  Still viewed (incorrectly) by some as DRM on a chip
 Takeaways:  There are some very valuable things in NGSCB  Nervousness about possible implications of the NGSCB design  Dialog is very important for any cutting edge technology

Next Generation Secure Computing Base

 Hardware Requirements  NGSCB-enabled CPU  NGSCB-enabled chipset  Dedicated Secure Support Component that is physically bound to the NGSCB system motherboard  Secure input devices, including a keyboard and mouse  Secure video hardware, including the graphics processor

Next Generation Secure Computing Base

 Secure Support Component (aka Trusted Platform Module)
Services Provided
 RSA public-key operations, including encryption, decryption, digital signature generation, and verification  Advanced Encryption Standard (AES) encryption and decryption  Secure Hash Algorithm-1 (SHA-1) hash computation

Contains at least one RSA private key (along with the accompanying digital certificate for the key) and one AES symmetric key