Secure Boot Deficiencies. Volume 2 of 2

Abstract

This technical report captures the research effort into two deficiencies encountered while implementing Secure Boot technology. The first deficiency discovered is that OpROMs will fail to load on a system that has custom Secure Boot keys in its key variables and has removed all manufacturer keys from the key variables. The second deficiency is that Secure Boot fails to validate the digital signatures of certificates within the Secure Boot key variables in standard Public Key Infrastructure (PKI) certificate hierarchy operation. The technical details each deficiency clearly and expands the research methodology applied to each. With the insights gained from our research, we make informed findings and recommendations on how to mitigate each deficiency. Lastly, within this technical report, we present best practices on how to implement Secure Boot technology.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2020
Accession Number
AD1106541

Entities

People

  • David Schloss
  • Erik Carlson
  • Mike Hike
  • Roman Grewal

Tags

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Authentication
  • Best Practices
  • Computers
  • Device Drivers
  • Directories
  • Engineering
  • Firmware
  • Government Procurement
  • Governments
  • Hierarchies
  • Infrastructure
  • Military Research
  • Operating Systems
  • Standards
  • Verification

Fields of Study

  • Computer science

Readers

  • Aerospace Engineering
  • Cybersecurity.
  • Systems Analysis and Design

Technology Areas

  • Cyber