We can't prevent others from tempering the firmware. That's a requirement.
What if the firmware update (e.g. BIOS or UEFI) has to be cryptographically verified? For
example the new firmware has to be hashed and signed by the authorized vendor. The
existing firmware has the capability to verify the hash and signature during the upgrade.
Is this strong enough to prevent firmware tempering?
-----Original Message-----
From: Stephen Smalley [mailto:sds@tycho.nsa.gov]
Sent: Tuesday, August 23, 2011 6:46 AM
To: Li, David
Cc: trusted-computing(a)lists.fedorahosted.org
Subject: RE: [Trusted-computing] Question on Trusted Boot
On Tue, 2011-08-23 at 06:19 -0700, Li, David wrote:
> My threat model has to assume an attacker can gain physical access to
> the motherboard and reflash the BIOS. That's why I worry about using
> TPM to ensure a trusted boot.
So, on the one hand, you are correct - the TCG considered physical attack to
be out of scope. But if you are including that in your threat model, you
already need to take further security measures to prevent direct physical
tampering with the box in general, not just with respect to the BIOS or the
TPM. Right? And I would expect that the same solution that you apply to
address that threat in general should also assist in protecting the BIOS flash
chip and the TPM from direct physical access, or resetting the TPM in the
event of such access.
> I am aware of TXT (not in a detailed way). But what's STM? Any pointers?
STM is SMI transfer monitor. A hypervisor for SMM that acts as a peer to the
main hypervisor. It can then protect the main hypervisor from direct
manipulation by the SMI handlers.
--
Stephen Smalley
National Security Agency