Re: SHA-1 MBR

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHA-1 MBR

From:	phcoder
Subject:	Re: SHA-1 MBR
Date:	Sat, 21 Feb 2009 14:27:42 +0100
User-agent:	Thunderbird 2.0.0.19 (X11/20090105)

I consider the way how memory is protected or how integrity of mbr isensured out of scope of grub2. It simply can do nothing against it. Somy goals is just making verfication chain secure. Then I hope thatsomeone more knowledge in chipsets will find a way to build a securesystem on the top of it. I do only as much as I can and never claim toachieve something which is theoretically impossible

Regards
Vladimir 'phcoder' Serbinenko
Jan Alsenz wrote:

If not, who checks the MBR?

This can't be done by grub because it happens before any part of grub is
loaded. to verify grub you need to rely on vendor/platform-specific
mechanisms.
I personally find "tpm without tpm" more attractive because it can be
easily reused on another platform or any alternative to tpm (perhaps
anybody here or coreboot folks will come up with something).
Additionally it workarounds many bios and tpm bugs.
I will continue working on sha-1 boot. My goal is to load core.img
checked. After that point there is much more space and any signature
based solution can be used.

Yes, that was my point. You need a trusted first step.
But the only thing besides a TPM, that can be used for this is the BIOS, which
can be flashed.
And even, if we assume, that we can construct a BIOS that only boots if the MBR
hash matches and can not be flashed prior to this point, there are still two
points missing:
- After the system has started, the BIOS could be flashed. This is a very
possible scenario in a multi user environment.

Ok, I revoke that statement!

This is most likely equivalent to being able to just read out the disk
encryption keys from memory, which we considered out of scope.

So if you can get the BIOS right, this might actually work for our scenario!

Greets,

Jan



------------------------------------------------------------------------

_______________________________________________
Grub-devel mailing list
address@hidden
http://lists.gnu.org/mailman/listinfo/grub-devel

[Prev in Thread]

Current Thread

[Next in Thread]

SHA-1 MBR, phcoder, 2009/02/20
- Re: SHA-1 MBR, Jan Alsenz, 2009/02/20
  - Re: SHA-1 MBR, phcoder, 2009/02/20
    - Re: SHA-1 MBR, Jan Alsenz, 2009/02/20
    - Re: SHA-1 MBR, Isaac Dupree, 2009/02/20
    - Re: SHA-1 MBR, Javier Martín, 2009/02/20
    - Re: SHA-1 MBR, phcoder, 2009/02/21
    - Re: SHA-1 MBR, Jan Alsenz, 2009/02/21
    - Re: SHA-1 MBR, phcoder <=
    - Re: SHA-1 MBR, phcoder, 2009/02/21
- Re: SHA-1 MBR, Alex Besogonov, 2009/02/20

Prev by Date: Re: A _good_ and valid use for TPM
Next by Date: Re: A _good_ and valid use for TPM
Previous by thread: Re: SHA-1 MBR
Next by thread: Re: SHA-1 MBR
Index(es):
- Date
- Thread