Evil Maid Just Got Angrier - Why Full-Disk Encryption ... - CanSecWest

More documents

Recommendations

Info

The Problem Startup UEFI BIOS firmware at reset vector is inherently trusted To initiate chain of measurements or signature verification But it’s firmware and can be updated If subverted, all measurements in the chain can be forged allowing firmware modifications to go undetected
The Solution is Simple <strong>Just</strong> let BitLocker rely on all platform manufacturers
Page 1: Evil Maid Just Got Angrier Why Full
Page 4 and 5: Outline 1 UEFI BIOS 2 Measured/Trus
Page 12 and 13: Legacy BIOS CPU Reset vector in ROM
Page 14 and 15: Legacy BIOS CPU Reset vector in ROM
Page 16 and 17: Security of Legacy BIOS Huh?
Page 18 and 19: Unified Extensible Firmware Interfa
Page 20 and 21: So is UEFI BIOS secure? UEFI specif
Page 24 and 25: Windows BitLocker http://technet.mi
Page 26 and 27: Typical Chain of Measurements
Page 28 and 29: Typical Chain of Measurements ⊗ I
Page 46 and 47: The Solution is Simple Just let Bit
Page 54 and 55: SPI Flash / BIOS Protections 1 Writ
Page 56 and 57: SPI Protected Range Registers http:
Page 60 and 61: Hey! We’ve Succeeded!
Page 62 and 63: NIST BIOS Protection Guidelines Rec
Page 64 and 65: UEFI Updates Aren’t Exactly Signe
Page 69 and 70: Angry Evil Maid Attack Outline Agai
Page 71 and 72: The Original Boot Block
Page 73 and 74: Writing Payload to Early BIOS in SP
Page 75 and 76: But That P67 Board Is Just Too Old
Page 77 and 78: ASUS P8Z77-V PRO Yes! UEFI BIOS upd
Page 79 and 80: Demo The problem applies to any Ful
Page 81 and 82: What About Secure Boot? UEFI 2.3.1
Page 85 and 86: BIOS Rootkits BIOS Rootkit [5,6,7,1
Page 87 and 88: Anything We Can Do? If you care abo
Page 89 and 90: Further Reading 1 Evil Maid goes af

Evil Maid Just Got Angrier - Why Full-Disk Encryption ... - CanSecWest

Create successful ePaper yourself

Delete template?

Save as template?