Evil Maid Just Got Angrier - Why Full-Disk Encryption ... - CanSecWest

More documents

Recommendations

Info

Outline 1 UEFI BIOS 2 Measured/Trusted Boot 3 The Real World: Bypassing Measured/Trusted Boot 4 Windows BitLocker with TPM 5 Secure Boot 6 What Else? 7 Anything We Can Do?
What About Secure Boot? UEFI 2.3.1 / Windows 8 Secure Boot UEFI FW verifies digital signatures of non-embedded UEFI executables Signed UEFI drivers on adaptor cards/disk (Option ROMs), UEFI apps, OS Loaders Leverages Authenticode signing over PE/COFF binaries Configuration stored in NVRAM as Authenticated Variables (PK, KEK, db, dbx, SecureBoot) UEFI Spec, Chapter 27 Windows 8 Logo requirements for Secure Boot
Page 1:
Evil Maid Just Got Angrier Why Full
Page 4 and 5:
Outline 1 UEFI BIOS 2 Measured/Trus
Page 6 and 7:
Page 8 and 9:
Page 10 and 11:
Page 12 and 13:
Legacy BIOS CPU Reset vector in ROM
Page 14 and 15:
Legacy BIOS CPU Reset vector in ROM
Page 16 and 17:
Security of Legacy BIOS Huh?
Page 18 and 19:
Unified Extensible Firmware Interfa
Page 20 and 21:
So is UEFI BIOS secure? UEFI specif
Page 22 and 23:
Page 24 and 25:
Windows BitLocker http://technet.mi
Page 26 and 27:
Typical Chain of Measurements
Page 28 and 29:
Typical Chain of Measurements ⊗ I
Page 30 and 31: Typical Chain of Measurements ⊗ I
Page 42 and 43: Outline 1 UEFI BIOS 2 Measured/Trus
Page 44 and 45: The Problem Startup UEFI BIOS firmw
Page 46 and 47: The Solution is Simple Just let Bit
Page 54 and 55: SPI Flash / BIOS Protections 1 Writ
Page 56 and 57: SPI Protected Range Registers http:
Page 60 and 61: Hey! We’ve Succeeded!
Page 62 and 63: NIST BIOS Protection Guidelines Rec
Page 64 and 65: UEFI Updates Aren’t Exactly Signe
Page 69 and 70: Angry Evil Maid Attack Outline Agai
Page 71 and 72: The Original Boot Block
Page 73 and 74: Writing Payload to Early BIOS in SP
Page 75 and 76: But That P67 Board Is Just Too Old
Page 77 and 78: ASUS P8Z77-V PRO Yes! UEFI BIOS upd
Page 79: Demo The problem applies to any Ful
Page 83 and 84: Outline 1 UEFI BIOS 2 Measured/Trus
Page 85 and 86: BIOS Rootkits BIOS Rootkit [5,6,7,1
Page 87 and 88: Anything We Can Do? If you care abo
Page 89 and 90: Further Reading 1 Evil Maid goes af
show all

Evil Maid Just Got Angrier - Why Full-Disk Encryption ... - CanSecWest

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?