Malicious os could reset pcrs post boot and then set

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ; ) •  Then runs MBR (master boot record), e.g. GRUB. MBR executes: Calls PCR_Extend( n, <OS loader code, config> ) •  Then runs OS loader … and so on Dan Boneh In a diagram Hardware BIOS boot block Root of trust in integrity measurement OS loader BIOS TPM Root of trust in integrity reporting OS Application measuring Extend PCR AHer boot, PCRs contain hash chains of booted soHware Collision resistance of SHA1 (?) ensures commitment Dan Boneh Example: Trusted GRUB Credit: IBM 2005 PCR # to use and what to measure is specified in GRUB config file Dan Boneh The main point AHer boot completes, PCR registers measure the en2re soHware stack that booted on the machine: •  BIOS and hardware configura2on •  Boot loader and its configura2on •  Opera2ng system •  Running apps Dan Boneh What would go wrong if TPM_Startup (ST_CLEAR) could be called at any 2me aHer boot? Malicious OS could reset PCRs post- boot and then set them to a valid OS hash. PCRs would then look as if valid OS loaded. Dan Boneh Handling hibernate and restore: PCRs should be restored to pre- hiberna2on state TPM can store current PCR vals in internal NV- RAM and re- load them on command TPM_SaveState and TPM_Starup(ST_STATE) Dan Boneh TPM Counters •  TPM must support at leas...
View Full Document

Ask a homework question - tutors are online