Evaluating the Use of Boot Image Encryption on Talos II Architecture
[Technical Report, Master's Thesis]
AIR FORCE INSTITUTE OF TECHNOLOGY WRIGHT-PATTERSON AFB OH
Pagination or Media Count:
Sensitive devices operating in unprotected environments are vulnerable to hardware attacks like reverse engineering and side channel analysis. This represents a security concern because the root of trust can be invalidated through boot firmware manipulation. For example, boot data is rarely encrypted and typically travels across an accessible bus like the LPC bus, allowing data to be easily intercepted and possibly manipulated during system startup. The ash chip storing the boot data can also be removed from these devices and examined to reveal detailed boot information. This paper details an implementation of encrypting a section of the boot image and decrypting it during the IPL of the Talos II. During power-on, the encrypted image travels across the LPC bus into the POWER9 Level3 cache and is decrypted in the processor. This proves that it is possible to prevent adversaries from interfering with the IPL flow or obtaining details on xCfirmware from the ash chip. The boot image encryption method is implemented with multiple levels of encryption and an evaluation of their efficiency is conducted to determine the performance impact for each algorithm.
- Computer Systems Management and Standards