[OpenBIOS] Secure BIOS for voting?
lsorense at csclub.uwaterloo.ca
Tue Jul 23 23:08:28 CEST 2013
On Tue, Jul 23, 2013 at 04:28:23PM -0400, Tarl Neustaedter wrote:
> The problem of secure execution is fairly well understood. Google
> "Verified Boot" or "Trusted Boot". The implementations that take it
> seriously do verification of their PROM, sign it, and the hardware
> won't let you start unless the PROM is good. Then the PROM verifies
> the signature of each component as it's brought in (I was recently
> involved in implementing public key verification for such).
> It doesn't guarantee bug-free code, but it verifies that the code
> you are running is what you think it is.
And the PROM is inside the CPU so you can't swap it in some cases,
perhaps even encrypted.
More information about the OpenBIOS