[OpenBIOS] Secure BIOS for voting?
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Tue Jul 23 23:08:28 CEST 2013
On Tue, Jul 23, 2013 at 04:28:23PM -0400, Tarl Neustaedter wrote:
> The problem of secure execution is fairly well understood. Google
> "Verified Boot" or "Trusted Boot". The implementations that take it
> seriously do verification of their PROM, sign it, and the hardware
> won't let you start unless the PROM is good. Then the PROM verifies
> the signature of each component as it's brought in (I was recently
> involved in implementing public key verification for such).
>
> It doesn't guarantee bug-free code, but it verifies that the code
> you are running is what you think it is.
And the PROM is inside the CPU so you can't swap it in some cases,
perhaps even encrypted.
--
Len Sorensen
More information about the OpenBIOS
mailing list