UEFI - The New Boot Operating System In Your Computer
LIU/Brooklyn System Architechture
Secure boot - Chain of Trust and Key Hierarchy
PK - Platform Key, this is the top level public key on the system whose private key is
owned by the OEM of the hardware. It is used to sign all other keys on
the system.
KEK - Key Exchange Keys, is more properly described as a database of
keys. These keys can only be entered into the firmware with PK key
authority. The KEK has keys from the vendor, OEM, other operating system
vendors, and the KEK entries authorize updates to the DB/DBX.
DB is the "allowed" list of code that can execute, and for a Microsoft (R)
Windows8 machine contains a Microsoft OS certificate, the Microsoft UEFI CA
cert, and possibly other OSV/ISV entries
DBX is the 'disallowed and Blocked' list of code. 21,22
With a secure boot, the sequence of events for authorization to run
binaries on the firmware is as follows:
The fireware loads binary objects and checks them against the DB and the
DBX list. If the binary's signature is not within the DB list, or if it
is in the DBX list, then it will not be run and the booting process will
usually halt.
Going forward, it is a
huge question as to if it is safe to run a UEFI booted system without a
secure boot. The reason for this is exactly what was pointed out
Wilkins and Richardson, which is that UEFI, with its virtual machine,
readable partitions and userspace toolkits, makes a very target rich
vector for malware in the future. 17 Just turning off secure boot on an
industrial server comes with some serious risks that need to be
accessed.
All parts of the loaded binaries need to be now signed under UEFI secure boot. This means custom compiled kernels, Binary third party modules, non-standard OSs all need to go through Microsoft in order to gain signatures, OR to be signed by the PK through the hardware manufactors.
Secure boot is not any more inherently secure than a BIOS. Everything a BIOS does, in some form, UEFI has to also do. UEFI under secure boot has recently been exploited.
http://www.computerworld.com/article/2490047/security0/new-attack-methods-can--brick--systems--defeat-secure-boot--researchers-say.html
