OSLO: Improving the Security of Trusted Computing

In this paper we describe bugs and ways to attack trusted computing systems based on a static root of trust such as Microsoft's Bitlocker. We propose to use the dynamic root of trust feature of newer x86 processors as this shortens the trust chain, can minimize the Trusted Computing Base of applications and is less vulnerable to TPM and BIOS attacks. To support our claim we implemented the Open Secure LOader (OSLO), the first publicly available bootloader based on AMDs skinit instruction.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {268459,
author = {Bernhard Kauer},
title = {{OSLO}: Improving the Security of Trusted Computing},
booktitle = {16th USENIX Security Symposium (USENIX Security 07)},
year = {2007},
address = {Boston, MA },
url = {https://www.usenix.org/conference/16th-usenix-security-symposium/oslo-improving-security-trusted-computing},
publisher = {USENIX Association},
month = aug
}
Download

Presentation Video

Presentation Audio

Links

Paper: 
http://usenix.org/events/sec07/tech/full_papers/kauer/kauer.pdf
Paper (HTML): 
http://usenix.org/events/sec07/tech/full_papers/kauer/kauer_html/index.html