SlideShare a Scribd company logo

Anti-evil maid with UEFI and Xen

Tamas K Lengyel
Tamas K Lengyel

Anti-evil maid with UEFI and Xen, Platform Security Summit 2018

Software
1 of 41
Download to read offline
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 www.ainfosec.com ASSURED INFORMATION SECURITY Anti-Evil Maid with UEFI and Xen Platform Security Summit, 2018 Brendan Kerrigan Tamas K Lengyel
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Overview 1. Motivation 2. UEFI background 3. Anti-Evil Maid 4. Extending the SRTM chain 5. EFI_LOAD_OPTION 6. Launching DRTM after SRTM
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 OpenXT • Security hardened distribution • Based on Xen & Linux • Anti-Evil Maid using Intel TXT • No boot-time security for non-Intel hw • No UEFI / SecureBoot support Motivation
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 UEFI (2007) • Successor of Intel’s EFI specification • Heavily influenced by Microsoft • Reused PE binary format (ie. exe) SecureBoot (2011) • Public-key crypto using signatures • Heavily influenced by Microsoft UEFI/SecureBoot
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. Install public keys in firmware NVRAM 2. Sign binaries with private key 3. Firmware verifies signatures as software is loaded 4. Firmware only executes binaries with valid signatures Doesn’t use the TPM! UEFI/SecureBoot
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Systems ship with OEM and Microsoft keys pre-loaded What about Linux / FreeBSD / etc? 1. Require users to install custom SecureBoot keys 2. Get Microsoft to sign GRUB and/or every kernel? Neither of these options is “easy” UEFI/SecureBoot
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Small UEFI application with a new SecureBoot key embedded Capable of checking signatures with embedded key Can be signed by Microsoft Shim key-owner can sign its own kernel updates independently 3rd option: the shim
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Shim registers a service with the firmware Shim loads & launches Xen 1. SecureBoot verification 2. Measures it into the TPM Xen locates shim protocol and verifies dom0 kernel Xen and the shim
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. ..the user to the computer ○ “Please enter your password” 2. ..the software to the computer ○ SecureBoot 3. ..the computer to the user ○ Anti-Evil Maid (AEM) Authenticate..
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Have to ensure that the system: 1. Says what it does 2. Does what it says 3. Can prove it AEM Requirements
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Using local encryption 1. Record state of a “good” system into the TPM 2. Encrypt (“seal”) <something> with the TPM 3. TPM only decrypts (“unseal”) <something> when state matches Using remote attestation 1. Record state of the system into the TPM 2. Send quote to remote machine to verify AEM Proof options
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 When to measure? 1. From the start • Static-root-of-trust (SRTM) • Usually considered too complex to be practical 2. After we are done booting • Dynamic-root-of-trust (DRTM) • Intel Trusted Execution Technology (TXT) Measurements needed
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 To be fully effective requires either: 1. Secure Transfer Monitor (STM) • Without it firmware is in the TCB • No OEM supports it 2. Combined with SRTM • Firmware is in the TCB DRTM
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 SRTM SRTM
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Need to measure Extending the SRTM chain • Xen • Xen command line • XSM policy • Dom0 kernel • Dom0 initrd • Dom0 command line • Dom0 rootfs
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Compile everything into static images
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Static compile-in options
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. UEFI loads, measures & verifies the shim 2. The shim loads, measures & verifies Xen 3. Xen loads dom0 4. Xen uses the shim to measure & verify dom0 Extending the SRTM chain
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 This should “just work”
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 ● Xen fails to launch when loaded by the shim ● Shim protocol only available with SecureBoot on ● The shim only measures with SecureBoot on ● The shim SecureBoot verifies dom0 but doesn’t measure it ● The shim silently hides TPM failures Fixes upstreamed/under review Almost...
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 All measurements of PE images fail with PE_COFF_IMAGE flag TPM2 failure on Dell
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Measurement type will differ on good vs bad firmware ● PE_COFF_IMAGE=Authenticode; raw=sha256 ● Pre-calculating expected PCR values not possible ● Custom patch to shim required to standardize on sha256 ● Until all firmwares work with PE_COFF_IMAGE flag TPM2 failure with Dell
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Still possible to override from bootloader Xen’s.. • ..built-in XSM policy • ..built-in command line Xen under UEFI can load the initrd for dom0 • Even if the dom0 kernel has one built-in Problems with built-in parts
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 https://www.kernel.org/doc/Documentation/filesystems/ramfs-rootfs-initramfs.t xt Problems with built-in parts
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 If we have to start patching Xen and Linux to make it work, we might as well reconsider our approach
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Measure everything as we boot (dealing with static command lines is a pain anyway)
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 We already use the shim to measure & verify dom0 ● The shim already implements TPM extend functions Expose TPM functions through the shim protocol ● Re-use well tested wrappers Shim Measure
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Extending the shim ABI Log as PE but don’t measure with Authenticode Log & measure as generic shim_measure event Shim Measure
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Extending the shim ABI Xen can now measure non-PE components ● Config file (which includes Xen & dom0 command line) ● XSM policy ● dom0 initrd Shim Measure
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Measurements now include Extending the SRTM chain • Xen • Xen command line • XSM policy • Dom0 kernel • Dom0 initrd • Dom0 command line • Dom0 rootfs ?
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Integrity Measurement Architecture (IMA) Linux measure all files touched (r/w/x) by root into the TPM Nondeterministic when multiple cores are used to boot ● The order in which files get measured change the hash ● Not good for sealing/remote attestation ● Perhaps TPM2 non-brittle PCRs could make it work? ● Not ideal if TPM1.2 devices still need to be supported Linux IMA
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Create separate /home, /var, /srv ● https://wiki.debian.org/ReadonlyRoot Alternatively, apply AUFS based temp layer on top of / ● https://help.ubuntu.com/community/aufsRootFileSystemOnUsbFlash Measure static root into the TPM from initrd! SRTM chain is now complete! Read-only rootfs necessary
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Use TPM measurements to prove system authenticity Use locally sealed secret ● Needs to be unique and hard to spoof ● Spoofing a green check-mark is pretty easy (OpenXT) Remote attestation ● Requires remote system to verify TPM quote ● Can be via network or with a QR code (TPM-TOTP) Anti-Evil Maid proof
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 How do we set boot options? ● Necessary for having debug options for dom0 and/or Xen ● Or to deploy a single Xen efi config file with many targets No GRUB!
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 EFI_LOAD_OPTION UEFI has built-in support ● Record boot option in NVRAM # efibootmgr -c -d /dev/sda -p 1 -w -L "Xen (normal)" -l EFIxenshim.efi -u "normal" # efibootmgr -c -d /dev/sda -p 1 -w -L "Xen (debug)" -l EFIxenshim.efi -u "debug" UEFI measures the whole struct into the TPM ● Including the OptionalData EFI_LOAD_OPTION
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 OptionalData selects section from config file EFI_LOAD_OPTION
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Ack pending.. https://lists.xenproject.org/archives/html/xen-devel/2018-01/msg01955.html EFI_LOAD_OPTION
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Now that the SRTM chain is complete, can we do a DRTM? Yes!
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. Load tboot from xen.efi & measure with shim 2. Load second copy of Xen & measure+verify with shim 3. Build multiboot struct in xen.efi pointing to second copy of Xen 4. Launch tboot using multiboot struct No more “gap”! *Joint work with Daniel De Graaf Launching tboot*
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 SRTM patches merged to OpenXT, DRTM patches posted Shim patches upstreamed/under review Xen patch posted, Ack pending General instructions, patches and scripts posted at ● https://github.com/tklengyel/xen-uefi Status
ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Tamas K Lengyel lengyelt@ainfosec.com @tklengyel Brendan Kerrigan kerriganb@ainfosec.com Thanks!

Recommended

Examen main remote
Examen main remoteExamen main remote
Examen main remotejheral stalin
 
Eranda me
Eranda meEranda me
Eranda meguestfecf7
 
Trust com2008 ruoando
Trust com2008 ruoandoTrust com2008 ruoando
Trust com2008 ruoandoRuo Ando
 
Hacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysisHacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysisTamas K Lengyel
 
Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunities Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunitiesATMOSPHERE .
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...The Linux Foundation
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPJoe McCray
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun Owens
 

Recommended

Examen main remote
Examen main remoteExamen main remote
Examen main remotejheral stalin
 
Eranda me
Eranda meEranda me
Eranda meguestfecf7
 
Trust com2008 ruoando
Trust com2008 ruoandoTrust com2008 ruoando
Trust com2008 ruoandoRuo Ando
 
Hacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysisHacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysisTamas K Lengyel
 
Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunities Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunitiesATMOSPHERE .
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...The Linux Foundation
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPJoe McCray
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun Owens
 
MS08 067
MS08 067MS08 067
MS08 067Tim Krabec
 
Reversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensicsReversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensicsAbdulrahman Bassam
 
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Lucy Huh Kerner
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
StarlingX - Driving Compute to the Edge with OpenStack
StarlingX - Driving Compute to the Edge with OpenStackStarlingX - Driving Compute to the Edge with OpenStack
StarlingX - Driving Compute to the Edge with OpenStackStacy Véronneau
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotiklouisraj
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsChristopher Gerritz
 
Open source security tools for Kubernetes.
Open source security tools for Kubernetes.Open source security tools for Kubernetes.
Open source security tools for Kubernetes.Michael Ducy
 
case study1 web defacement answer.pdf
case study1 web defacement answer.pdfcase study1 web defacement answer.pdf
case study1 web defacement answer.pdfSetiya Nugroho
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
ME Information Security
ME Information SecurityME Information Security
ME Information SecurityMohamed Monsef
 
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...nadeemmj
 
Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overviewSajid Marwat
 
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!MSHOWTO Bilisim Toplulugu
 
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo sht
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo shtDEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo sht
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo shtFelipe Prado
 
Operating System Support for Run-Time Security with a Trusted Execution Envir...
Operating System Support for Run-Time Security with a Trusted Execution Envir...Operating System Support for Run-Time Security with a Trusted Execution Envir...
Operating System Support for Run-Time Security with a Trusted Execution Envir...Javier González
 
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)n|u - The Open Security Community
 
Pandora FMS: Hyper V Plugin
Pandora FMS: Hyper V PluginPandora FMS: Hyper V Plugin
Pandora FMS: Hyper V PluginPandora FMS
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseEric Koeppen
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXSymantec
 
Estimating Security Risk Through Repository Mining
Estimating Security Risk Through Repository MiningEstimating Security Risk Through Repository Mining
Estimating Security Risk Through Repository MiningTamas K Lengyel
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenTamas K Lengyel
 

More Related Content

Similar to Anti-evil maid with UEFI and Xen

Reversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensicsReversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensicsAbdulrahman Bassam
 
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Lucy Huh Kerner
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
StarlingX - Driving Compute to the Edge with OpenStack
StarlingX - Driving Compute to the Edge with OpenStackStarlingX - Driving Compute to the Edge with OpenStack
StarlingX - Driving Compute to the Edge with OpenStackStacy Véronneau
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotiklouisraj
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsChristopher Gerritz
 
Open source security tools for Kubernetes.
Open source security tools for Kubernetes.Open source security tools for Kubernetes.
Open source security tools for Kubernetes.Michael Ducy
 
case study1 web defacement answer.pdf
case study1 web defacement answer.pdfcase study1 web defacement answer.pdf
case study1 web defacement answer.pdfSetiya Nugroho
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
ME Information Security
ME Information SecurityME Information Security
ME Information SecurityMohamed Monsef
 
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...nadeemmj
 
Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overviewSajid Marwat
 
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!MSHOWTO Bilisim Toplulugu
 
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo sht
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo shtDEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo sht
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo shtFelipe Prado
 
Operating System Support for Run-Time Security with a Trusted Execution Envir...
Operating System Support for Run-Time Security with a Trusted Execution Envir...Operating System Support for Run-Time Security with a Trusted Execution Envir...
Operating System Support for Run-Time Security with a Trusted Execution Envir...Javier González
 
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)n|u - The Open Security Community
 
Pandora FMS: Hyper V Plugin
Pandora FMS: Hyper V PluginPandora FMS: Hyper V Plugin
Pandora FMS: Hyper V PluginPandora FMS
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseEric Koeppen
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXSymantec
 

Similar to Anti-evil maid with UEFI and Xen (20)

MS08 067
MS08 067MS08 067
MS08 067
 
Reversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensicsReversing & malware analysis training part 8 malware memory forensics
Reversing & malware analysis training part 8 malware memory forensics
 
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
StarlingX - Driving Compute to the Edge with OpenStack
StarlingX - Driving Compute to the Edge with OpenStackStarlingX - Driving Compute to the Edge with OpenStack
StarlingX - Driving Compute to the Edge with OpenStack
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotik
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
 
Open source security tools for Kubernetes.
Open source security tools for Kubernetes.Open source security tools for Kubernetes.
Open source security tools for Kubernetes.
 
case study1 web defacement answer.pdf
case study1 web defacement answer.pdfcase study1 web defacement answer.pdf
case study1 web defacement answer.pdf
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
 
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...
IMPROVED DATA PROTECTION MECHANISM FOR CLOUD STORAGE WITH THE USAGE OF TWO CO...
 
Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overview
 
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
 
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo sht
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo shtDEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo sht
DEF CON 27 - MICHAEL LEIBOWITZ and TOPHER TIMZEN - edr is coming hide yo sht
 
Operating System Support for Run-Time Security with a Trusted Execution Envir...
Operating System Support for Run-Time Security with a Trusted Execution Envir...Operating System Support for Run-Time Security with a Trusted Execution Envir...
Operating System Support for Run-Time Security with a Trusted Execution Envir...
 
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
 
Pandora FMS: Hyper V Plugin
Pandora FMS: Hyper V PluginPandora FMS: Hyper V Plugin
Pandora FMS: Hyper V Plugin
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-release
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
 

More from Tamas K Lengyel

Estimating Security Risk Through Repository Mining
Estimating Security Risk Through Repository MiningEstimating Security Risk Through Repository Mining
Estimating Security Risk Through Repository MiningTamas K Lengyel
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenTamas K Lengyel
 
Pitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisPitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisTamas K Lengyel
 
VM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with XenVM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with XenTamas K Lengyel
 
VM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzingVM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzingTamas K Lengyel
 
BSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysisBSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysisTamas K Lengyel
 
Stealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisStealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisTamas K Lengyel
 
Malware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationMalware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationTamas K Lengyel
 
CyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and ProtectCyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and ProtectTamas K Lengyel
 
Virtual Machine Introspection with Xen
Virtual Machine Introspection with XenVirtual Machine Introspection with Xen
Virtual Machine Introspection with XenTamas K Lengyel
 
Cloud Security with LibVMI
Cloud Security with LibVMICloud Security with LibVMI
Cloud Security with LibVMITamas K Lengyel
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTamas K Lengyel
 
CrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareCrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareTamas K Lengyel
 
31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine IntrospectionTamas K Lengyel
 
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemScalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemTamas K Lengyel
 
Virtual Machine Introspection with Xen on ARM
Virtual Machine Introspection with Xen on ARMVirtual Machine Introspection with Xen on ARM
Virtual Machine Introspection with Xen on ARMTamas K Lengyel
 
Pitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardwarePitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardwareTamas K Lengyel
 
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningNSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningTamas K Lengyel
 
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureTamas K Lengyel
 
Hacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and ProtectHacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and ProtectTamas K Lengyel
 

More from Tamas K Lengyel (20)

Estimating Security Risk Through Repository Mining
Estimating Security Risk Through Repository MiningEstimating Security Risk Through Repository Mining
Estimating Security Risk Through Repository Mining
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with Xen
 
Pitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisPitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysis
 
VM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with XenVM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with Xen
 
VM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzingVM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzing
 
BSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysisBSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysis
 
Stealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisStealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware Analysis
 
Malware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationMalware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware Virtualization
 
CyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and ProtectCyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and Protect
 
Virtual Machine Introspection with Xen
Virtual Machine Introspection with XenVirtual Machine Introspection with Xen
Virtual Machine Introspection with Xen
 
Cloud Security with LibVMI
Cloud Security with LibVMICloud Security with LibVMI
Cloud Security with LibVMI
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUF
 
CrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareCrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardware
 
31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection
 
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemScalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
 
Virtual Machine Introspection with Xen on ARM
Virtual Machine Introspection with Xen on ARMVirtual Machine Introspection with Xen on ARM
Virtual Machine Introspection with Xen on ARM
 
Pitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardwarePitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardware
 
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningNSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
 
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot Architecture
 
Hacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and ProtectHacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and Protect
 

Recently uploaded

Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 

Recently uploaded (20)

Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 

Anti-evil maid with UEFI and Xen

  • 1. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 www.ainfosec.com ASSURED INFORMATION SECURITY Anti-Evil Maid with UEFI and Xen Platform Security Summit, 2018 Brendan Kerrigan Tamas K Lengyel
  • 2. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Overview 1. Motivation 2. UEFI background 3. Anti-Evil Maid 4. Extending the SRTM chain 5. EFI_LOAD_OPTION 6. Launching DRTM after SRTM
  • 3. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 OpenXT • Security hardened distribution • Based on Xen & Linux • Anti-Evil Maid using Intel TXT • No boot-time security for non-Intel hw • No UEFI / SecureBoot support Motivation
  • 4. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 UEFI (2007) • Successor of Intel’s EFI specification • Heavily influenced by Microsoft • Reused PE binary format (ie. exe) SecureBoot (2011) • Public-key crypto using signatures • Heavily influenced by Microsoft UEFI/SecureBoot
  • 5. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. Install public keys in firmware NVRAM 2. Sign binaries with private key 3. Firmware verifies signatures as software is loaded 4. Firmware only executes binaries with valid signatures Doesn’t use the TPM! UEFI/SecureBoot
  • 6. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Systems ship with OEM and Microsoft keys pre-loaded What about Linux / FreeBSD / etc? 1. Require users to install custom SecureBoot keys 2. Get Microsoft to sign GRUB and/or every kernel? Neither of these options is “easy” UEFI/SecureBoot
  • 7. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Small UEFI application with a new SecureBoot key embedded Capable of checking signatures with embedded key Can be signed by Microsoft Shim key-owner can sign its own kernel updates independently 3rd option: the shim
  • 8. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Shim registers a service with the firmware Shim loads & launches Xen 1. SecureBoot verification 2. Measures it into the TPM Xen locates shim protocol and verifies dom0 kernel Xen and the shim
  • 9. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. ..the user to the computer ○ “Please enter your password” 2. ..the software to the computer ○ SecureBoot 3. ..the computer to the user ○ Anti-Evil Maid (AEM) Authenticate..
  • 10. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Have to ensure that the system: 1. Says what it does 2. Does what it says 3. Can prove it AEM Requirements
  • 11. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Using local encryption 1. Record state of a “good” system into the TPM 2. Encrypt (“seal”) <something> with the TPM 3. TPM only decrypts (“unseal”) <something> when state matches Using remote attestation 1. Record state of the system into the TPM 2. Send quote to remote machine to verify AEM Proof options
  • 12. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 When to measure? 1. From the start • Static-root-of-trust (SRTM) • Usually considered too complex to be practical 2. After we are done booting • Dynamic-root-of-trust (DRTM) • Intel Trusted Execution Technology (TXT) Measurements needed
  • 13. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 To be fully effective requires either: 1. Secure Transfer Monitor (STM) • Without it firmware is in the TCB • No OEM supports it 2. Combined with SRTM • Firmware is in the TCB DRTM
  • 14. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 SRTM SRTM
  • 15. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Need to measure Extending the SRTM chain • Xen • Xen command line • XSM policy • Dom0 kernel • Dom0 initrd • Dom0 command line • Dom0 rootfs
  • 16. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Compile everything into static images
  • 17. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Static compile-in options
  • 18. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. UEFI loads, measures & verifies the shim 2. The shim loads, measures & verifies Xen 3. Xen loads dom0 4. Xen uses the shim to measure & verify dom0 Extending the SRTM chain
  • 19. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 This should “just work”
  • 20. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 ● Xen fails to launch when loaded by the shim ● Shim protocol only available with SecureBoot on ● The shim only measures with SecureBoot on ● The shim SecureBoot verifies dom0 but doesn’t measure it ● The shim silently hides TPM failures Fixes upstreamed/under review Almost...
  • 21. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 All measurements of PE images fail with PE_COFF_IMAGE flag TPM2 failure on Dell
  • 22. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Measurement type will differ on good vs bad firmware ● PE_COFF_IMAGE=Authenticode; raw=sha256 ● Pre-calculating expected PCR values not possible ● Custom patch to shim required to standardize on sha256 ● Until all firmwares work with PE_COFF_IMAGE flag TPM2 failure with Dell
  • 23. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Still possible to override from bootloader Xen’s.. • ..built-in XSM policy • ..built-in command line Xen under UEFI can load the initrd for dom0 • Even if the dom0 kernel has one built-in Problems with built-in parts
  • 24. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 https://www.kernel.org/doc/Documentation/filesystems/ramfs-rootfs-initramfs.t xt Problems with built-in parts
  • 25. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 If we have to start patching Xen and Linux to make it work, we might as well reconsider our approach
  • 26. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Measure everything as we boot (dealing with static command lines is a pain anyway)
  • 27. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 We already use the shim to measure & verify dom0 ● The shim already implements TPM extend functions Expose TPM functions through the shim protocol ● Re-use well tested wrappers Shim Measure
  • 28. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Extending the shim ABI Log as PE but don’t measure with Authenticode Log & measure as generic shim_measure event Shim Measure
  • 29. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Extending the shim ABI Xen can now measure non-PE components ● Config file (which includes Xen & dom0 command line) ● XSM policy ● dom0 initrd Shim Measure
  • 30. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Measurements now include Extending the SRTM chain • Xen • Xen command line • XSM policy • Dom0 kernel • Dom0 initrd • Dom0 command line • Dom0 rootfs ?
  • 31. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Integrity Measurement Architecture (IMA) Linux measure all files touched (r/w/x) by root into the TPM Nondeterministic when multiple cores are used to boot ● The order in which files get measured change the hash ● Not good for sealing/remote attestation ● Perhaps TPM2 non-brittle PCRs could make it work? ● Not ideal if TPM1.2 devices still need to be supported Linux IMA
  • 32. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Create separate /home, /var, /srv ● https://wiki.debian.org/ReadonlyRoot Alternatively, apply AUFS based temp layer on top of / ● https://help.ubuntu.com/community/aufsRootFileSystemOnUsbFlash Measure static root into the TPM from initrd! SRTM chain is now complete! Read-only rootfs necessary
  • 33. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Use TPM measurements to prove system authenticity Use locally sealed secret ● Needs to be unique and hard to spoof ● Spoofing a green check-mark is pretty easy (OpenXT) Remote attestation ● Requires remote system to verify TPM quote ● Can be via network or with a QR code (TPM-TOTP) Anti-Evil Maid proof
  • 34. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 How do we set boot options? ● Necessary for having debug options for dom0 and/or Xen ● Or to deploy a single Xen efi config file with many targets No GRUB!
  • 35. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 EFI_LOAD_OPTION UEFI has built-in support ● Record boot option in NVRAM # efibootmgr -c -d /dev/sda -p 1 -w -L "Xen (normal)" -l EFIxenshim.efi -u "normal" # efibootmgr -c -d /dev/sda -p 1 -w -L "Xen (debug)" -l EFIxenshim.efi -u "debug" UEFI measures the whole struct into the TPM ● Including the OptionalData EFI_LOAD_OPTION
  • 36. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 OptionalData selects section from config file EFI_LOAD_OPTION
  • 37. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Ack pending.. https://lists.xenproject.org/archives/html/xen-devel/2018-01/msg01955.html EFI_LOAD_OPTION
  • 38. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Now that the SRTM chain is complete, can we do a DRTM? Yes!
  • 39. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 1. Load tboot from xen.efi & measure with shim 2. Load second copy of Xen & measure+verify with shim 3. Build multiboot struct in xen.efi pointing to second copy of Xen 4. Launch tboot using multiboot struct No more “gap”! *Joint work with Daniel De Graaf Launching tboot*
  • 40. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 SRTM patches merged to OpenXT, DRTM patches posted Shim patches upstreamed/under review Xen patch posted, Ack pending General instructions, patches and scripts posted at ● https://github.com/tklengyel/xen-uefi Status
  • 41. ASSURED INFORMATION SECURITYANTI-EVIL MAID WITH UEFI AND XEN www.ainfosec.com May 23-24, 2018 Tamas K Lengyel lengyelt@ainfosec.com @tklengyel Brendan Kerrigan kerriganb@ainfosec.com Thanks!