Trusted Boot for Linux using Trusted Platform Module

Grub (GNU GRand Unified Bootloader) is a popular bootloader for Linux systems (e.g. Debian, Ubuntu and Arch). A bootloader is needed to load the Operating System from the hard disk (or CD or bootable USB or any other bootable media).

Grub 2 is a newer version of the original Grub and Trusted Grub 2 stems from Grub 2. It is used to startup Linux from encrypted disks using the Trusted Platform Module (TPM). The TPM is used to detect changes to the computer hardware and boot software. An unauthorized change will be detected and the computer will not startup (protecting the data on the encrypted disk).

We tinkered around with Trusted Grub 2 and the TPM and this is what we have working today:
  • Password authentication (the user must enter a password before the computer starts up).
  • Detection of (unauthorized) modification of the BIOS, disk partitions, boot loader, kernel etc.
  • Hard disk platform binding (the hard disk will not work in another computer preventing Evil Maid attacks).
  • Key escrow and recovery.
  • Full Disk Encryption using Linux standard dm-crypt with AES-NI support (when your CPU supports AES-NI there is virtually no performance loss).
These are screenshots from a client of one of our running configurations:

Trusted Grub 2 boot screen
User authentication (all OK)
Error during boot (TPM detected breach) and recovery

All is working now on the client side. We are looking into enterprise class key management but we lack the resources for that now. Please standby for more progress for this.

Real Time Web Analytics