Improving Hardware Security on Talos II Architecture Through Boot Image Encryption

Abstract

The OpenPOWER Foundation is an organization that promotes open-source high-performance hardware like the POWER9. OpenBMC is an OpenPower project that strives to produce an open-source firmware stack for Baseboard Management Controllers (BMCs). If hardware falls into the hands of competitors or bad actors, reverse engineering methods can be used to leak or manipulate sensitive information from the boot sequence. This represents a security concern because the root of trust can be invalidated. For example, since the Initial Program Load (IPL) data is frequently not encrypted and is sent over the Low Pin Count (LPC) bus, it is possible to intercept and conduct man-in-the-middle attacks to modify the boot process. The boot image flash chip could also be removed from the Talos II motherboard and examined by competing server architecture manufacturers to reveal detailed boot information. Firmware that developers deem to contain sensitive code or perform innovative operations needs to be protected before being flashed onto the boot image chip. This paper demonstrates a method to encrypt sections of the boot image by encrypting a section of the image before flashing it onto the Talos II. The encrypted image will be decrypted during the boot sequence in the Level 3 cache of the POWER9, proving that it is possible to prevent adversaries from interfering with the IPL flow or obtaining details on firmware from the flash chip. This paper presents a novel method to improve the security of the boot image on Talos II architecture by encrypting the boot firmware image and decrypting it during the boot process. The proof of concept was executed on a Raptor Engineering Talos II system running a POWER9 processor with OpenBMC firmware on the ASPEED AST2500 BMC. This research claims that this unique method increases boot time security through firmware without altering hardware.