6
Technical white paper | HP Sure Start
capabilities is critical to the security posture of the overall platform. Dynamic data includes all BIOS settings that can be
modied by the end user or administrator of the device. Examples include (but are not limited to) boot options such as
the secure boot feature, BIOS administrator password and related policies, Trusted Platform Module–state control, and
HP Sure Start policy settings.
Any successful attack that bypasses the existing access restrictions designed to prevent unauthorized modications
to these settings could defeat the platform security. As an example, consider a scenario where an attacker makes an
unauthorized modication to the secure boot state to disable it without being detected. In this scenario, the platform
would boot the attacker’s root kit before the OS starts, without the user’s knowledge.
Industry-standard Unied Extensible Firmware Interface (UEFI) BIOS does implement access restrictions that should
prevent unauthorized modications to these variables, and HP implements these just like the rest of the PC industry.
However, given the risks a breach of these mechanisms poses to the platform, HP Sure Start provides secondary
defenses that are stronger than the baseline industry standard.
BIOS settings and other dynamic data used by rmware to control the state that is protected by HP Sure Start are stored
in the isolated nonvolatile memory of the HP Endpoint Security Controller that is not directly accessible to software
running on the host CPU.
Additionally, the HP ESC creates and appends unique integrity measurements each time a data element is stored in this
nonvolatile memory store. The integrity measurements are based on a strong cryptographic algorithm (hashed-based
message authentication code utilizing SHA-256 hashing) that is rooted to a secret contained within the HP ESC. The secret
is unique to each HP ESC, such that each controller generates a unique integrity measurement given an identical element.
When the data element is read back from the nonvolatile memory, the HP ESC recalculates the integrity measurement
for that data element and compares it to the integrity measurement that is appended to the data. Any unauthorized
changes to the data in the nonvolatile memory store result in a mis-compare. Using this approach, the HP ESC can detect
tampering with data elements stored in the nonvolatile memory store.
Data condentiality
For many of the data elements stored by the platform, maintaining condentiality is critical. Examples include BIOS
administrator password hashes, user credentials, and secrets optionally stored by rmware on behalf of the user for
rmware-based features such as HP Sure Run and HP Sure Recovery.
Protection of these secrets is challenging when industry-standard UEFI BIOS approaches are used, since the nonvolatile
storage is typically readable by software running on the host processor. HP Sure Start–protected storage is intended to
provide much greater protection of this condential data than a standard UEFI BIOS implementation.
In addition to a separate isolated storage, HP Sure Start leverages the Advanced Encryption Standard (AES) hardware
block contained within the HP ESC to perform AES-256 encryption on all condential data elements stored in the HP Sure
Start nonvolatile memory, in addition to the data integrity measurements for those elements. The encryption key used is
unique to each HP ESC and never leaves that controller, so data encrypted by any individual HP ESC component can only
be decrypted by that same HP ESC.
Secure boot keys protection
Compared to the industry-standard UEFI secure boot implementation, HP Sure Start provides enhanced protection of the
UEFI secure boot key databases that are stored by the rmware. These variables are critical to proper operation of the UEFI
secure boot feature that veries integrity and authenticity of the OS bootloader before allowing it to start at boot.
HP Sure Start protects UEFI secure boot key databases by maintaining a master copy in HP Sure Start–protected storage.
Any authorized modications to the UEFI standard secure boot key databases by the OS during runtime are tracked by
HP Sure Start and applied to the master copy by the HP ESC. HP Sure Start then uses the master copy in HP Sure Start–
protected storage to identify and reject any unauthorized changes to the UEFI standard secure boot keys databases.
This capability, enabled by default, covers the following databases: