Manualshelf

BIOS Protection Guidelines - Recommendations of the National Institute of Standards and Technology

ManualsBrandsIntel ManualsOtherIntel Desktop Board DP55SB
17181920212223242526
BIOS PROTECTION GUIDELINES
Appendix A Summary of Guidelines for System BIOS Implementations
This appendix contains a summary of the secure BIOS update guidelines for system BIOS
implementations found in Section 3.1. These guidelines are intended for platform vendors designing,
implementing, or selecting a system BIOS implementation. Readers should consult the relevant sections
in the main body of this document for additional informative text that further describes the intent and
context of the guidelines.
1. Approved BIOS Update Mechanisms
1-A All updates to the system BIOS shall use either an authenticated BIOS update mechanism as
described in Section 3.1.1 or an optional secure local update mechanism compliant with the
guidelines in Section 3.1.2.
!
2. BIOS Update Authentication!
2-A There shall be a Root of Trust for Update (RTU) that contains a signature verification
algorithm and a key store that includes the public key needed to verify the signature on the
BIOS update image.
!
2-B The key store and the signature verification algorithm shall be stored in a protected fashion on
the computer system and shall be modifiable only using an authenticated update mechanism or
a secure local update mechanism as outlined in Section 3.1.2.
!
2-C The key store in the RTU shall include the public key for verifying the signature on a BIOS
update image or include the hash [FIPS 180-3] of the public key for verifying the signature on
a BIOS update image that includes the public key. In the latter case, the update mechanism
shall ensure that the hash of the public key provided with the BIOS update image appears in
the key store before using the provided public key to verify the signature on the BIOS update
image.
!
2-D BIOS images shall be signed in conformance with NIST SP 800-89, Recommendation for
Obtaining Assurances for Digital Signature Applications [SP800-89], using an approved
digital signature algorithm as specified in NIST FIPS 186-3, Digital Signature Standard
[FIPS186-3], that provides at least 112 bits of security strength, in accordance with NIST SP
800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic
Algorithms and Key Lengths [SP800-131A].
!
2-E The authenticated update mechanism shall ensure that the BIOS update image has been
digitally signed and that the digital signature can be verified using one of the keys in the key
store in the RTU before updating the BIOS.
!
!
3. Secure Local Update (Optional)
BIOS implementations may optionally include a secure local update mechanism, where physical
presence authorizes installation of BIOS update images without necessarily using the authenticate
update mechanism.
!
3-A A secure local update mechanism shall ensure the authenticity and integrity of the BIOS update
image by requiring physical presence.
!
A-1