Hacker News new | past | comments | ask | show | jobs | submit login
Amlogic S905 SoC: Bypassing the not so Secure Boot to dump the boot ROM (fredericb.info)
65 points by zdw on Oct 6, 2016 | hide | past | favorite | 7 comments



Summary: the secure boot ROM is validated by a SHA-256 hash, instead of being authenticated by a crypto signature, so one is free to tamper with the bootloader as long as the hash is recomputed correctly. The strangest thing is that there is support for RSA signatures, but the feature is just unused.


Not quite. Weakness is later in the chain.

Secure second-stage loader (BL2) loads secure third-stage loader (BL31) from insecure flash storage, then verifies it by calculating SHA-256 hash of it and comparing that to the value stored in the same insecure flash.


The Xilinx Zynq has one time programmable eFuse registers for this sort of thing


How easy is it to change the input of SHA256 without changing the output? That strikes me as still very difficult (MD5 is basically worthless for this reason).


For anyone wondering: the hash is part of the boot ROM that is being authenticated


Very good read!

But, in fairness this isn't a failure of the S905 SOC. It is a bug in the second stage bootloader that fails to authenticate the next image.

The SoC BootROM validates the RSA signature of the second stage bootloader.


Huh. I wonder what the implications are for Play Store's DRM.

Specifically it seems like this board could be used to strip DRM from media.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: