Abstract

In this paper we describe bugs and ways to attack trusted computing systems based on a static root of trust such as Microsoft’s Bitlocker. We propose to use the dy-namic root of trust feature of newer x86 processors as this shortens the trust chain, can minimize the Trusted Computing Base of applications and is less vulnerable to TPM and BIOS attacks. To support our claim we implemented the Open Secure LOader (OSLO), the first publicly available bootloader based on AMDs skinit instruction. 1