Secure Boot - Verified Startup Process

About 2 min read

Secure Boot is a mechanism that, at each stage from powering on a computer to the completion of OS startup, verifies that the code being executed carries a legitimate signature, thereby preventing tampered software from running. It is implemented as a feature of UEFI (Unified Extensible Firmware Interface) firmware and is positioned as a fundamental defense against malware that hides before the OS starts, such as rootkits and bootkits.

Relationship with UEFI Firmware

Secure Boot is a feature built into the UEFI specification (version 2.3.1 and later). Traditional BIOS had no mechanism for verifying code signatures, so any code written to the boot sector was executed unconditionally. To solve this problem, UEFI introduced a public-key cryptography infrastructure into the boot process. The firmware itself becomes the "Root of Trust" and verifies all subsequent components in a chain.

The Boot Chain Verification Flow

Secure Boot manages signature trust relationships using four types of key databases.

The PK is the topmost key set by the hardware vendor, and usually only one exists. The KEK is held by the OS vendor (such as Microsoft) and has the authority to update db and dbx. At startup, UEFI checks the bootloader's signature against db and confirms it is not contained in dbx before permitting execution.

Verification Steps in the Boot Process

Defense Against Bootkits and Rootkits

A bootkit is an extremely dangerous form of malware that resides in memory before the OS starts and can bypass all of the OS's security mechanisms. The "FinSpy bootkit" discovered in 2020 and "BlackLotus" in 2022 are known as real-world examples that exploited vulnerabilities in the MBR or UEFI to circumvent Secure Boot. When Secure Boot is enabled, unsigned code is rejected at the very first stage of the boot chain, so most bootkits never reach execution. From the standpoint of endpoint security as well, Secure Boot is the most fundamental layer of defense.

Integration with TPM - Measured Boot

Whereas Secure Boot focuses on "verifying signatures," Measured Boot, which works in tandem with the TPM, performs "measurement and recording of the boot process."

In Measured Boot, the hash value of each stage of the boot process (firmware, bootloader, kernel, drivers) is recorded sequentially in the TPM's PCRs (Platform Configuration Registers). Through "remote attestation," in which an external server verifies these records, it is possible to prove over the network that the device has not been tampered with.

Secure Boot Support on Linux

Secure Boot support in the Linux kernel has long been a subject of debate because of its structural dependence on Microsoft's signing keys. Major distributions adopt a method of booting via the "shim" bootloader, which has obtained Microsoft's UEFI signature. In this multi-stage configuration, shim verifies GRUB2, and GRUB2 verifies the kernel. Because signature verification of kernel modules is also enabled, registering a MOK (Machine Owner Key) becomes necessary when using unsigned third-party drivers (such as NVIDIA's proprietary driver).

"Just disable Secure Boot and it will work" is advice often seen online, but this is an act of abandoning security at its root. The MOK registration procedure takes only a few minutes, so the correct approach is to deal with the issue while keeping Secure Boot enabled.

The fundamentals of encryption technology are explained in detail in the article on the basics of encryption, and its relationship to physical security is covered in the article on physical security. Please also refer to ransomware protection and the risks of biometric authentication.UEFI security books on Amazon is another good place to look.