As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
A key component of almost every information handling system is the basic input/output system (BIOS). A BIOS may be a system, device, or apparatus configured to identify, test, and/or initialize one or more information handling resources of an information handling system, typically during boot up or power on of an information handling system. A BIOS may include boot firmware configured to be the first code executed by a processor of an information handling system when the information handling system is booted and/or powered on. As part of its initialization functionality, BIOS code may be configured to set components of the information handling system into a known state, so that one or more applications (e.g., an operating system or other application programs) stored on compatible media may be executed by a processor and given control of the information handling system and its various components.
In the course of its operation, a BIOS may store many variables from boot to boot of an information handling system. A BIOS may store such variables in a non-volatile random access memory (NVRAM) integral to or otherwise accessible to the BIOS. However, such storage method is inherently insecure, as other processes occurring before and after boot my read this storage area. Some obfuscation methods may be employed, but may be easily defeated by would-be attackers.
Ideally, confidential variables would be secured through encryption before being stored in NVRAM. The variables could then be decrypted before use by the BIOS. However, encrypting variables requires a cryptographic key that must be available at boot time. Possible ways to have such a key available at boot time are to generate the key on each boot or storing the key in a persistent manner from boot to boot. Storing the key persistently is subject to many of the same problems as storing the variables themselves: the key may be easily snooped and could therefore not be trusted with the security of encrypted variables. Generating the key on each boot is also subject to problems, as deterministic algorithms for generating a key on each boot may also be snooped from the BIOS code, and once reverse engineered, employed to replicate a key for multiple informations handling systems.
Another solution might be to use a system/user password, which is already implemented to prevent access to the system by unauthorized parties, in conjunction with a key derivation function to produce an identical key on every boot which may be used to encrypt and decrypt sensitive BIOS variables. However, in some information handling systems, an administrator password may be used to access an information handling system where a system/user password has been forgotten or is unavailable (e.g., due to hardware reallocation, employee termination, etc.). In this situation, a key derivation function applied to the administrator password would generate a different key than the system/user password, and would thus fail to decrypt the previously-encrypted variables.