I need some suggestions about the use of the CRC in my application. I need to be sure about the BIOS run by the CPU. I have a FPGA between the BIOS flash and the CPU that sniff every read performed by the CPU on the BIOS memory. The initial idea was to compute the SHA1 of the data stream to authenticate and to be sure about the correctness of the BIOS. The resulting digest is stored inside the bitstream of the FPGA. Is it enough safe to use the CRC in this application ?
Asked
Active
Viewed 3,785 times
1 Answers
6
No, it is not safe to authenticate the BIOS in that way. CRC should be used as checksum only, i.e. to avoid random bit flips. For larger random changes you should use CRC32 at the minimum.
If you want to protect against malicious change you need a cryptographically secure hash. the reason for this is that any attacker can create a malicious BIOS that calculates to a particular CRC.
SHA-1 is under attack although it is not broken yet. If it is broken, it will be broken exactly for the purpose you are using the hash though. So it is better to upgrade to SHA-256 and/or SHA-512 (whichever is faster on your machine).
Note that cryptographic hash functions do not take a key. So for authentication you need additional measures. You could rely on signature generation (e.g. PKCS#1 v1.5 padding + modular exponentiation for RSA) or - for symmetric keys - a HMAC. Both of these rely on an underlying hash function for security. With HMAC you could use SHA-1 by the way.
As lightweight software hash Blake2b is often mentioned here, but this requires a bigger understanding of hash functions. If possible stay with SHA-2.
Maarten Bodewes
- 96,351
- 14
- 169
- 323