Lanner’s Secure Boot and Secure Flash

Secure Boot is a form of verified booting technology which ensures boot path validations. As defined in UEFI (Unified Extensible Firmware Interface) specifications, this BIOS-based technology assures that the system firmware checks if the boot loader is signed with a cryptographic key contained in the database in the firmware. In other words, Secure Boot is a firmware-based boot path validation mechanism that contains cryptographic key and it will check if the boot loader is protected by the key. Only the ones with proper digital signature verification in the next-stage boot loaders, kernels or user space can access the system. This will prevent the execution of codes that are not signed with the cryptographic key programmed in the system firmware.