0

I would like to learn how to implement secure boot on a device. I have a raspberry pi 2, and 3. I can get any board if it is required. I have been working with embedded systems and embedded linux.

What I find our there are general talks about secure boot and what it is good and essential. I have not been successful at find a project to get hands-on experience.

What I would need is a suggestion and link to resources on how to implement a secure boot mechanism. I hope someone here can help me find a good resource.

I use linux but have access to Windows as well. I have been desperately looking for anything good.

Improve this question

1 Answer 1

Reset to default
0

You could use LUKs which will encrypt your disk and allow for secure booting, but the issue is that you have to store the key somewhere that is accessible to the boot process. This is the main weakness of LUKs.

You can use a Hardware Security Module (HSM) for this though. The Zymkey is such a module, but you really need a RPi 4 or 5 for that. Using that module, and the software for it, you can use LUKs to safely encrypt your boot disk, and the key is stored in the hardware, which the Pi then uses to decrypt the disk before booting it.

There's also Bootware which can also provide things like A/B partitioning for resilient updates, etc.

dg

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.