Manualshelf

White Papers

ManualsBrandsDell ManualsActive System ManageriDRAC7 Version 1.10.10
1234567
New Security Features in the Integrated Dell Remote Access Controller 7
5
encryption/decryption operations. iDRAC7 takes advantage of this capability to create a “root of trust
within iDRAC7’s early boot code.
Hidden Root Key: keeping secrets confidential
This 256-bit unique, hidden value is called the Hidden Root Key (HRK). The HRK is cryptographically
composed from three sources: a 256-bit fused random value in iDRAC7’s CPU unit, a Public Key that is
contained in iDRAC7’s boot block, and either the value True or the value False, depending on whether
the code in the boot block was signed with the public key. (The boot block is a small amount of
persistent memory that contains the initial portion of iDRAC7’s boot code).
Because of the way in which the HRK is calculated, a high degree of assurance is provided that the HRK
for a particular iDRAC7 will take on a different value if code not signed by Dell is executed on that
iDRAC7’s CPU than if the code is signed by Dell.
Therefore, data encrypted by the HRK when the iDRAC7 is running Dell signed firmware, won’t be
decrypt-able by the HRK of firmware supplied by an attacker. It also means that if the flash storage
chip iDRAC7 uses to store data were accessed directly (for example, by soldering wires to it), sensitive
data is encrypted and therefore not accessible.
Hidden Root Key: uniquely identifying a particular server
Because the HRK is unique to every iDRAC it provides a means to uniquely identify an iDRAC in a
cryptographically robust manner.
Uniquely identifying a server is important in a number of scenarios. Some scenarios are addressed by
Dell PowerEdge 12
th
generation server features, while other scenarios will be addressed in future iDRAC
versions. A few scenarios where strong server identification is important:
In organizations where the threat of rogue servers is a possibility
As a basis for building a chain of trust for:
o Validating that hardware components of a system are authentic
o Confirming that the firmware and firmware configuration of the various devices on the
system is unchanged and is authentic
o Clearing all aspects of customer data and customer-supplied configurations when a
system is repurposed or decommissioned
Combining servers in clusters or groups with high assurance against rogue or spoofed servers
Summary: best features of the TPM
The HRK allows the iDRAC7 to implement a number of features normally associated with the TPM, but
does so in a way that doesn’t add additional cost to the system, while preserving all of the capabilities
of the TPM for use by the customer.