Validating that the servers contain only signed drivers

04-Mar-2018 17:29 by 10 Comments

Validating that the servers contain only signed drivers - what is carbon 14 dating

When I am telling you something that I determined experimentally, I will use phrases like "it seems like" or "in my experience".When my experiments contradict the official documentation I will say so.

Since then, I have been keeping an eye on new developments and updating this article.Signing and verifying a message can be done with the functions g and f respectively.The sender passes his message (or a cryptographic hash of it) through the g function from his private key to make a signature for the message.Therefore, SHA-1 will not be a long term solution, and most people should probably use SHA-2 instead.In July 2015, I did a systematic set of experiments with different types of signatures.This is exactly what Windows is doing for you behind the scenes whenever it verifies a signature on a piece of software and tells you who the publisher is.

At a deep level, the RSA cryptosystem works because it is very hard to factor large numbers into primes.

Pretty much every secure thing you do with a computer, including code and driver signing, uses the RSA cryptosystem invented by Rivest, Shamir, and Adleman in the 1970s.

I am not going to really explain the mathematics behind it, but I will give you an idea of what RSA lets us do.

A lot of this information can be verified in official Microsoft documentation found on MSDN, and I will try to cite the official documentation when needed.

The authoritative documents on kernel-mode code signing are and KMCS_

If you are a developer figuring out how to sign drivers or software, the aim of this guide is to tell you everything you need to know so that you can do it correctly.