Intel CM8063501287403 User Manual
Technologies
80
Intel® Xeon® Processor E5-1600 v2/E5-2600 v2 Product Families
Datasheet Volume One of Two
The Intel TXT platform helps to provide the authenticity of the controlling environment
such that those wishing to rely on the platform can make an appropriate trust decision.
The Intel TXT platform determines the identity of the controlling environment by
The Intel TXT platform determines the identity of the controlling environment by
accurately measuring and verifying the controlling software.
Another aspect of the trust decision is the ability of the platform to resist attempts to
change the controlling environment. The Intel TXT platform will resist attempts by
software processes to change the controlling environment or bypass the bounds set by
the controlling environment.
the controlling environment.
Intel TXT is a set of extensions designed to provide a measured and controlled launch
of system software that will then establish a protected environment for itself and any
additional software that it may execute.
additional software that it may execute.
These extensions enhance two areas:
• The launching of the Measured Launched Environment (MLE).
• The protection of the MLE from potential corruption.
• The protection of the MLE from potential corruption.
The enhanced platform provides these launch and control interfaces using Safer Mode
Extensions (SMX).
The SMX interface includes the following functions:
• Measured/Verified launch of the MLE.
• Mechanisms to ensure the above measurement is protected and stored in a secure
• Mechanisms to ensure the above measurement is protected and stored in a secure
location.
• Protection mechanisms that allow the MLE to control attempts to modify itself.
3.2.2
Intel® Trusted Execution Technology – Server Extensions
• Software binary compatible with Intel® Trusted Execution Technology –
Server Extensions
• Provides measurement of runtime firmware, including SMM
• Enables run-time firmware in trusted session: BIOS and SSP
• Covers support for existing and expected future Server RAS features
• Only requires portions of BIOS to be trusted, for example, Option ROMs need not
• Enables run-time firmware in trusted session: BIOS and SSP
• Covers support for existing and expected future Server RAS features
• Only requires portions of BIOS to be trusted, for example, Option ROMs need not
be trusted
• Supports S3 State without teardown: Since BIOS is part of the trust chain
3.2.3
AES Instructions
These instructions enable fast and secure data encryption and decryption, using the
Advanced Encryption Standard (AES) which is defined by FIPS Publication number 197.
Advanced Encryption Standard (AES) which is defined by FIPS Publication number 197.
Since AES is the dominant block cipher, and it is deployed in various protocols, the new
instructions will be valuable for a wide range of applications.
instructions will be valuable for a wide range of applications.