Intel N2820 FH8065301616603 Data Sheet
Product codes
FH8065301616603
Intel
®
Trusted Execution Engine (Intel
®
TXE)
718
Datasheet
17
Intel
®
Trusted Execution
Engine (Intel
®
TXE)
This section describes the security components and capabilities. The security system
contains an Intel
contains an Intel
®
TXE and additional hardware security feature that enable a secure
and robust platform.
Note:
TXE firmware is required on the Platform as part of the PCU SPI flash image.
17.1
Features
17.1.1
Security Feature
The Intel
®
TXE
in the processor is responsible for supporting and handling security
related features.
Intel TXE features:
•
32-bit RISC processor
•
256KB Data/Code RAM accessible only to the Intel
®
TXE
•
128KB On Chip Mask ROM for storage of Intel
®
TXE code
•
Common Timer 1-100 µS granularity, configurable interrupt (under FW control)
•
Inter-Processor Communication for message passing between the Host CPU and
Intel
Intel
®
TXE
•
64 byte input and output command buffers
•
256 byte shared payload (enables 2048-bit keys to be exchanged as part of the
command)
command)
•
No Host CPU address domain access to the Intel
®
TXE address domain by any Host
CPU address domain units
•
Security controller has direct access to Host CPU address domain (Some
Restrictions Apply). Multiple context DMA engine to transfer data between Host
CPU address domain (System memory) and the Intel
Restrictions Apply). Multiple context DMA engine to transfer data between Host
CPU address domain (System memory) and the Intel
®
TXE; programmable by the
Intel
®
TXE CPU only.
•
One multi-tiered FW Key Ladder and one Intel Key ladder.
•
Paging DMA operations includes encryption/decryption and integrity check value
(ICV) calculation. Auxiliary GPIOs to support input alert and two GP Outputs.
(ICV) calculation. Auxiliary GPIOs to support input alert and two GP Outputs.
17.1.1.1
HW Accelerators
•
DES/3DES (ECB, CBC) – 128b ABA key for 3DES Key Ladder Operations
•
Three AES engines - Two fast -128 and one slow- 128/256