Intel E3845 FH8065301487715 Hoja De Datos
Los códigos de productos
FH8065301487715
Intel
®
Trusted Execution Engine (TXE)
Intel
®
Atom™ Processor E3800 Product Family
3150
Datasheet
22
Intel
®
Trusted Execution
Engine (TXE)
This section describes the security components and capabilities of the Intel
®
Trusted
Execution Engine (TXE) security co-processor.
Note:
TXE firmware is required on the Bay Trail Platform as part of the PCU SPI flash image.
PCU SPI must be setup in descriptor mode. For security reasons, primarily to lock PCU
SPI flash access permission and OTP fue programming, TXE Manufacturing Mode must
be Disabled before shipping to customers. See your Intel
PCU SPI must be setup in descriptor mode. For security reasons, primarily to lock PCU
SPI flash access permission and OTP fue programming, TXE Manufacturing Mode must
be Disabled before shipping to customers. See your Intel
®
representative for details.
22.1
Features
22.1.1
Security Feature
The Intel
®
TXE
is a security co-processor responsible for supporting and handling
security. Features include:
•
32-bit RISC processor
•
256KB Data/Code RAM accessible only to the Intel
®
TXE
•
128KB On Chip Mask ROM for storage of Intel
®
TXE code
•
Common Timer 1-100 µS granularity, configurable interrupt (under FW control)
•
Inter-Processor Communication for message passing between the Host CPU and
Intel
Intel
®
TXE
•
64 byte input and output command buffers
•
256 byte shared payload (enables 2048-bit keys to be exchanged as part of the
command)
command)
•
No Host CPU address domain access to the Intel
®
TXE address domain by any Host
CPU address domain units
•
Security controller has direct access to Host CPU address domain (Some
Restrictions Apply). Multiple context DMA engine to transfer data between Host
CPU address domain (System memory) and the Intel
Restrictions Apply). Multiple context DMA engine to transfer data between Host
CPU address domain (System memory) and the Intel
®
TXE; programmable by the
Intel
®
TXE CPU only.
•
One multi-tiered FW Key Ladder and one Intel Key ladder.
•
Paging DMA operations includes encryption/decryption and integrity check value
(ICV) calculation. Auxiliary GPIOs to support input alert and two GP Outputs.
(ICV) calculation. Auxiliary GPIOs to support input alert and two GP Outputs.
22.1.1.1
HW Accelerators
•
DES/3DES (ECB, CBC) – 128b ABA key for 3DES Key Ladder Operations
•
Three AES engines - Two fast -128 and one slow- 128/256