Intel CM8062101038606 Computer Hardware User Manual


 
Technologies
82 Intel® Xeon® Processor E5-1600/E5-2600/E5-4600 Product Families
Datasheet Volume One
These extensions enhance two areas:
The launching of the Measured Launched Environment (MLE).
The protection of the MLE from potential corruption.
The enhanced platform provides these launch and control interfaces using Safer Mode
Extensions (SMX).
The SMX interface includes the following functions:
Measured/Verified launch of the MLE.
Mechanisms to ensure the above measurement is protected and stored in a secure
location.
Protection mechanisms that allow the MLE to control attempts to modify itself.
For more information refer to the
Intel® Trusted Execution Technology Software
Development Guide.
For more information on Intel Trusted Execution Technology, see
http://www.intel.com/technology/security/
3.2.2 Intel Trusted Execution Technology – Server Extensions
Software binary compatible with Intel Trusted Execution Technology Server
Extensions
Provides measurement of runtime firmware, including SMM
Enables run-time firmware in trusted session: BIOS and SSP
Covers support for existing and expected future Server RAS features
Only requires portions of BIOS to be trusted, for example, Option ROMs need not
be trusted
Supports S3 State without teardown: Since BIOS is part of the trust chain
3.2.3 Intel® Advanced Encryption Standard Instructions
(Intel® AES-NI)
These instructions enable fast and secure data encryption and decryption, using the
Intel® AES New Instructions (Intel® AES-NI), which is defined by FIPS Publication
number 197. Since Intel AES-NI is the dominant block cipher, and it is deployed in
various protocols, the new instructions will be valuable for a wide range of applications.
The architecture consists of six instructions that offer full hardware support for Intel
AES-NI. Four instructions support the Intel AES-NI encryption and decryption, and the
other two instructions support the Intel AES-NI key expansion. Together, they offer a
significant increase in performance compared to pure software implementations.
The Intel AES-NI instructions have the flexibility to support all three standard Intel
AES-NI key lengths, all standard modes of operation, and even some nonstandard or
future variants.
Beyond improving performance, the Intel AES-NI instructions provide important
security benefits. Since the instructions run in data-independent time and do not use
lookup tables, they help in eliminating the major timing and cache-based attacks that
threaten table-based software implementations of Intel AES-NI. In addition, these
instructions make AES simple to implement, with reduced code size. This helps
reducing the risk of inadvertent introduction of security flaws, such as difficult-to-
detect side channel leaks.