Manualshelf

Vol 1

ManualsBrandsIntel ManualsOtherIntel Xeon Processor E7430
21222324252627282930
Technologies
26 Intel® Xeon® Product 2800/4800/8800 v2 Product Family
Datasheet Volume One, February 2014
These extensions enhance two areas:
The launching of the Measured Launched Environment (MLE).
The protection of the MLE from potential corruption.
The enhanced platform provides these launch and control interfaces using Safer Mode
Extensions (SMX).
The SMX interface includes the following functions:
Measured/Verified launch of the MLE.
Mechanisms to ensure the above measurement is protected and stored in a secure
location.
Protection mechanisms that allow the MLE to control attempts to modify itself.
For more information on Intel Trusted Execution Technology, see
http://www.intel.com/technology/security/
2.2.2 Intel® Trusted Execution Technology – Server Extensions
Software binary compatible with Intel® Trusted Execution Technology for Servers
Provides measurement of runtime firmware, including SMM
Enables run-time firmware in trusted session: BIOS and SSP
Covers support for existing and expected future Server RAS features
Only requires portions of BIOS to be trusted, for example, Option ROMs need not
be trusted
Supports S3 State without teardown: Since BIOS is part of the trust chain
For more information on Intel TXT Server Extensions, refer to the Intel® Trusted
Execution Technology (Intel® TXT) Server Extensions - BIOS Specification.
2.2.3 Intel® AES New Instructions (Intel® AES-NI)
These instructions enable fast and secure data encryption and decryption, using the
Intel® AES New Instructions (Intel® AES-NI) (Advanced Encryption Standard [AES])
which is defined by FIPS Publication number 197. Since AES is the dominant block
cipher, and it is deployed in various protocols, the new instructions will be valuable for a
wide range of applications.
The architecture consists of six instructions that offer full hardware support for Intel
AES. Four instructions support the Intel AES-NI encryption and decryption, and the
other two instructions support the Intel AES-NI key expansion. Together, they offer a
significant increase in performance compared to pure software implementations.
The Intel AES-NI have the flexibility to support all three standard Intel AES-NI
key lengths, all standard modes of operation, and even some nonstandard or
future variants.
Beyond improving performance, the Intel AES-NI instructions provide important
security benefits. Since the instructions run in data-independent time and do not use
lookup tables, they help in eliminating the major timing and cache-based attacks that
threaten table-based software implementations of Intel AES-NI. In addition, these