Intel Discloses New Ice Lake Xeon Security Features
Written by Michael Larabel in Intel on 14 October 2020 at 09:00 AM EDT. 8 Comments
INTEL --
Intel today is revealing a few details concerning upcoming Intel 3rd Generation Xeon Scalable "Ice Lake" processors.

Today the company is just talking security features of Ice Lake Xeon. The company is confirming these upcoming Xeon CPUs will support:

- Intel Software Guard Extensions (SGX). While a number of security vulnerabilities around SGX have been disclosed since its debut in Skylake (Prime+Probe, LVI, SGAxe, Plundervolt, etc), Intel argues in today's announcement that it "is the most researched, updated and battle-tested TEE for data center confidential computing, with the smallest attack surface within the system." The Intel SGX Enclaves support for the Linux kernel remains a work-in-progress after going through patch review dozens of times.

- Intel Total Memory Encryption (TME). Total Memory Encryption has also been worked on for the Linux kernel already, similar to AMD's Secure Memory Encryption (SME).

- Intel Platform Firmware Resilience (PFR). PFR relies on an FPGA as a platform root of trust and can provide protection for the BIOS flash memory, BMC flash, SPI descriptor, Intel Management Engine, and power supply firmware from attacks.

- New cryptographic accelerators. Intel describes the Ice Lake Xeon crypto additions as "The first is a technique to stitch together the operations of two algorithms that typically run in combination yet sequentially, allowing them to execute simultaneously. The second is a method to process multiple independent data buffers in parallel."

That's it for today's Ice Lake Xeon disclosures and hopefully as the quarter moves on additional details will come to light.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week