Multi Key Total Memory Encryption Spec

2020-02-27 1038浏览

  • 1.Intel® Architecture Memory Encryption Technologies SpecificationRef:#336907-001USRev:1.1 December 2017
  • 2.Disclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and noninfringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade. This document contains information on products, services and/or processes in development. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest forecast, schedule, specifications and roadmaps. Designers must not rely on the absence or characteristics of any features or instructions marked "reserved" or "undefined." Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request. Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800-548-4725 or by visiting www.intel.com/design/literature.htm. Intel, the Intel logo, are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others Copyright © 2017, Intel Corporation. All rights reserved.Ref:#336907-001US 2
  • 3.Terminology 1. TME – Total Memory Encryption - this is a base line capability for memory encryption with a single ephemeral key. 2. MKTME – Add support to use multiple keys for page granular memory encryption with additional support for software provisioned keys.Ref:#336907-001US 3
  • 4.1 Introduction This document is a work in progress and is subject to change based on customer feedback and internal analysis. This document does not imply any product commitment from Intel to anything in terms of features and/or behaviors. This document describes the memory encryption support targeting future Intel processors. Note that Intel platforms supports many different types of memory and not all SOC would support this capability for all types of memory. Initial implementation is likely to focus on traditional DRAM and NVRAM. Total Memory Encryption (TME) – as name would imply is a capability to encrypt entirety of physical memory of a system. This capability is typically enabled in very early stages of boot process with small change to BIOS and once configured and locked will encrypt all the data on external memory buses of an SOC using NIST standard AES-XTS algorithm with 128-bit keys. The encryption key used for TME uses hardware random number generator implemented in Intel SOC and the keys are not accessible by software or using external interfaces to Intel SOC. TME capability is intended to provide protections of AES-XTS to external memory buses and DIMMs. The architecture is flexible and will support additional memory protections schemes in future. This capability when enabled is intended to support (unmodified) existing system and application software. Overall performance impact of this capability is likely to be relatively small and is highly dependent on workload. Multi-Key Total Memory Encryption (MKTME) builds on TME and adds support for multiple encryption keys. The SOC implementation will support a fixed number of encryption keys, and software can configure SOC to use a subset of available keys. Software manages the use of keys and can use each of the available key for encrypting any page of the memory. Thus, MKTME allows page granular encryption of memory. By default MKTME uses TME encryption key unless explicitly specified by software. In addition to supporting CPU generated ephemeral key (not accessible by software or using external interfaces to SOC), MKTME also supports software provided keys. Software provided keys are particularly useful when used with non-volatile memory or when combined with attestation mechanisms and/or used with key provisioning services. In virtualization scenario, we anticipate VMM or hypervisor to manage use of keys to transparently support legacy operating systems without any changes (thus, MKTME can also be viewed as TME virtualization in such deployment scenario). An OS may be enabled to take additional advantage of MKTME capability both in native or virtualized environment. When properly enabled, MKTME is available to each guest OS in virtualized environment, and guest OS can take advantage of MKTME in same was as native OS.Ref:#336907-001US 4
  • 5.2 Introduction to Total Memory Encryption (TME) The diagram below shows basic idea behind total memory encryption in a two socket configuration. Actual implementation may vary. AES XTS encryption engine is in the direct data path to external memory buses and therefore, all the memory data entering and/or leaving SOC on memory buses is encrypted using AES XTS. The data inside the SOC (in caches, etc.) remains plain text and therefore, supports all the existing software and I/O models. In a typical deployment, the encryption key is generated by the CPU and therefore, is not visible to the software. When the system is configured with NVRAM, if the NVRAM is to be treated as DRAM, the it can also use CPU generated keys. However, if NVRAM were to be treated as nonvolatile memory, there is an option to be able to have same key generated/reused across platform power cycles/reboots.Ref:#336907-001US 5
  • 6.3 Introduction to Multi-Key Total Memory Encryption (MKTME) 3.1 High-level Architecture The highlevel architecture of MKTME is shown in the figure below. VM1 VM2KeyID:'>KeyID: