- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi!
I've been reading the documentation about Intel SGx, and as far as what I've read with the documentation, SGx effectively minimizes the TPB to the CPU... effectively replacing the need for a TPM.
TPM is typically used during Secure Boot.
Is SGx capable of doing this? Can it also take the role of TPM during a (measured) Secure Boot process?
Any additional docs or reference will be much appreciated...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
There isn't really a pre-boot environment role for SGX as currently implemented. It relies heavily on the platform software to provide some needed infrastructure, specifically the architectural enclaves (launch, quoting, etc.) and provisioning pieces, as well as OS components to manage resources such as memory pages. It's main purpose is provide an application-level TEE. Trying to extend its role beyond that would be a heavy lift if it were feasible at all.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
There isn't really a pre-boot environment role for SGX as currently implemented. It relies heavily on the platform software to provide some needed infrastructure, specifically the architectural enclaves (launch, quoting, etc.) and provisioning pieces, as well as OS components to manage resources such as memory pages. It's main purpose is provide an application-level TEE. Trying to extend its role beyond that would be a heavy lift if it were feasible at all.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I see, so it compliments TPM in this sense.
Thank you Anusha!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page