In my previous two blog posts I provided an overview of the Intel® SGX design objectives. Without further ado, below is a more detailed description of the remaining design objectives.
As a reminder, I highlighted these eight design objectives for Intel® SGX:
The OpenSSL* ENGINE API includes an engine specifically for Intel® Data Protection Technology with Secure Key. When this engine is enabled, the RAND_bytes() function will exclusively use the RDRAND instruction for generating random numbers and will not need to rely on the OS's entropy pool for reseeding. End applications can simply call RAND_bytes(), do not have to invoke RAND_seed() or RAND_add(), and the OpenSSL library will not call RAND_poll() internally.
Download the complete code sample at the bottom of the article.
I've recently started learning about Intel® Trusted Execution Technology (Intel® TXT).
Most important learning: Server and Client TXT are NOT the same and ACM files and TPMs differ by generation and system class. For current Intel® TXT purposes,