Software Guard Extensions

Look both ways and watch out for side-channels!

It has been a while again since I've posted, I've been busy with the day job.

Given some recent research results, I thought I would briefly discuss side-channels.  In case you don't fully understand what a side-channel is I heard a great analogy from my boss, Intel Vice President Sridhar Iyengar (pro-tip:  it never hurts to compliment your boss occasionally :)).

How to use XDB to do kernel debug on Yocto with Minnowboard MAX


Minnowboard MAX is an open hardware which is utilized Intel Atom processor. This hardware is a small and low cost but offer exceptional performance, flexibility, openness and standards. We can prepare micro sd card or usb flash device to expand the hardware storage and easy exchange difference OS to develop. Yocto project is an open source which helps you to create a customized Linux-based system for embedded products.

We set up the debug environment as figure below and build your Yocto image for the Minnowboard MAX first.

  • Desenvolvedores
  • Projeto Yocto
  • Depurador JTAG Intel®
  • Intel® System Debugger
  • Software Guard Extensions
  • Depuração
  • Ferramentas de desenvolvimento
  • Intel® SGX for Dummies – Part 2

    In my last blog post, only about 9 short months ago, I provided an overview of the Intel® SGX design objectives.  Sincere apologies for the long delay between postings, my colleagues and I have been hard at work on the latest security technologies and I need to remember to carve out more time to post.

    As a reminder, I highlighted these eight design objectives for Intel® SGX:

    Intel® SGX for Dummies (Intel® SGX Design Objectives)

    Today the Intel® Software Guard Extensions (Intel® SGX) programming reference manual was published (more information is available here).  Given the significant time and effort that my colleagues and I have spent defining Intel® SGX, I can't find a strong enough word in my thesaurus to describe how thrilled/elated/ecstatic I am to finally be ab

    Attestation & Sealing with Software Guard Extensions

    Once you have instantiated a secured software environment (known as an enclave) with the new instructions from the Intel(r) Software Guard Extensions (SGX) you are now ready to load secrets into it for processing and storing on the platform. This is the purpose of the attestation and sealing features in SGX.

    Assine o Software Guard Extensions