Intel® Developer Zone:
Security and Encryption

AES New Instructions

Digital Random Number Generator

Intel Instruction Set Architecture Extensions

Intel® Trusted Execution Technology (Intel® TXT) Enabling Guide
By David Mulnix (Intel)Posted 03/28/20140
Download as PDF Contents   1 Overview of Benefits from Intel® Trusted Execution Technology (Intel® TXT) 2 Hardware and Software Prerequisites 2.1 Hardware-Layer Requirements 2.1.1 Processor 2.1.2 Chipset 2.1.3 BIOS 2.2 Software-Layer Requirements 2.2.1 Operating System and Hyp...
Intel® Trusted Execution Technology
By Suman A Sehra (Intel)Posted 01/13/20146
Intel® Trusted Execution Technology (Intel® TXT) provides a hardware- based root of trust to ensure that a platform boots with a known good configuration of firmware, BIOS, virtual machine monitor, and operating system. For more information, please refer to http://www.intel.com/technology/malware...
Libcryptorandom
By John Mechalas (Intel)Posted 09/26/20130
Downloads Libcryptorandom [PDF 398KB]Libcryptorandom Source Code[ZIP 376KB] Libcryptorandom is a cross-platform library that allows programmers to obtain cryptographically secure random numbers from the best available entropy source on the underlying system. The library frees the programmer from ...
Intel® Business Client Community Frequently Asked Questions
By Gael Hofemeier (Intel)Posted 09/18/20130
Download Article Download Intel® Business Client Community Frequently Asked Questions [PDF 380KB] Getting Started GeneralTroubleshooting Other Remote Encryption Management Getting Started This section contains answers for those new to the Intel® Manageability and Security Developer Community (no...

Pages

Subscribe to
The Benefits of Solid-State Storage Technologies in the Cloud
By Thai Le (Intel)Posted 12/16/20130
Summary Solid-state drives (SSD) have rapidly evolved over the last few years, resulting in devices with more space and greater reliability. SSDs are used for caching in data centers and in larger system applications including computing massive data sets (big data: volume, variety, and velocity)...
Jeff's Notebook: Convenient and More Secure Login's - Intel Identity Protection Technology and MYDIGIPASS.COM
By Jeff Kataoka (Intel)Posted 12/11/20130
Login passwords, so important to protecting your various accounts or even your personal identity, but with all of our online accounts, what a pain passwords can be.  How do you remember all your user names and passwords?  Many people use the same user name and password for all of their online acc...
Setting Up OpenStack* and its Use Cases on Intel(R) Architecture
By Thai Le (Intel)Posted 09/27/20131
  OpenStack* is a collaboration between developers and cloud computing technologists to produce an open source platform for cloud computing. OpenStack* aims to provide a simple and scalable cloud computing paradigm for different sizes of both public and private clouds. All OpenStack* source code...
Utilizing AES New Instructions (AES-NI) in a Windows* 8 C# App
By MICHAEL R. (Intel)Posted 09/18/20130
AES-NI is a new security feature available on the latest Intel® Atom™ Z3000 processors (codename Bay Trail).  AES-NI provides a set of hardware instructions onboard the processor that implement some of the intensive sub-steps of the AES algorithm.  This yields additional performance when performi...

Pages

Subscribe to Intel Developer Zone Blogs
No content found
Subscribe to Forums
Down to Business 8
11/19/20120

Intel App Show for Developers 33: Live From IDF
10/29/20120

In this show Bob and Rhonda discuss the day two keynote from Renee James who runs the Software and Services Group. They discuss HTML5, transparent computing, cloud services and new software security features from McAfee.


Ultrabooks™: The Software Opportunity
08/17/20120

What are Ultrabooks™ and how do they affect software? From sensors and touch to security – there are many exciting opportunities


Subscribe to Videos

Intel® Virtualization Technology (Intel® VT)

Intel® Hardware Accelerated Execution Manager
By HAOREN J. (Intel)Posted 11/27/20138
Last Updated April 15, 2014 The Intel Hardware Accelerated Execution Manager (Intel® HAXM) is a hardware-assisted virtualization engine (hypervisor) that uses Intel Virtualization Technology (Intel® VT) to speed up Android app emulation on a host machine. In combination with Android x86 emulator...
Intel® SDK for OpenCL* Applications - Performance Debugging Intro
By Maxim Shevtsov (Intel)Posted 11/08/20132
To the Intel® OpenCL SDK page Table of Contents 1. Host-Side Timing 2. Wrapping the Right Set of Operations 3. Profiling Operations Using OpenCL Profiling Events 4. Comparing OpenCL Kernel Performance with Performance of Native Code 5. Getting Credible Performance Numbers 6. Using Tools Download...
Loclville Case Study
By adminPosted 04/24/20130
By John Tyrrell Download Article  Loclville Case Study.pdf [807.07 KB] Introduction Loclville is a free Windows* 8 app that provides an easy-to-use virtual community notice board. Developed by amateur app developer Zubair Lawrence, a Sr. Production Services Technician at Sony Pictures Imageworks,...
Migrating Server Workloads to Red Hat Enterprise Virtualization on Intel® Xeon® Processor 2600-based Servers for Performance and Cost Improvements
By ROBERT M.Posted 03/29/20130
Continued enhancements to Intel platforms and KVM-based Red Hat Enterprise Virtualization make platform refresh an attractive proposition. Independent testing commissioned by Intel and Red Hat demonstrates that open virtualization on refreshed servers, servers 2 years old or more, enables workloa...

Pages

Subscribe to
Now Available: Android SDK x86 System Image with Google APIs
By Josh Bancroft (Intel)Posted 03/06/20145
If you've used the Android SDK, you've probably noticed that Intel Atom x86 system images for the emulator have been available for a while now. You might have been frustrated with the fact that the system image didn't include access to any of the Google APIs. I have good news: Google has released...
Meshcentral.com - VMware vSphere ESXi support
By ylian-saint-hilaire (Intel)Posted 02/26/20140
Meshcentral is already a powerful and portable cloud management solution and today, Rick Edgecombe is broadening support with the release of Meshcentral for VMware® vSphere ESXi 5.5 Hypervisor. You can now install the Mesh agent right into the ESXi hypervisor and control your servers from the c...
Developers And Cloud Computing Application Programming Interfaces (APIs)
By Thai Le (Intel)Posted 09/26/20130
I attended the Cloud Expo in New York City at the Javits Center in June. The attendees were a mix of Web hosting companies, web developers, software developers, hardware developers, and operating system developers. The event sponsors included Intel®, IBM*, Citrix*, Rackspace*, Oracle*, Verizon Te...
Speeding Up Your Cloud Environment On Intel® Architecture
By Thai Le (Intel)Posted 05/15/20130
In my previous blog, I discussed “Ways to Speeding up Your Cloud Environment…”, I will continue with this thread by introducing the topic of Software Defined Networks (SDN).  The industry has been depending on proprietary networking equipment and appliances, essentially creating an environment re...

Pages

Subscribe to Intel Developer Zone Blogs
The action of Accessed and Dirty bit for EPT
By Arthur L.1
Hi there, I write a piece of code to test the action of Accessed and Dirty bit of EPT in Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz. Firstly I build a totally new EPT paging structure with A/D logging on, then run some operating system codes and log all the EPT violation (say trap log). At some point I paused the OS, parse the EPT paging structure and log all the entries built in the past period (say A/D log). Here I get some interesting points: Some EPT entries are built without either Accessed or Dirty bit set, does this mean that CPU only construct these entries but doesn't touch them? Some entries only exist in A/D log. Does A/D logging module has some bias or some mistake? These two logs (trap log and A/D log) should be the same according to my understanding, and when I tried in the previous CPU with A/D bit supporting, these two logs are exactly the same, though I cannot distinguish Accessed or Dirty in A/D log.   Thanks ahead, Arthur
[x86] Information request about the Global Descriptor Table (GDT) | Intel® Developer Zone
By Jean M.2
Hello, I am currently working on a forensics project (32 bits OS), and to reach one of my goals, I need to play a bit with the GDT. From what I understood, an instruction like call dword ptr [gs:0x10] does the following things : GS is used as a segment selector (16 bits) : The lower three bits indicate the privilege level of access and the descriptor table to be used. In my case, we'll consider we use the GDT. The higher 13 bits represent the entry index in the GDT. Let's call A the base address corresponding to GTD[GS>>3]. A is returned, and the processor computes A+0x10 and gathers the value at this address, called B. A simple call B instruction is the executed. This kind of instruction happends when the code wants to perform a syscall : this instruction allows calling the __kernel_vsyscall function without knowing its address. Correct me if I'm wrong, but I understood that : The base address A corresponds to a section of the userland memory called the Thread Control Block (...
[x86] Information request about the Global Descriptor Table (GDT)
By Jean M.1
Hello, I am currently working on a forensics project (32 bits OS), and to reach one of my goals, I need to play a bit with the GDT. From what I understood, an instruction like call dword ptr [gs:0x10] does the following things : GS is used as a segment selector (16 bits) : The lower three bits indicate the privilege level of access and the descriptor table to be used. In my case, we'll consider we use the GDT. The higher 13 bits represent the entry index in the GDT. Let's call A the base address corresponding to GTD[GS>>3]. A is returned, and the processor computes A+0x10 and gathers the value at this address, called B. A simple call B instruction is the executed. This kind of instruction happends when the code wants to perform a syscall : this instruction allows calling the __kernel_vsyscall function without knowing its address. Correct me if I'm wrong, but I understood that : The base address A corresponds to a section of the userland memory called the Thread Control Block (...
Task Switch and Page Fault
By water m.2
Hi, What should I do when  handle task switch, but the new TSS is not in current virtual address space? Shoud I inject a Page Fault Exception to the guest directly?
handl I/O instruction caused VM-Exit
By water m.2
Hi, I'm writting code to handl I/O instruction caused VM-Exit, exit reason is 30.My guest is Windows XP. After get information from Exit Qualification, I can handle insturctions when String instruction bit and REP prefixed bit is cleared. But If these two bits are set, the trouble appears. When I tried to read data from memory where guest ESI(or EDI) pointed, I want to translate the logical address into physical address contained in guest  ESI(or EDI). but during the tranlsation,  the Page Table is not presented. At this time, I tried to inject a Page Fault to WindowsXP by set VM-entry interruption-information to 0x80000B0E,  VM-entry instruction length to 0x0, VM-entry exception error code to many kinds of possible number. But failed. I'am not sure whether my solution is correct. Can any one give me some tips?
Issue when the kernel parameter intel_iommu=on is being used
By sridhar s.1
Hello, I am using DPDK 1.5 for development of host pmd for device “Connect X3”. I am observing issue  while the ConnectX3 device DMA to a memory which is allocated with rte_memzone_reserve_aligned() API . The issue(please refer ERROR below) has been observed if the system runs with the kernel parameter “intel_iommu=on”. ########## ERROR :##################################3 dmar: DRHD: handling fault status reg 302 dmar: DMAR:[DMA Write] Request device [01:00.0] fault addr 4f883000 DMAR:[fault reason 01] Present bit in root entry is clear #################################### The reported "fault Addr" is the physical address which was returned by the Above API. I don’t see any issue with the same code when the system up with kernel parameter intel_iommu=off.   If I use kernel parameters intel_iommu=on and iommu=pt, then the following error has been observed. ####ERROR REPORT######## dmar: DRHD: handling fault status reg 2 dmar: DMAR:[DMA Write] Request device [01:00.0] fault addr 4f...
registering vm_exit handler in VT-x
By ivan i.1
Hi all, I would like to ask how an VM_EXIT handler is registered in VMCS - could you give some example. As far as i know VM_EXIT handler is routine, it could  be defined as C function. My question is how to register that handler function and to trap VM_EXITs into that function. Could you give some API  or snippet.  I have one more question ... when the VM_EXIT  handler is register and the execution meets the VM_EXIT conditions what is the mechanism of invoking the VM_EXIT handler? Is the invoking of the registered VM_EXIT handler is performed by VT-x at hardware level or there is something more to be done? Best Regards
EPT cause triple fault
By Mingbo Z.4
Hi all, I am writing a simple runtime hypervisor, like hyperdbg, bluepill. At first it works fine. But when I enable EPT, the vm exits with triple fault (Exit reason 2). and the guest RIP was at the fist instruction in non-root mode after vmlaunch. There is no ept violation. I did some 1:1 direct mapping, since no ept violation, that would be no use at all. wired thing is, the same code will run on VMware virtual machine. My PC is Core i7, and I disabled multicore. and I use serial port with windbg.  I am confused, which instruction caused this triple fault? I change the first line of non-root mode to "mov edi, edi", still the same triple fault.    Best regards, Mingbo

Pages

Subscribe to Forums
Reaching Technology From Blogs 7
01/14/20130

Ylian has written a blog about Intel AMT Setup and Configuration using TLS-PSK and TLS-PKI.    Ylian stumbled across an interesting issue while updating the provisioning functionality of the OpenDTK tool.  What Ylian found was that for developers who are building their own Intel AMT Activation software, they will be required to use a non-standard TLS stack (the .NET TLS stack does not work.)  Watch RTFB 7 and learn more about what Intel AMT developers must know about writing software to enable Intel AMT systems with TLS.


Down to Business 8
11/19/20120

Down to Business 7
11/19/20120

Down to Business 6
11/19/20120

Ylian Saint-Hilaire walks the audience through an introduction of Meshcentral.com.  Learn how to install the agent, how to add a “Mesh” and then how to remotely control your remote devices.  


Reaching Technology From Blogs Show 1
11/07/20120

In episode of RTFB (Reaching Technology From Blogs), Gael Hofemeier interviews Ylian Saint-Hilaire about two of his Meshcentral blogs: 


Intel® Virtualization Technology Pt. 1 of 3 -
08/24/20110

Intel® Virtualization Technology Pt. 1 of 3 - Virtualization Introduction [id:1127428458001]


Intel® Virtualization Technology Pt. 3 of 3 -
08/24/20110

Intel® Virtualization Technology Pt. 3 of 3 - Emerging Usage Models


Intel® Virtualization Technology Pt. 2 of 3 -
08/24/20110

Intel® Virtualization Technology Pt. 2 of 3 - Virtualization Usage Models


Subscribe to Videos