QuickPath/UltraPath link encryption?

By: Jeff S. (fakity.delete@this.fake.com), December 11, 2018 2:16 pm
Room: Moderated Discussions
Does anybody have information regarding QPI/UPI encryption? I have been asked to look at SGX and catalog its known and potential vulnerabilities. I had thought that there was potential for a MitM or snooping attack on the memory fabric given the lack of commentary in the Intel SDM or various literature for SGX, until I found the following in their US Patent 9,087,200:

"The [Crypto Memory Aperture] fully integrates into the Intel QuickPath Interconnect (QPI) protocol, and scales to multi-package platforms, with security extensions to the QPI protocol. In a multi-package platform 30 configuration, the CMA protects memory transfers between Intel CPUs using a link-level security (Link-Sec) engine in the externally facing QPI link layers."

I am now looking for (ideally recent) documentation on QuickPath/UltraPath at the link layer. I have not seen in any of our Skylake boxes a BIOS option for global UPI encryption like AMD offers for IF with Epyc, but this doesn't rule out always-on encryption, transparent encryption for just Processor Reserve Memory ranges, etc.
 Next Post in Thread >
TopicPosted ByDate
QuickPath/UltraPath link encryption?Jeff S.2018/12/11 02:16 PM
  QuickPath/UltraPath link encryption?Anon2018/12/11 05:09 PM
    QuickPath/UltraPath link encryption?Jeff S.2018/12/11 08:54 PM
      QuickPath/UltraPath link encryption?Anon2018/12/12 04:18 AM
      QuickPath/UltraPath link encryption?Aaron Spink2018/12/12 07:02 AM
        QuickPath/UltraPath link encryption?Jeff S.2018/12/12 10:03 AM
          QuickPath/UltraPath link encryption?Aaron Spink2018/12/12 02:22 PM
            QuickPath/UltraPath link encryption?Jeff S.2018/12/12 04:04 PM
Reply to this Topic
Body: No Text
How do you spell green?