Re: [apache/incubator-teaclave-sgx-sdk] Implications of Upcoming Total Memory Encryption (TME) (#333)

[Yu Ding <no...@github.com.INVALID>]

here are some other contexts i have:

1. TME is total memory encryption, another memory encryption technology apart from [Intel SGX Memory Encryption Engine](https://software.intel.com/content/www/us/en/develop/blogs/memory-encryption-an-intel-sgx-underpinning-technology.html).

2. Differences between TME and SGX MEE: SGX MEE guarantees memory integrity by maintaining a merkle tree. meanwhile the depth of the merkle tree limits the size of EPC; TME does not guarantee memory integrity (1st generation of TME) so EPC size limit is significantly higher than SGX MEE.

3. Intel SGX v2 (upcoming in icelake+whitley) uses MKTME, Multi-Key TME

4. Intel TDX, as a competitor of AME SEV, uses MKTME as well: https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave-sgx-sdk/issues/333#issuecomment-811551039