12 Replies Latest reply on Mar 23, 2015 10:37 AM by jc

    Using Bay Trail TXE for secure key wrapping

    FredYoung Green Belt

      Hi All,

       

      I am looking for a way to take advantage of the hardware root of trust provided by the TXE to securely store platform keys.  In the E3800 datasheet, under Section 22 titled "Intel Trusted Execution Engine (TXE)", "Chip Unique Key encryption key wrapping of other platform keys (Flash)" is listed as a supported feature by the firmware.  This is exactly what we need in our application.  However, we cannot find any documentation on how to enable this functionality.  I'm hoping that someone in this forum will be able to point me to the right direction.

       

      I had originally hoped to get this functionality via Intel PTT and TPM2.0.  However, in another thread, Josue helped me discover that the Bay Trail-I E3845 SoC does not actually support PTT over TXE.  So I'm back to asking this more fundamental question of just how to enable hardware key wrapping using TXE.

       

      Thanks, Fred Young