This Intel white paper introduces Total Memory Encryption (TME), a feature of Intel Hardware Shield on the vPro platform that encrypts system memory using AES-XTS. TME protects against physical attacks like cold boot or DIMM removal by encrypting all memory traffic with a transient key generated inside the CPU. The key is never exposed to software, enhancing security without requiring application changes. TME mitigates threats like memory probing and relocation attacks while maintaining low performance overhead. It complements other Intel security technologies to provide defense-in-depth for mobile and edge devices.

Join for free to read