Field of the Invention
This invention relates generally to the field of computer processors. More particularly, the invention relates to an apparatus and method for securely saving and restoring the state of a computing platform.
Description of the Related Art
Many modern processors do not have persistent storage on the processor in which to store state data that must be kept up to date and not reused. This is particularly relevant for security technologies such as Software Guard Extensions (SGX) where internal keys and configuration data need to be stored outside of the processor when suspending and resuming the platform for power savings.
One prior solution to this problem requires a hardware interface from the processor directly to trusted storage, which is solely owned by the processor. Securing this channel requires a key exchange in a trusted manufacturing facility protected from malicious observation of the key. This requires special hardware not typically found in a personal computing device. In addition, with increases in out-sourced off-shore manufacturing, gaining this trust is very difficult, if not impossible. In addition, flash storage may be added to the processor itself to ensure the security of the data stored during suspend operations, again resulting in significant additional manufacturing expense.