Intel LaGrande Technology Explained
By Gabriel Torres on December 20, 2005
LaGrande Technology (LT) is a new security technology that will be available on Intel’s next generation CPUs (Merom, Conroe and Woodcrest) to be released in 2006. In this tutorial we will explain its main features and how they work.
Nowadays all users are vulnerable to several treats that compromise security. We are not talking only about virus and spyware, but also about someone stealing your password or even your identity.
In Figure 1 you can find a summary why this happens.
The problem, as you can see in Figure 1, is that any software can have access to:
So what LaGrande Technology does is basically address these issues, by creating a hardware-based protective layer for each one of these weak points present on your computer.
LaGrande Technology provide the following features:
Let’s now talk a little bit more about some of these features.
As we explained, Protected Execution allows software to be run under a protected environment, where no other software can have access to the resources being used by the software, especially RAM memory – i.e., to the data being manipulated and generated by the software. Resources also include devices and processes being executed (i.e., the software itself).
As you can see in Figure 5, the protected execution is controlled by a new layer called Domain Manager. In order to run, this layer needs a LaGrande Technology-enabled CPU, an LT-enable chipset and a TPM (Trusted Platform Module).
It is interesting to note that you can run both protected and unprotected software at the same time on an LT-enabled PC.
This feature creates a trusted channel between input devices such as mouse and keyboard and the PC. Since data transferred between input devices and the PC using this feature is encrypted, you will need new mouse and keyboard with encryption capability in order to use this feature. If the current mouse and keyboard you have this feature won’t work.
This feature creates a trusted channel between software and the video card. So, no other software can read or change data that is being sent to the display by the protected software. In order to work, however, you need to have a video card that has this feature, i.e., as far as we know the current video cards available on the market today cannot be used to create this protected environment, since they lack LaGrande Technology.
On the other hand, since LaGrande Technology needs a new generation of chipsets, it looks like Intel will launch chipsets with integrated graphics supporting this feature.
It is too early to know if LaGrande Technology will be successful or not. It is a great idea, but it has so many prerequisites that we doubt if average users will use it. To summarize, to have a 100% LaGrande-enabled PC you will need to have:
And the big thing is: none of these is available today.
So, we will have to wait until next-generation Intel CPUs (Merom, Conroe and Woodcrest) are launched to see what happens on the market.
Keep in mind that it is not clear if Intel will keep the codename LaGrande or will use a different commercial name for this technology.