Intel LaGrande Technology Explained
By Gabriel Torres on December 20, 2005


Introduction

LaGrande Technology (LT) is a new security technology that will be available on Intel’s next generation CPUs (Merom, Conroe and Woodcrest) to be released in 2006. In this tutorial we will explain its main features and how they work.

Nowadays all users are vulnerable to several treats that compromise security. We are not talking only about virus and spyware, but also about someone stealing your password or even your identity.

In Figure 1 you can find a summary why this happens.

LaGrande Technology
click to enlarge
Figure 1: Vulnerabilities of the PC.

The problem, as you can see in Figure 1, is that any software can have access to:

So what LaGrande Technology does is basically address these issues, by creating a hardware-based protective layer for each one of these weak points present on your computer.

LaGrande Overview

LaGrande Technology provide the following features:

LaGrande Technology
click to enlarge
Figure 2: A PC with LaGrande Technology.

LaGrande Technology
click to enlarge
Figure 3: How LaGrande Technology solves PC vulnerabilities.

Let’s now talk a little bit more about some of these features.

Protected Execution

As we explained, Protected Execution allows software to be run under a protected environment, where no other software can have access to the resources being used by the software, especially RAM memory – i.e., to the data being manipulated and generated by the software. Resources also include devices and processes being executed (i.e., the software itself).

LaGrande Technology
click to enlarge
Figure 4: Protected execution overview.

As you can see in Figure 5, the protected execution is controlled by a new layer called Domain Manager. In order to run, this layer needs a LaGrande Technology-enabled CPU, an LT-enable chipset and a TPM (Trusted Platform Module).

LaGrande Technology
click to enlarge
Figure 5: Protected execution architecture.

It is interesting to note that you can run both protected and unprotected software at the same time on an LT-enabled PC.

Protected Input

This feature creates a trusted channel between input devices such as mouse and keyboard and the PC. Since data transferred between input devices and the PC using this feature is encrypted, you will need new mouse and keyboard with encryption capability in order to use this feature. If the current mouse and keyboard you have this feature won’t work.

LaGrande Technology
click to enlarge
Figure 6: What is a trusted channel.

LaGrande Technology
click to enlarge
Figure 7: Protected input overview.

Protected Graphics

This feature creates a trusted channel between software and the video card. So, no other software can read or change data that is being sent to the display by the protected software. In order to work, however, you need to have a video card that has this feature, i.e., as far as we know the current video cards available on the market today cannot be used to create this protected environment, since they lack LaGrande Technology.

On the other hand, since LaGrande Technology needs a new generation of chipsets, it looks like Intel will launch chipsets with integrated graphics supporting this feature.

LaGrande Technology
click to enlarge
Figure 8: Protected graphics overview.

Conclusions

It is too early to know if LaGrande Technology will be successful or not. It is a great idea, but it has so many prerequisites that we doubt if average users will use it. To summarize, to have a 100% LaGrande-enabled PC you will need to have:

And the big thing is: none of these is available today.

So, we will have to wait until next-generation Intel CPUs (Merom, Conroe and Woodcrest) are launched to see what happens on the market.

Keep in mind that it is not clear if Intel will keep the codename LaGrande or will use a different commercial name for this technology.

Originally at http://www.hardwaresecrets.com/article/Intel-LaGrande-Technology-Explained/264


© 2004-13, Hardware Secrets, LLC. All Rights Reserved.

Total or partial reproduction of the contents of this site, as well as that of the texts available for downloading, be this in the electronic media, in print, or any other form of distribution, is expressly forbidden. Those who do not comply with these copyright laws will be indicted and punished according to the International Copyrights Law.

We do not take responsibility for material damage of any kind caused by the use of information contained in Hardware Secrets.