Wibu-Systems: CodeMeter provides secure storage for SGX native enclaves
Wibu-Systems has successfully completed the Intel Software Guard Extensions (Intel SGX) enablement process for CodeMeter on Windows platforms. CodeMeter is a technology that is laser-focused on the automatic or manual protection of software, firmware and data. It combines the latest hacker-proof encryption methods with secure hardware, software, or cloud elements where encryption keys as well as license and entitlement rights are safely stored. The complex, yet easy-to-use solution can run on computers, mobile devices, embedded systems, PLCs, and even microcontrollers. In particular, CodeMeter SmartBind is a patented solution that creates a digital fingerprint of the target device; its tolerance mechanism ensures that the cryptographic keys stored in the secure license file (CmActLicense) remain valid even when the hardware components of the device are replaced within the tolerance level selected. CodeMeter Binding Extension allows for a custom implementation of the binding mechanism.
Intel SGX is an architecture extension designed to increase the security of application code and data from disclosure and tampering. Software developers availing themselves of Intel SGX SDK can store their binaries in what is commonly referred to as enclaves, which are protected areas for execution in the memory. This set of instructions works with 6th, 7th and 8th generation Intel Core processor platforms and Intel Xeon E3 processors.
Intel SGX provides an enclave for binary code to be encrypted within the RAM. When this technology is integrated with CodeMeter, ISVs are not just benefitting from a hidden area, in the RAM enclave, where they can store their secret, but also from a Binding Extension enclave, namely a secure storage area on the device. The result: the code cannot be modified or debugged in memory, and the memory itself is secured.
Wibu-Systems, already an Intel IoT Solutions Alliance member with its integration of CodeMeter for the Wind River VxWorks real-time operating system, is now also one of the first worldwide Intel SGX Ecosystem Solutions Business Clients, and plans to follow the initial availability of its solution for Windows with an SGX enablement extension for Linux and the cloud.