• United States



You’re going to be using confidential computing sooner rather than later

Sep 21, 20209 mins
Data and Information Security

These days it's not enough to secure your data when it's on your disk or moving across your network, you need to lock it down in memory as well.

Hardly a day goes by without news of yet another major data breach. Every day–every hour–your computers are under attack. Don’t believe me? I run a website, Practical Technology, which is just an archive for my published stories. It’s been attacked so far today, according to WordFence, a top WordPress security program, 29 times. That’s just my WordPress site. Snort, the open-source intrusion detection system (IDS) tells me my Linux server has been attacked 127 times so far. That’s a lighter than average day.

If my little nothing site can be attacked that often just imagine how many attacks your servers are dealing with every day. Go ahead. Ask your chief information security officer (CISO). I’ll wait.

Bad isn’t it? 

Of course, there are many ways to protect yourself from the most common security attacks: Firewalls, anti-viral software, and two-factor authentication (2FA). But, as a glance at the security news headlines can show on any given day, companies are still blowing the basics.

Cracking your memory

Things will only get worse. We’re seeing newer, more advanced attacks. Some of these are targeting your servers’ memory.

Historically, these attacks used direct memory access (DMA) from peripherals, which avoid your computer’s memory management unit (MMU). This works because the IEEE 1394 Standard for a High-Performance Serial Bus enables devices using high-speed interfaces such as Firewire, PCI Express, and Thunderbolt to access physical memory directly.

Far more damaging these days, though, are new memory exploit attacks. The most common of these are cold boot attacks. In these, an attacker steals the data within your memory. While not new–they date all the way back to 2008–those older attacks relied on a computer not being given a cold reboot. Thus, information could be swiped from servers that were in sleep mode or had been given a warm reboot. Eventually, firmware fixes that wiped RAM even with warm boots became common.

Oh well, it was nice while it lasted. Then, in 2018, security experts Olle Segerdahl and Pasi Saarinen found a way to disable firmware so that memory clearing was disabled.


Adding insult to injury since cold boot attacks target memory, it doesn’t matter worth a darn how good you’ve been about encrypting your data on disk, it will still be read off from your RAM.

A related problem, Rowhammer, is also opening the door to your in-memory data being stolen. With Rowhammer, your system memory is hammered at high speed using a variety of techniques. It can be used both to steal and corrupt data.

Finally, there’s potentially the most dangerous memory attack of all: Virtual machine (VM) and container escapes. In these, an attacker uses a VM or container to crack open the memory of a co-resident VM or container on a cloud server. Do I need to even point out the implications? If someone can escape from their VM sandbox, then no one on that cloud is safe.

The first such attack, Cloudburst was used on VMware Workstation in 2008. Since then, we’ve been lucky enough that no one has successfully exploited such an attack on any of the top VM or container platforms. Yet.

The infamous Spectre and Meltdown Intel processor bugs could have been used to cause havoc in the cloud, but the fixes were in before there were any significant zero-day attacks. We may not be so lucky the next time.

Confidential computing: Encrypted memory, the next step in locking down systems

The defense to all these attacks? Encrypt your data even when it’s in memory. That may sound radical, but it’s also necessary.

So what exactly is confidential computing? The Confidential Computing Consortium (CCC) states data exists in three states: in the network, at rest, and in use. Thus, “In a world where we are constantly storing, consuming, and sharing sensitive data – from credit card data to medical records, from firewall configurations to our geolocation data – protecting sensitive data in all of its states is more critical than ever. Cryptography is now commonly deployed to provide both data confidentiality (stopping unauthorized viewing) and data integrity (preventing or detecting unauthorized changes). While techniques to protect data in transit and at rest are now commonly deployed, the third state – protecting data in use – is the new frontier.”

The CCC and its founding members Alibaba, Arm, Google Cloud, Huawei, Intel, Microsoft, and Red Hat, aim to enable encrypted data to be processed in memory without exposing it to the rest of the system. In particular, the CCC wants to lock down the public cloud.

The CCC currently does this with three different technologies:

  • Software Guard Extensions (Intel SGX) SDK, designed to help application developers protect select code and data from disclosure or modification at the hardware layer using protected enclaves in memory.
  • Open Enclave SDK, an open-source framework that allows developers to build trusted execution environment (TEE) applications using a single enclaving abstraction. Developers can build applications once that run across multiple TEE architectures.
  • Enarx, a project providing hardware independence for securing applications using TEEs.

Ameesh Divatia, co-founder and CEO of cloud data protection firm Baffle, believes, “confidential computing promises to enable a new class of critical infrastructure that is designed with security and privacy preservation in mind.  Application developers can rely on its APIs coupled with strong hardware protection making it possible to collect, store and process sensitive data without application compromises. While this may sound Utopian, the need is immense, and we are confident that the ecosystem that is being built around this innovation will work together to make it a reality.”

It’s not just the public cloud that needs securing. Hoeteck Wee, NTT Research senior scientist, sees three broad classes of example:

  • Collaboration across different business entities to perform joint computation on private data, e.g. between Google and payment processing companies to measure ad-clicks-to-sales conversion rates.
  • Enabling cryptographic operations on cryptographic keys distributed across multiple devices to prevent a single point of failure. E.g. Unbounded tech, where cryptographic keys are secured by ensuring they never exist in a complete form.
  • Private-preserving aggregate statistics on user data.

Some companies saw this need coming sooner than others. IBM, for example, said it was working on confidential computing in the 90s. Rohit Badlaney, VP of IBM Z Hybrid Cloud and Hillery Hunter, VP and CTO of  IBM Cloud, wrote, “Data protection is only as strong as the weakest link in end-to-end defense.” This mainframe-specific Confidential cloud has been available since 2018 and the release of IBM Cloud Hyper Protect Services and IBM Cloud Data Shield. This is done using a key management and cloud hardware security module.

Confidential computing technology is also broadly available. Hardware encrypted memory technologies, such as Intel Software Guard Extensions (SGX), ARM’s TrustZone, and AMD’s Secure Encrypted Virtualization (SEV) are ready to deploy today.

It’s still early days though. Thomas Johnson, CISO at ServerCentral Turing Group, a cloud consultancy, said, “The services to deliver confidential computing (led by Google, Azure) are nascent right now, but it won’t be for long.”

One of the things holding confidential computing back is the performance hit you take when you use it. Google, for example, which just released its first confidential computing service, Confidential VMs, reports that even with high-speed, second-generation AMD EPYC processors users using AMD SEV can expect to see slowdowns of between 1% and 6%. For example, the NGINX web server and load-balancer are slower by 1% to 4%, while MySQL DBMS applications will slow down by less than 5%.

Is the increased security worth the performance hit? Divatia thinks so. “Where this really comes into play, however, are in multi-tenant environments such as the public cloud. As more workloads span multiple clouds and computing environments, the need to have end-to-end control over the privacy and security of that data is critical.”

Divatia continued, “This is exponentially true when individual cloud services are brought into the mix–essentially making an application or workload the sum of the cloud services parts– which must now all be fully secure. Instead of trying to close every potential issue in all of those systems, just be sure the data can be processed in an encrypted state versus being decrypted to be processed.”

He makes an excellent point. With the rise of multiple and hybrid cloud approaches, it’s more important than ever to secure data at a fundamental level.

Divatia concluded,”The most critical improvement that we foresee is the remediation needed to block vulnerabilities that have been identified by cryptographers. While some experts believe that hackers will always stay ahead of the CPU architects, we will get to a stage where there are diminishing returns for bad actors to attack these enclaves. Hardware support will become ubiquitous, eliminating the need to upgrade existing infrastructure specifically for confidential computing. New approaches that utilize enclave technology strategically will emerge that do not require massive application redesign.”

Looking ahead Wee believes, “confidential computing can enable fundamentally new forms of collaboration. At the moment, the use of confidential computing is largely limited to business needs and to conform to legal requirements limiting the exchange/release of data, as to be expected of any new technologies in its infancy. But I do hope to see more applications that are aimed at social good.”

In other words: “Get ready.” Confidential computing is on its way. You’re going to need it first to improve your own security. And, then possibly to build new cross-cloud data applications with your partners. Confidential computing will soon be as commonplace as TLS is for networking and drive encryption is for storage.

More on confidential computing:


Steven J. Vaughan-Nichols has been writing about technology and the business of technology since CP/M-80 was the cutting-edge PC operating system, 300bps was a fast Internet connection, WordStar was the state-of-the-art word processor, and we liked it!

More from this author