Advanced Computing in the Age of AI | Friday, December 8, 2023

AMD, Google Encrypt Data on Confidential VMs 

via Shutterstock

AMD and Google Cloud are collaborating on a “confidential VM” security effort that uses encrypted virtualization to secure data “in use”.

The confidential cloud computing effort is based on AMD’s latest EPYC processors incorporating hardware-based encryption in the chip makers’ latest “Zen 2” Core architecture, billed as the first high-performance x86 processor using 7-nm process technology. AMD (NASDAQ: AMD) also promotes its EPYC processors as a platform for migrating applications and data to the cloud.

The confidential VM architecture is based on a chiplet implementation that includes memory interfaces, supporting up to 8 CPU cores in a framework that allows for scaling cloud applications.

As with an increasing number of chip vendors, security is embedded in hardware, placing it “closer to the metal," said Kumaran Siva, AMD’s corporate vice president for business development. The hardware-based security approach uses a “root-of-trust” methodology in which encryption keys are used to secure functions. Siva said those keys are managed on-chip, meaning only a user can view them.

Source: AMD

While security expertise has tended to be shared resource in the cloud, the virtual security scheme represents “a new line of defense [with] encryption of data in use,” added Andy Honig, Google’s technical director for security.

The cloud security partners also stressed ease of use for confidential VMs along with performance that is billed as comparable to standard virtual machines. While the security feature does require spinning up a new VM, Honig said users could run the same applications in a confidential instance. “It’s really just a check box” with no need to rewrite code or applications, he added.

The architecture encrypts memory using a virtual key, Siva said, then a secure processor maps keys to the VMs running in memory. The hypervisor can’t access encrypted memory, and the “guest” operating system selects the data that can be shared.

Honig said confidential VMs are so far supported on the Ubuntu distribution of Linux as well as Google’s “container-optimized” version of Linux running on the Kubernetes cluster orchestrator.

Hardware-based security vendors increasingly stress the importance of specifying threats they are defending against. “You need to define what you are secured against.” ARM CEO Simon Segars told a recent industry forum.

AMD and Google (NASDAQ: GOOGL) said confidential VMs specifically target “accidental data,” or data leakage, along with potentially malicious “nosey neighbors” like outside system administrators. Cloud software bugs are another focus, Honig added.

The partners see financial institutions and other security-mind enterprises are key customers. JP Morgan Chase (NYSE: JPM) is an early adopter and potential customer along with government agencies.

About the author: George Leopold

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).