Advanced Computing in the Age of AI | Friday, June 9, 2023

Intel’s TDX Goes Through the Grind Ahead of Mass Release to Cloud 

Cloud providers are stress-testing Intel's confidential computing technology in its Sapphire Rapids chips before putting it in cloud services. Microsoft said it was previewing Intel's Trusted Domain Extensions (TDX) technology in its DCesv5-series and ECesv5-series virtual machine offerings, the company announced in a blog entry on Monday.

Separately, Google announced it worked with Intel to strengthen TDX by closing security vulnerabilities. Given TDX is meant to thwart data theft and attacks, researchers from Intel and Google tested various attack models that included malicious hardware and code, as well as attacks from previous vulnerabilities such as Spectre and Meltdown.

Google identified defects and weaknesses that were remediated by Intel, and the company said it was confident in TDX. "A secondary goal was to have a better understanding of the expected threat model for Intel TDX and identify limitations in the design and implementation that would better inform Google's deployment decisions," Google researchers said in a blog entry published on Monday.

What is TDX?

With confidential computing emerging as an important security mechanism for AI, Intel's TDX technology is intended to protect and authenticate data as it moves from storage into the processing phase.  This ensures that data is not exposed to hackers in transit or during execution. TDX provides the hooks to encrypt and lock down data in secure vaults. Recipients need specific keys to unlock the data; if the keys don't match, or if code changes are detected, access is locked out.

Xeon chips already have security safeguards in the form of technologies like SGX, but TDX is more relevant to cloud computing, where companies rent hardware instead of owning it. Some customers have private clouds to secure data and are concerned about theft once the data is released to public clouds. TDX makes sure data is secure at all points in the cloud. Microsoft's VMs provide a trusted execution environment, which is invisible to the hypervisor.

Intel's Sapphire Rapids chip. Image courtesy of Intel.


TDX is a new feature in the 4th Gen Xeon chips, codenamed Sapphire Rapids, which became available in January. But through Microsoft's preview and Google’s testing, the technology is being put through its paces before making it is made widely available on the cloud.

"Intel TDX helps assure workload integrity and confidentiality by mitigating a wide range of software and hardware attacks, including intrusion or inspection by software running in other VMs," Microsoft said in its blog entry.

Microsoft benchmarked its TDX-powered DCesv5-series VM versus a D16sv5 general-purpose VM, but found no difference in the price-performance ratio.  However, It is worth noting that the TDX-powered VM is powered by Sapphire Rapids chips, and it is being compared to a general-purpose VM powered by prior-gen Ice Lake chips. This is not an apples-to-apples comparison, and Intel executives have acknowledged that security features like TDX could slow down performance on Sapphire Rapids.

In the blog entry, Microsoft also indicated it would support Intel's Project Amber, which is the chip maker's independent attestation service for organizations to verify trust in several areas from edge to cloud. The project's goal is to establish a trust boundary to maintain the integrity of data moving along a wide network.

Use cases and similar solutions

The new virtual machines were announced the same week at the RSA Security Conference, which is currently being held in San Francisco. Many panels and keynotes at the show are focused on healthcare and finance, which are heavily regulated around security and data privacy. This, in turn, ties back in to use cases for TDX. For example, TDX could help banks authenticate datasets on borrowing or purchasing patterns before integration into proprietary learning models. The security measures could also help banks bring in third-party data sets to improve the learning models.

Microsoft already supports its homegrown Azure Attestation, which is available for free and uses technologies like Intel's SGX. Azure Attestation is also the foundation for Microsoft's efforts to move Windows to the cloud with Windows 365, and the attestation technology is being constructed so only authorized users can log into the cloud-based OS.

Mark Russinovich, the chief technology officer of Microsoft Azure, has been an outspoken proponent of confidential computing, and has driven chip makers to pay more attention to the technology.  Microsoft was an early adopter of AMD's SEV-SNP technology, which encrypts data and also uses attestation to authenticate data and its trustworthiness. The SEV-SNP was an early iteration of confidential computing before the technology even gained attention.

Last year, Microsoft and Google threw their weight behind Open Compute Project's specification called Caliptra, which is a confidential computing technology that establishes a hardware root of trust by baking a secure kernel directly into silicon.