Confidential Computing is a new cloud paradigm, enabling the isolation of application and business logic from the compute infrastructure, giving data and code the safest environments
Secure environments keeping workload encrypted in use—while it’s being processed—breaking frontiers of secure computation
Suitable for any application with no compromise on performance as the runtime encryption costs are less than 2%
Easy-to-use deployment and integration requiring no change to application code, build pipelines, or DevOps
Modern x86 architectures contain cryptographic algorithms, dedicated registers, and a memory management unit with the capability to allocate memory for runtime encrypted processes, known as enclaves. The CPU has exclusively the ability to encrypt and decrypt the process from the memory. Key material is inaccessible outside the CPU, turning the processor into a Hardware Security Module.
Untrusted infrastructures may modify the application while in rest, transit, or use. Local attestation is a mechanism to authenticate the compute environment. Acting in the role of a trusted auditor, the CPU measures the environment and issues a cryptographic certificate. Resembling the idea, a remote attestation service allows a user with no physical access to the datacenter to authenticate the environment and get the assurance code and data are safe.
While remote attestation safeguards the environment’s authenticity and integrity, the approach does not prevent the untrusted infrastructure from scrutinizing secrets from environment variables or the file system. A rule of thumb is to first start applications in a confidential environment without secrets, and next provision through a secure channel secrets. A key management service remotely attests the confidentiality and authenticity of the environment, before transporting the secrets into the enclave.