Confidential Computing is a technology which encrypts data in-use -- while it is being processed. Confidential Computing environments keep data encrypted in memory and elsewhere outside the central processing unit (CPU). The system is based on Confidential VMs which use the Secure Encrypted Virtualisation (SEV) feature of 2nd Gen AMD EPYC. Encryption keys are generated in hardware, per VM, and not exportable.
Google said that its Confidential Computing builds on the protections Shielded VMs offer against rootkit and bootkits, helping to ensure the integrity of the operating system you choose to run in your Confidential VM.
Using the AMD SEV feature, Confidential VMs can offer high performance for the most demanding computational tasks, while keeping VM memory encrypted with a dedicated per-VM instance key that is generated and managed by the AMD EPYC processor.
These keys are generated by the AMD Secure Processor during VM creation and reside solely within it, making them unavailable to Google or to any VMs running on the host. In addition to hardware-based inline memory encryption, Goolge has built Confidential VMs on top of Shielded VMs to harden your OS image and verify the integrity of your firmware, kernel binaries, and drivers.
Google offered images include Ubuntu v18.04, Ubuntu 20.04, Container Optimised OS (COS v81), and RHEL 8.2. It's working with CentOS, Debian, and other distributors to offer additional confidential OS images.
Google said it worked closely with the AMD Cloud Solution engineering team to ensure that the VM’s memory encryption doesn’t interfere with workload performance.
“We added support for new OSS drivers (nvme and gvnic) to handle storage traffic and network traffic with higher throughput than older protocols. This helps ensure that the performance metrics of Confidential VMs are close to those of non-confidential VMs."
AMD Data Centre Ecosystem corporate vice president Raghu Nambiar said that with built-in secure encrypted virtualization, 2 nd Gen AMD EPYC processors provide an innovative hardware-based security feature that helps secure data in a virtualised environment.
“We’re thrilled to see the Confidential VMs demonstrate similar levels of high performance, for various workloads, as the standard N2D VMs”, he said.