As more and more companies look for end-to-end encryption in order to secure their data and operations and to meet compliance requirements, they work against one giant security hole: the times when data is in use. It’s one of the big problems for enterprises moving workloads into cloud environments.
"They often stop short of moving more sensitive workloads due to security concerns,” Dan McNamara, senior VP and general manager, Server Business Unit, AMD, said in a statement last week.
There are lots of good technologies for securing data while it's in transit and to secure data while it's in storage. But for applications to do something with the data, they first have to decrypt it so they can see it, creating a potential window of opportunity for hackers.
This problem has been solved on iPhones since Apple introduced the “secure enclave” back in 2013. Android vendors have started to follow suit recently.
For data centers, Intel SGX has been the only game in town for the past couple of years – but the technology had severe limitations.
The feature is only available on workstations, not on enterprise-grade servers, with a maximum of 92 megabytes of memory in its secure enclave, said Nelly Porter, senior product manager at Google Cloud. That makes it hard to use the platform to run applications, she told DCK.
"You have to refactor your existing application into two apps," she said. "One, the more secure one, runs in the enclave. And the other one runs everywhere else."
Starting 18 months ago, Google tried to make the process easier for its customers, she added. "We came up with an SDK for customers and developers, but we realized it wasn't easy to use, especially if you didn't have the source code or if you had many dependencies. Because of the complexity we decided not to pursue this as a solution for our broader customer base."
In addition, because of the memory limitation, apps may have to work on small sets of data at a time, she said. "You're going back and forth, back and forth, and the performance becomes unbearable."
Google needed a platform with high performance, low latency, and the ability to scale. "As a data center solution provider, we can't run on workstations," said Porter. "We need to run on big servers."
Intel is eventually going to come out with a technology that addresses these problems – but AMD beat them to it.
The AMD 2nd Gen Epyc chip addresses performance, latency, and scalability issues, she said. And since memory is no longer an issue, customers can run their existing applications without a lot of hassle.
While the Intel SGX tops out at 92 megabytes, the AMD chips have no practical limit. At Google, that means up to 896 gigabytes on Google Cloud's largest virtual machine.
"It's just a checkbox now," Porter said. "You don't have to refactor everything. It just runs."
There is a performance hit, since data still has to be decrypted and encrypted again inside the secure enclave, but it has typically been within 2 to 6 percent, she said. "We're still working to validate the performance, but we haven't seen anyone with more than 10 percent performance degradation."
The secure enclaves are also more expensive, about 26 percent more. But since the AMD machines are discounted by 13 percent compared to equivalent Intel machines, customers only see an increase of about 13 percent.
In addition to providing encryption while applications are working on data, so that hackers eavesdropping on what applications are doing can't see anything, the new infrastructure also provides other security features.
If the power is turned off, for example, and hackers – or malicious insiders – get access to physical hardware, the data is still in encrypted form. And the firmware on the servers can't be tampered with.
"So it's not only software attacks that are mitigated, but also physical access attacks," Porter said. Even Google itself can't peek inside the machines and look at the data. "The less we see, the better for everybody.”
She said Google was the first to offer runtime encryption for cloud customers, but she expects other cloud and data center providers to offer similar services. "We are the first, but I'm sure we won't be the only ones for very long."
Those with similar requirements as Google, such as the ability to run existing applications at scale, will probably go with AMD Epyc, but there are some use cases for Intel SGX as well, she said.
"For example, when you're talking about a certificate authority, they need to sign your request," she said. "This signing operation can be isolated to the Intel SGX enclave."
Key management solutions or other smaller, single-purpose applications can also work well in the Intel SGX environment.
"But if you want to lift-and-shift applications – because changing existing applications is very painful for customers – and you want to optimize for usability, performance, and scale, I think you will come to the same conclusion as we did, that AMD is a better solution," said Porter.
"As time progresses, I'm sure more choices will be opening up, and not just on CPUs but also GPUs. A growing circle of hardware needs to respect confidentiality and privacy of data."
Google's Confidential VMs became available to enterprise customers last week, in beta, but will eventually be used for Google's own services. No timeframe has been announced yet for that rollout.
While Google is the first to offer a runtime encryption product using the AMD Epyc 2 platform, the chip has been gaining general traction in the data center space for its high performance.
IBM Cloud, Amazon Web Services, and Microsoft Azure all offer the technology, and enterprises are adopting it as well, AMD CFO Devinder Kumar said in a recent presentation.
In 2018, AMD's server market share was just 1 percent. This summer, AMD is on track to hit 10 percent market share, said Kumar.