Insight into the security technologies of confidential computing

Confidential computing – this term sounds pompous at first, but it is a decisive factor when it comes to ensuring the security and confidentiality of our data in the cloud. But what exactly do we mean by confidential computing?

In this article and our Rock the Prototype podcast episode, we look at various technologies that play a role in the context of confidential computing.

I will illustrate how Trusted Execution Environments or Multi-Party Computation, Zero-Knowledge Proofs and other exciting technologies help to create a more secure environment for our data.

So stay tuned now and if you’re not on board yet, subscribe to our Rock the Prototype podcast! Then you can listen to this important information at any time in our podcast!

Why is confidential computing so relevant now in the cloud age?

In our connected world, where privacy and security concerns are becoming increasingly prominent, confidential computing provides a layer of additional security that helps protect our privacy and the integrity of our data.

In short, it is about protecting data at the time of processing, i.e. while it is actually being used and digitally processed – not just when it is stored or transmitted.

This is an extremely important addition to conventional security measures, because our data is often at its most vulnerable when it is being actively used.

Our goal today is to understand the connection between these technologies and the requirements of confidential computing and explore how they work together to create robust security solutions.

Ready to delve deeper into the world of confidential computing? Let’s get started now.

Basic requirements for confidential computing

So let’s start with the basic requirements for confidential computing.

One of the most important aspects of this is data protection and the integrity of digital information.

In essence, it is about how we can ensure that our data remains protected throughout the entire processing. This not only means that no one has unauthorized access to our data, but also that the digital information cannot be manipulated during the entire processing.

Technologies for confidential cloud computing

Special technologies are used to achieve this.

Trusted Execution Environments, or TEEs for short, are a good example of this. They provide an isolated environment in which code and data are protected from the rest of the system and even from the system’s administrators.

Think of it like a safe that even the owner of the safe can only look into under certain conditions.

But it requires much more. Next, IT compliance and the sovereignty of our data play a central role .

In a digital world in which we constantly want to exchange data confidentially across invisible borders, it is essential that the processing of this data complies with national and European laws and regulations.

Confidential computing plays a key role here. By using trustworthy and certified technologies that guarantee a defined level of protection and thus secure and trustworthy processing, companies can ensure that they comply with the necessary data protection requirements.

Protection levels for confidential computing

In the world of confidential computing, defined levels of data protection play a key role in creating a secure and trustworthy environment.

These levels of protection are designed to provide different degrees of security depending on the requirements for specific data or applications.

Requirements for protection levels for confidential cloud computing

Basic requirements apply to these levels of protection.

  1. Data classification: Before effective protection levels can be implemented, data must be classified according to its sensitivity. Personal information is already fundamentally sensitive data. Nevertheless, there is still far more sensitive data, such as social data or our personal health data. This information requires even higher levels of protection than less sensitive information.
  2. Encryption standards: Encryption is a fundamental level of protection. Data can be encrypted in transit and at rest, but Confidential Computing extends this to encrypt data during processing. The choice of encryption standard depends on the level of security required. Let’s take AES-256, the Advanced Encryption Standard with a 256-bit key, as a concrete example of a common encryption standard .
  3. Access controls: Controlling who can access data is another important level of protection. This includes mechanisms such as authentication, authorization and auditing to ensure that only authorized users have access to sensitive data and that all access is logged.
  4. Isolation and segmentation techniques: In a Trusted Execution Environment, data and applications are isolated in a secure environment that is sealed off from other parts of the system. This physical and logical isolation helps to ensure the integrity and confidentiality of our data.
  5. Regular security assessments and compliance audits: To ensure compliance with data protection standards such as the GDPR, companies must conduct regular security assessments and compliance audits. These checks help to ensure that the protection levels are up to date and effectively protect against current threats.
  6. Zero-knowledge proofs and homomorphic encryption: For particularly sensitive data, advanced techniques such as zero-knowledge proofs and homomorphic encryption can be used to enable the processing of data without disclosing the data itself.

These levels of protection go far beyond the basic requirements stipulated in data protection regulations such as the GDPR. They provide a framework that enables companies to ensure both the integrity and confidentiality of their data while actively using and processing it. This forms the basis for a trusting computing environment, which is essential in today’s digital landscape.

Trusted cloud infrastructure - securely sharing and backing up data with cloud technology and digital systems

Trusted cloud infrastructure – securely sharing and backing up data with cloud technology and digital systems

Perfect, now let’s dive deeper into the technologies at the heart of Confidential Computing.

Trusted Execution Environments

Trusted Execution Environments are a particularly important concept here. This technology is fundamental to confidential computing because it is designed to provide a secure environment for processing sensitive data.

What is a Trusted Execution Environment?

A Trusted Execution Environment is a protected area within the processor that serves as a secure location for the execution of confidential and critical code areas. In this environment, data can be processed without being visible outside these Trusted Execution Environments, even if the rest of the system is compromised. This means that even operating systems, hypervisors or administrators have no insight into the activities within the TEE.

How does a Trusted Execution Environment work?

The mode of operation can be broken down into 3 basic processes:

  1. Isolation: TEEs isolate specific calculations from the main CPU and operating system to prevent interference or access by malware.
  2. Encryption: The data within a TEE is often encrypted, which provides additional security against physical attacks.
  3. Integrity protection: TEEs provide mechanisms to ensure that the code and data within the TEE are not modified during execution.

Examples of Trusted Execution Environments

  • Probably the best known is Intel SGX (Software Guard Extensions): Intel SGX enables developers to place code and data in so-called “enclaves” that are protected by encryption and other security mechanisms. This technology is often used in the financial industry to protect sensitive transaction data and algorithms.
  • A second example is the ARM TrustZone: This technology provides a secure virtualization environment that is often used in mobile and embedded devices. It makes it possible to isolate critical security functions such as crypto key management and biometric data processing.

Okay, now you might think: Nice! Fine! Everything saved. But before we feel too confident, we need to take a critical look. Despite the impressive progress made in the world of confidential computing and the seemingly robust security offered by technologies such as TEEs, security researchers have uncovered several vulnerabilities in the past.

It’s super important to understand that no technology is completely immune to threats.

Confidential Cloud Computing should not leave you and your data out in the rain!

Confidential Cloud Computing should not leave you and your data out in the rain!

Trusted Execution Environments are vulnerable!

IT forensics and IT security specialists have proven that even the most advanced Trusted Execution Environment is vulnerable under certain circumstances.

For example, various vulnerabilities have been discovered in Intel SGX that allow attackers to compromise the otherwise secure enclaves.

These vulnerabilities, often referred to as “side-channel attacks”, exploit the intricacies of the processor architecture to extract sensitive information.

But that’s how hackers are!

Hackers only know attack vectors and simply exploit them - so you remain hidden and hardly look as suspicious as illustrated in this stock photo. With luck, hackers will leave telltale traces, otherwise they will encrypt your data and demand a ransom.

Hackers only know attack vectors and simply exploit them – so they remain hidden and hardly look as suspicious as illustrated in this stock photo. With luck, hackers will leave behind telltale traces, otherwise they will encrypt your data and demand a ransom.

These fact-based findings do not mean that we should give up hope or that the technologies are useless. On the contrary, they highlight the need for continuous research and development in cyber security.

It remains an ongoing race between security experts who are making systems more secure and attackers who are looking for new ways to circumvent these security measures.

Awareness of these potential security risks is crucial. It reminds us that safety is not a one-off task, but requires constant effort. In the world of confidential computing, this means that companies and developers must not only implement the latest security technologies, but also constantly evaluate and improve their protection mechanisms to keep pace with evolving threats.

This is the current state of affairs: We have incredibly powerful tools at our disposal that have the potential to make our data more secure than ever. But these tools are not perfect. We must remain vigilant, support research and continuously scrutinize and improve the security of our systems. After all, the security of our data is so important that we cannot afford to compromise on this.

So be critical, informed and proactive. This is the only way you can be sure that confidential computing is trustworthy and at the same time ensure that the data entrusted to you remains secure.

Stay tuned for more insights on trustworthy security in the digital world.

Hardware Secure Modules (HSMs)

Now we come to another technological approach to confidential computing: Hardware Secure Modules (HSMs) and Secure Enclaves. These

Technologies play a central role in securing our private security keys and critical data.

Let’s take a closer look at how they do this and why they are so important.

What are Hardware Secure Modules?

Hardware Secure Modules, or HSMs, are physical devices specifically designed to securely generate, store and manage cryptographic keys.

Such HSMs are specially secured against physical attacks and tampering and are used in a variety of applications, from securing servers to payment systems.

They are designed to protect the information stored in them even in the event of physical access. This makes it a trustworthy component in any security infrastructure, especially when it comes to securing the key management of critical data that is particularly worthy of protection.

Secure Enclaves

Secure Enclaves are similar to Trusted Execution Environments, but offer a more specific form of security. They are part of the processor and provide a secure execution environment in which code and data are shielded from the rest of the system.

Secure Enclaves protect the integrity and confidentiality of the executed code and processed data, even if the operating system or hypervisor has been compromised. They are crucial for scenarios in which a very high level of security is required, for example when processing health data or for biometric authentication processes.

Well, you might think we have everything under control with our HSMs and Secure Enclaves acting as robust defenders of our keys and critical data.

But as we know from IT Sec research, including the study by Rajendran et al. and the work on the virtualization of hardware-bound Trusted Platform Modules, new vulnerabilities are becoming apparent.

Security researchers have legitimate doubts and prove that Hardware Secure Modules (HSMs), these devices that are considered the ultimate guardians of our encryption keys, are not free of vulnerabilities.

In the study by Rajendran et al. a framework called HUnTer is presented, which detects security gaps in the hardware below the software level.

These vulnerabilities can be exploited by special command sequences that penetrate deep into the system-on-chip architecture, allowing supposedly secure HSMs to be manipulated.

Things get even more interesting when we look at the virtualization of Trusted Platform Modules, as described in another study. The IT security researchers present a new architecture that enables the binding of virtual Trusted Platform Modules (vTPMs) to a physical Trusted Platform Module, which improves the use of TPM functionalities in virtualized environments such as cloud infrastructures.

This technology could increase security in the cloud, but the complexity of virtualization also increases the risk of software attacks at both the virtualization level and the hypervisor level.

These findings show us that the technology of HSMs and secure enclaves, although technologically very advanced, still offers points of attack that need to be considered.

The two papers – both published by recognized scientific journals – provide important insights into the security aspects of hardware-based security systems.

The first paper, published by the Institute of Electrical and Electronics Engineers(IEEE) in Transactions on Information Forensics and Security, and the second, published in Future Generation Computer Systems by Elsevier, both highlight the complex challenges and innovations in hardware security and its application in modern IT infrastructures.

What does this mean for us in the context of confidential computing?

Now it highlights the need for us IT architects, software developers and IT security experts to be constantly vigilant about which technologies are trustworthy, harden robust IT architectures and to what extent attack vectors still exist and how we can effectively compensate for them.

Security architectures must be continuously reviewed in order to be prepared for potential new threats.

The integration of HSMs and secure enclaves in confidential computing scenarios undoubtedly offers strong security improvements.

But like any technology, they are not perfect and need to be considered as part of a broader, in-depth security strategy.

Our discussion shows how important it is to take a critical look not only at the technologies and tools themselves, but also at the infrastructure in which they operate, and to reflect constructively and critically on how everything interacts.

At this point we make a cut

We’ve covered a lot of facts about the technological foundations and current challenges of confidential computing, but this hugely important topic is vast and deserves a deeper look.

That’s why I’m following the Divide and Conquer strategy at this point: willcontinue the topic of Confidential Computing in a second Rock the Prototype podcast episode.

In this upcoming episode, we will focus specifically on the exciting concept of multi-party computation. I will then explore with you how this technology makes it possible for several parties to perform calculations on data together without one of the parties gaining access to the data of the others.

This is particularly important for trusted data processing in the cloud, where companies and individuals rely on their data remaining not only secure but also private.

We will also shed light on other key aspects of secure and trustworthy data processing in the cloud. From the technical details to the real-world applications – stay tuned for deeper insights and exciting facts in our next Rock the Prototype episode.

Thank you very much for joining us today.

I look forward to welcoming you again next time as we delve further into the world of confidential computing.

Don’t forget to rate and subscribe to my podcast so you never miss another Rock the Prototype podcast episode.

Until then, stay safe and curious!

Your Sascha Block

Über den Autor:

Sascha Block

Ich bin Sascha Block – IT-Architekt in Hamburg und der Initiator von Rock the Prototype. Ich möchte Prototyping erlernbar und erfahrbar machen. Mit der Motivation Ideen prototypisch zu verwirklichen und Wissen rund um Software-Prototyping, Softwarearchitektur und Programmierung zu teilen, habe ich das Format und die Open-Source Initiative Rock the Prototype geschaffen.