Confidential Computing: Why Data Must Remain Encrypted Even During Processing

Today’s data is reliably encrypted – at rest and in transit. Yet during processing, it resides unencrypted in RAM. Confidential Computing closes this final gap using hardware-based enclaves. Intel SGX, AMD SEV, and ARM CCA have matured the concept for production use.

TL;DR

Confidential Computing protects data in RAM using hardware-enforced enclaves
Market leaders: Intel SGX, AMD SEV-SNP, ARM Confidential Compute Architecture
Google, Microsoft, and AWS offer Confidential VMs in the cloud
Especially relevant for healthcare, financial services, and AI training

The Final Encryption Gap

Cryptography has solved two of three data states: data at rest (AES-256 on disk) and data in transit (TLS 1.3 over the network). But during processing, data must be decrypted and held in RAM – accessible to the operating system, hypervisor, and potentially to attackers with root-level access.

Confidential Computing directly addresses this challenge: Using hardware-based Trusted Execution Environments (TEEs), it processes data inside protected enclaves – even the cloud provider cannot access them.

How Hardware Enclaves Work

Intel SGX (Software Guard Extensions) reserves encrypted memory regions directly within the CPU. The encryption key never leaves the processor. Even a compromised operating system cannot read data inside the enclave.

AMD SEV-SNP goes further by encrypting an entire virtual machine’s memory – making protection transparent to applications; no code refactoring required. ARM CCA brings the same principles to mobile and edge devices.

Cloud Offerings Compared

Azure Confidential Computing leverages both Intel SGX and AMD SEV-SNP for Confidential VMs and enclaves. Google Cloud offers Confidential VMs powered by AMD SEV. AWS provides Nitro Enclaves – a proprietary approach featuring isolated compute environments.

For enterprises, this means Confidential Computing isn’t futuristic speculation – it’s available today. Technology choice depends on the use case: enclaves for maximum isolation, Confidential VMs for straightforward migration.

Use Cases: Where Confidential Computing Makes the Difference

In healthcare, the technology enables collaborative analysis of patient data across multiple clinics – without raw data ever leaving its secure environment. In financial services, fraud detection models can be trained on data from multiple banks – enabling privacy-preserving machine learning.

Confidential Computing is also transformative for AI training on sensitive data: models can be trained on confidential datasets without granting the cloud provider access to the training data itself.

Key Facts

Market size: USD 5.3 billion by 2028 (Everest Group)

Performance overhead: 2-8% for AMD SEV-SNP; 5-15% for Intel SGX

Adoption: Over 40 companies in the Confidential Computing Consortium (Linux Foundation)

Frequently Asked Questions

Is Confidential Computing the same as homomorphic encryption?

No. Homomorphic encryption allows computations on encrypted data using purely mathematical operations – but it’s extremely slow. Confidential Computing relies on hardware enclaves and delivers performance sufficient for production workloads.

Do I need specialized hardware?

Yes – if running on your own infrastructure. In the cloud, providers supply the hardware: Azure, GCP, and AWS all offer Confidential VMs that run on compatible processors.

Does Confidential Computing protect against insider attacks?

Yes – that’s one of its core advantages. Even administrators with root access to the host cannot read data inside the enclave. This includes the cloud provider itself.

About the author: Tobias Massow

Read article

Cloud-Sicherheit