Updated: Intel Releases New Technology Specification for Memory Encryption

(This is an update to an Intel blog posted earlier)

For many years, Intel has worked with the technology ecosystem to strengthen protections for operating systems and software via hardware-enhanced security. As each protection comes into effect, adversaries inevitably attempt to bypass them. For instance, Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) virtually eliminated the overhead associated with encryption processing and enabled near-ubiquitous encryption of stored data. Unable to read data at-rest, attackers shifted their focus to the data while it is in-use in memory, which is typically not encrypted today. Intel was first to introduce memory encryption and integrity protection capabilities in a general-purpose CPU as part of Intel® Software Guard Extensions (Intel® SGX). And now, Intel has introduced two new in-memory data protection capabilities that complement Intel SGX and provide customers additional flexibility and choice.

The baseline feature of these new capabilities is Intel® Total Memory Encryption (Intel® TME). As the name suggests, this technology encrypts the platform’s entire system memory with a single key. Intel TME, when enabled via BIOS configuration, will ensure that all memory accessed from the Intel CPU is encrypted, including customer credentials, encryption keys, and other IP or personal information on the external memory bus. Intel developed this technology to support a variety of encryption algorithms and is initially supporting the NIST encryption standard for storage - the AES XTS algorithm with 128-bit keys. The encryption key used for memory encryption is generated using a hardened random number generator in the CPU and never exposed to software. Data in-memory and on the external memory buses is encrypted and is only in plain-text while inside the CPU, similar to typical storage encryption. This allows existing software to run unmodified while helping protect memory using Intel TME. We recognize there are specific scenarios where it would be advantageous to not encrypt a portion of memory, so Intel TME allows the BIOS to specify a physical address range to remain unencrypted. The software running on an Intel TME-capable system will have full visibility into all portions of memory that are configured to not be encrypted by Intel TME, simply by reading a configuration register in the CPU.

The second new technology extends Intel TME to support multiple encryption keys (Intel® Total Memory Encryption - Multi-Key, or Intel® TME-MK) and provides the ability to specify use of a specific key for a page of memory. This architecture allows either CPU-generated keys or tenant-provided keys, giving full flexibility to customers. This means Virtual Machines (VMs) and Containers can be encrypted separately from each other in memory with separate encryption keys, a big plus in multi-tenant cloud environments. Separate encryption keys for VMs aid in providing resilience against additional attacks (as compared to Intel TME) such as freed data leaks, key wear out attacks, cross domain attacks, etc. VMs and Containers can also be pooled to share an individual key, further extending scale and flexibility. This includes support for both standard DRAM and NVRAM.

Intel TME and Intel TME-MK extend the paradigm of data-at-rest encryption, which has been deployed in the industry for multiple decades, to data-at-runtime encryption, where data is now encrypted both at-rest in storage and in-use in memory. Intel TME and Intel TME-MK help provide defense against physical attacks or memory theft, as well as protection against attacks that try to access memory from outside the owner’s intended software stack, such as invasive malware or a malicious VM. With TME, the host OS, hypervisor and all VMs are expected to be trustworthy. With Intel TME-MK, access to VM memory protected by one key is denied to software inside other VMs, but the host operating system, hypervisor, the guest OS and applications inside the protected VM are expected to be trustworthy. Intel SGX, on the other hand, isolates its encrypted memory from all software except application code inside the protected Intel SGX enclave. Software developers can supplement Intel TME with additional access controls to provide even more protection at the solution level.

Full details of the new memory encryption technologies can be found in the complete specification, which benefited from extensive collaboration with many ecosystem partners and customers. We invite software and systems developers to review it here and begin consideration of how Intel TME and Intel TME-MK can benefit your products and services.

In November 2021, Microsoft Azure announced new cloud instances that will take advantage of the hardware-based protections provided by Intel TME and Intel TME-MK technology. We invite you to learn more about them here.

Note: An earlier edition of this blog described the multi-key version as Multi-Key TME (MKTME). The final naming format is Intel TME Multi-Key (Intel TME-MK).

Published on Categories SecurityTags , , , ,
Baiju V. Patel

About Baiju V. Patel

Baiju V. Patel is an Intel Fellow in the Intel Client Computing Group (CCG) where he is responsible for setting technical direction for CCG and Intel’s security technologies. He joined the company in 1996 in the Intel Architecture Labs, where he focused on network security. Throughout more than two decades at Intel, Patel has made significant contributions to Intel architecture and computer security, most notably with Intel’s team collaborating with Microsoft on the Windows operating system. He earned his Ph.D. in Computer Engineering from the University of Massachusetts Amherst and holds more than 45 U.S. patents in security.