Intel and Google Cloud have just released a joint report detailing a months-long audit of a new security feature on Intel’s latest server chips: Trust Domain Extensions (TDX). The report is a result of a collaboration between security researchers from Google Cloud Security and Project Zero, and Intel engineers. It led to a number of pre-release security improvements for Intel’s new CPUs.
TDX is a feature of Intel’s 4th-generation “Sapphire Rapids” Xeon processors, though it will be available on more chips in the future. It’s designed to enable Confidential Computing on cloud infrastructure. The idea is that important computations are encrypted and performed on hardware that’s isolated from the regular computing environment. This means that the cloud service operator can’t spy on the computations being done, and makes it harder for hackers and other bad actors to intercept, modify, or otherwise interfere with the code as it runs. It basically makes it safe for companies to use cloud computing providers like Google Cloud and Amazon Web Services for processing their most important data, instead of having to operate their own secure servers.
However, for organizations to rely on features like TDX, they need some way to know that they’re genuinely secure. As we’ve seen in the past with the likes of Meltdown and Spectre, vulnerabilities at the processor level are incredibly hard to detect and mitigate for, and can allow bad actors an incredible degree of access to the system. A similar style of vulnerability in TDX, a supposedly secure processing environment, would be an absolute disaster for Intel, any cloud computing provider that used its Xeon chips, and their customers. That’s why Intel invited the Google security researchers to review TDX so closely. Google also collaborated with chipmaker AMD on a similar report last year.
According to Google Cloud’s blogpost announcing the report, “the primary goal of the security review was to provide assurances that the Intel TDX feature is secure, has no obvious defects, and works as expected so that it can be confidently used by both cloud customers and providers.” Secondarily, it was also an opportunity for Google to learn more about Intel TDX so they could better deploy it in their systems.
While external security reviews—both solicited and unsolicited—are a common part of computer security, Google and Intel engineers collaborated much more closely for this report. They had regular meetings, used a shared issue tracker, and let the Intel engineers “provide deep technical information about the function of the Intel TDX components” and “resolve potential ambiguities in documentation and source code.”
The team looked for possible methods hackers could use to execute their own code inside the secure area, weaknesses in how data was encrypted, and issues with the debug and deployment facilities.
In total, they uncovered 81 potential attack vectors and found ten confirmed security issues. All the problems were reported to Intel and were mitigated before these Xeon CPUs entered production.
As well as allowing Google to perform the audit, Intel is open-sourcing the code so that other researchers can review it. According to the blogpost, this “helps Google Cloud’s customers and the industry as a whole to improve our security posture through transparency and openness of security implementations.”
All told, Google’s report concludes that the audit was a success since it met its initial goals and “was able to ensure significant security issues were resolved before the final release of Intel TDX.” While there were still some limits to the researchers access, they were still able to confirm that “the design and implementation of Intel TDX as deployed on the 4th gen Intel Xeon Scalable processors meets a high security bar.”