Google’s Project Zero and cloud security teams’ nine-month assessment of the security of the Intel Trust Domain Extension (TDX) has identified a number of areas it needs to improve, but overall, the company gave the new technology, which will be included in the fourth generation of Intel’s Xeon Scalable processor, the thumbs-up.
The TDX module is a feature in the next generation of Xeon processors that provides hardware-isolated virtual machines (VM), known as Trust Domains (TD). These can be used to isolate sensitive resources, such as virtualised physical memory, from the host operating system on which the VM runs.
The research, conducted in collaboration with Intel, looked at how to prevent confidential computing technology from threats today and into the future.
Intel said the research was used to identify if there were obvious defects in TDX and test if it works as expected to ensure the technology could be deployed by both cloud customers and providers. The researchers also wanted to have a better understanding of the expected threat model for TDX, and identify limitations in the design and implementation that would better inform Google’s deployment decisions.
The security review assessed arbitrary code execution in a privileged security context; cryptographic weaknesses; temporary and permanent denial of service and weaknesses in debug or deployment facilities. Intel has also opened the source code to the components the team reviewed so that further research can be performed in public. The source code available for public review includes the TDX Module and Seam Loader.
The report points out a serious implementation issue due to a bug in the Authenticated Code Module (ACM) responsible for initialising the TDX feature.
The researchers found that when the ACM moves between its secure and unsecured state, the bug allows untrusted code to execute in “privileged execution mode”, which has a high level of security. This bug can be exploited to compromise the integrity of the TDX feature and the security of any deployed VMs.
The defects and weaknesses identified during the review were fed back to Intel for remediation.
Nelly Porter, group product manager for Google Cloud, said: “As industry leaders in confidential computing, we make it our mission to thoroughly review the underlying technology, especially as we offer it to our customers. We are pleased at the level of security already baked into Intel TDX, as well as the collaboration between our teams that improves security outcomes for the entire industry.”
“We want to make it such that people don’t worry about the security and trustworthiness of their data,” said Anil Rao, vice-president and general manager of systems architecture and engineering in the office of the chief technology officer at Intel.
“Organisations use confidential computing to control their data and provide access to trusted parties in a manner that is verifiable, revocable and time-sensitive – we have an obligation to make sure the technology is secure. Our early effort with Google solidifies our commitment to perform thorough analysis to address all potential vulnerabilities.”
