Runtime encryption

Runtime encryption is one of the defining properties of confidential computing. In fact, it is the property that is most commonly associated with confidential computing. While different CPU architectures may implement runtime encryption differently in detail, the basic mechanisms are typically the same across architectures and vendors: At runtime, the CPU ensures that all data (and code) of a confidential computing environment (CCE) (i.e., an enclave or a confidential VM) lies encrypted in memory.

Technical details

While running a CCE, the CPU dynamically fetches the required data from memory and decrypts them. The decryption typically happens inside the CPU's internal structures (i.e., caches and registers), which are inaccessible for software and hardware. Typically, the encrypted data is fetched in blocks of 64 bytes. Inside its internal structures, the CPU processes the data with its full performance and capabilities. This is why confidential computing typically delivers highly favorable performance and compatibility compared to related approaches like fully homomorphic encryption (FHE). Before writing data back to memory, the CPU re-encrypts block-wise.

Thus, from outside the CPU, e.g., for the operating-system kernel or the system's motherboard, it looks as if the CPU was processing on encrypted data. In fact, any direct access to the memory corresponding to a CCE will always yield encrypted data. However, from the perspective of the software running inside a CCE, all data is always accessible in plaintext. This is the "magic" of confidential-computing-style runtime encryption.

Typically, a variant of the well-known AES algorithm, for example in Counter Mode, is used to encrypt CCE memory. To prevent tampering, the encrypted blocks are typically augmented with a message authentication code (MAC). The encryption key is held inside the CPU's internal structures. Typically, the key is ephemeral and is re-generated by the CPU upon boot.