Google Launches Confidential VMs, GKE Nodes, to Encrypt Data In-Use

Google is hoping to make confidential computing — the encryption of data in-use — as easy as the click of a button for cloud native users. To this end, the company has released into general availability Confidential Virtual Machines (VMs), unveiled as a beta in July, as well as beta launched Google Kubernetes Engine (GKE) Confidential Nodes.
“One of the really neat things about this is how simple [confidential computing] is to actually implement. Right now, obviously, data-at-rest is standard, as is data in flight. These are taken for granted. Data in-use is what this introduces,” said Drew Bradstock, product manager for GKE. in an interview. “From a GKE point of view, to enable this, all you have to do is specify at the cluster creation time, and then it’s going to take advantage of these VMs and the technology behind it. That’s it. You don’t need to change your apps. The actual developers don’t need to know this. The administrator is creating the cluster like a platform team would be, but it’s literally one command as part of the cluster creation, which makes it incredibly easy to take advantage of.”
When you click that button and deploy Confidential GKE Nodes, the system will automatically enforce the use of Confidential VMs for all your worker nodes, which ensures that your data is encrypted in memory with a dedicated key generated and managed by the AMD EPYC processor.
At the core of this functionality is the newly released Confidential VM, which uses hardware memory encryption to encrypt up to 240 vCPUs and 896 GiB memory, with just five percent latency, explained Google Cloud senior project manager Nelly Porter.
“If you’re using AMD hardware, there’s a specific hardware extension called secure encrypted virtualization that helps us very efficiently encrypt a huge amount of memory of our VMs. In software, you would not be able to encrypt VMs of 896 gigs of memory. We have the ability to do it in hardware, and we have the opportunity to offer a secure solution and create this cryptographic isolation for those VMs that we call confidential,” said Porter. “The idea here is to ensure that customers don’t need to change anything. They don’t need to change the workloads or tools or anything around. Everything that they can run in VMs they can run in confidential VMs and it also ensures that performance or this particular task would not be significantly impacted.”
Not only does the hardware encryption offer performance beyond software-based encryption, but Porter also emphasized that it further protects and isolates data from everyone involved — even Google itself.
“The keys for this encryption is also done in hardware, and it’s per VM, and per node, and it’s ephemeral, which means it’s not stored anywhere, but the best thing about the key is, it’s not extractable. It means no Google, no AMD or anybody in between would be able to get access to those keys. We can’t see anything, because encryption of your confidential environment is done with the keys, which none of the parties actually have access to,” said Porter. “It means that it’s even better protected against your multitenant customers but also against us, our infrastructure. This idea is to ensure that we have protection against all your neighbors and protection against zero days of infrastructure.”
Confidential VMs make it easier to lift-and-shift workloads with compliance requirements into the cloud, one of the primary use cases for confidential computing. Google also unveiled a number of features along those lines, including identity and access management (IAM), allowing you to define specific access privileges for Confidential VMs, and audit reports for compliance, which provide detailed logs about the integrity of the AMD Secure Processor Firmware responsible for key generation. In addition, Google has also introduced secret sharing with Confidential VMs using virtual trusted platform modules (vTPMs), and the ability to “use a combination of Shared VPCs, organization policy constraints, and firewall rules to ensure Confidential VMs can only interact with other Confidential VMs, even when these VMs live inside different projects,” according to a blog post.
Currently, Confidential VMs are generally available, and users interested in Confidential GKE Nodes can sign up to learn about when they are available.
Feature image by Tayeb MEZAHDIA from Pixabay.