At Cloudflare, we encrypt data both in transit and at rest as both practices address some of the most common vectors used to exfiltrate information but, what about data currently in use?
AMD SME (Secure Encrypted Memory) is a CPU security technology that has been available in AMD's EPYC processors since 2016. They power our next generation hardware and in this session, we will discuss the following:
- Discuss SME architecture and kernel support;
- Detail our performance tests on production workloads
- Show a demonstration of attempting to break SME
- Discuss future roadmap for total memory encryption.