/plushcap/analysis/cloudflare/securing-memory-at-epyc-scale

Securing Memory at EPYC Scale

What's this blog post about?

Cloudflare discusses their strategy of ensuring security by encrypting data both in transit and at rest. They explore the issue of data vulnerability when it's in use, specifically within RAM. The company investigates various technologies to protect against physical system attacks, such as enclaves. However, they find that Secure Memory Encryption (SME) offered by AMD EPYC processors provides a more comprehensive solution for encrypting all memory at scale. They test the performance impact of enabling SME and find it to be less than expected, thus reducing the worry of data exfiltration from a stolen server.

Company
Cloudflare

Date published
Feb. 28, 2020

Author(s)
Derek Chamorro, Brian Bassett

Word count
1233

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.