Confidential Quartet: comparing confidential computing platforms

Awesome AI start-up offers a proprietary algorithm for voice recognition. Health-hero hospital collected a large set of patient interviews audio recordings; it needs to transcribe and index them to define a new treatment protocol for an elusive rare condition. They need to work together, but how? Offer voice recognition as a cloud service and just stream audio recordings with intimate personal information? Or perhaps run the algorithms on the hospital’s infrastructure to process data? Neither approach solves this without giving away either sensitive personally identifiable information or valuable proprietary algorithms. Confidential Computing can help, and there are several hardware platforms to choose from. In this article we are comparing the different confidential computing platforms.

Solving multi-party collaboration with confidential computing

Multi-party collaboration and data sharing is on everyone’s radar lately. CanaryBit’s Confidential Cloud offers solutions for secure data sharing and data collaboration. And it’s about much more than just data! Datasets, code, models, or algorithms are all valuable data assets. Confidential Cloud processes digital assets in an encrypted environment implemented with confidential computing on commodity server platforms. Several leading platform vendors released or announced their confidential computing implementations. Since they are all different, it’s important to compare the confidential computing platforms. CanaryBit compared together with colleagues from KTH Royal Institute of Technology and RISE vendor implementations of confidential computing and reported the results in a research article.
Join the (virtual) 2022 IEEE International Symposium on Secure and Private Execution Environment Design on September 27 for a presentation of the findings reported in “SoK: Confidential Quartet: Comparison of Platforms for Virtualization-Based Confidential Computing”.

Comparing confidential computing platforms

We reviewed confidential computing implementations from four leading vendors of enterprise server platforms (in alphabetical order): AMD SEV-SNP, ARM CCA, IBM PEF and Intel TDX (we didn’t consider SGX). Following a brief description of how each of these technologies works, we compared them along eight diverse dimensions. There was a lot of ground to cover: deploying secrets; use of encryption; protection from other, neighbour virtual machines; protection from hypervisor attacks; communication; software support and attestation, and more.

Perhaps unsurprisingly, it turns out that many implementation aspects are similar across the four vendors. In many cases, solutions are similar since they consider the same adversary model or build on best-practices learned from past mistakes. Backward compatibility or relative ease of upstreaming software support push towards convergence too. On the other hand, there are some diverging designs when it comes to remote attestation or support for virtual machine migration. CanaryBit contributes to IETF standardisation work on confidential computing, and we hope that upcoming standards will encourage interoperability between  implementations.

Software Support Needed

Our analysis shows that the confidential computing ecosystem needs more tools and software support to drive a broader and more comprehensive adoption. This will help provide a richer functionality to the growing base of early adopters. This will also help get a more nuanced understanding of the trade-offs and differences between performance, setup complexity and security guarantees of confidential computing.  CanaryBit’s Confidential cloud includes standalone services for confidential computing resource orchestration and for verification and validation of security attestation results. 

We also launched a call for action to improve software support for Confidential Computing at the recent OpenInfra Forum held in Berlin in June this year.


We reviewed confidential computing implementations from four leading enterprise platform vendors and published a paper at SEED’22. In many cases they have similar approaches that build on security best practices or lessons learned from earlier vulnerabilities. Not all confidential computing implementations are created equal, since they assume slightly different adversaries and offer different security features.  Such slight differences build up, making the choice of confidential computing platforms a tricky exercise. CanaryBit can guide you in choosing the right platform to process your data using Confidential Cloud.



2023: more business, more challenges, more success to celebrate

2023: more business, more challenges, more success to celebrate

And just like that, in a blink of an eye, we have found ourselves at the end of yet another year. 2023 meant a lot to CanaryBit: it brought more business and challenges but also set the ground for growth for several years ahead. Let's rewind the year before it ends...

Preparing for DORA – a new challenge for financial entities

Preparing for DORA – a new challenge for financial entities

Preparations underway The Digital Operational Resilience Act (DORA), establishes the European Union’s new regulatory framework for the management of digital risks in financial markets. You can get a PDF of the regulation from the EU commission website. It entered into...

Standardising Confidential Computing

Standardising Confidential Computing

Trusted Execution Environments have been around for a while now and keep evolving. As support for confidential computing is included in more commodity platform, standardising this approach is becoming increasingly important to accelerate updake. This is part one of a...