Confidential Quartet: comparing confidential computing platforms

Awesome AI start-up offers a proprietary algorithm for voice recognition. Health-hero hospital collected a large set of patient interviews audio recordings; it needs to transcribe and index them to define a new treatment protocol for an elusive rare condition. They need to work together, but how? Offer voice recognition as a cloud service and just stream audio recordings with intimate personal information? Or perhaps run the algorithms on the hospital’s infrastructure to process data? Neither approach solves this without giving away either sensitive personally identifiable information or valuable proprietary algorithms. Confidential Computing can help, and there are several hardware platforms to choose from. In this article we are comparing the different confidential computing platforms.

Solving multi-party collaboration with confidential computing

Multi-party collaboration and data sharing is on everyone’s radar lately. CanaryBit’s Confidential Cloud offers solutions for secure data sharing and data collaboration. And it’s about much more than just data! Datasets, code, models, or algorithms are all valuable data assets. Confidential Cloud processes digital assets in an encrypted environment implemented with confidential computing on commodity server platforms. Several leading platform vendors released or announced their confidential computing implementations. Since they are all different, it’s important to compare the confidential computing platforms. CanaryBit compared together with colleagues from KTH Royal Institute of Technology and RISE vendor implementations of confidential computing and reported the results in a research article.
Join the (virtual) 2022 IEEE International Symposium on Secure and Private Execution Environment Design on September 27 for a presentation of the findings reported in “SoK: Confidential Quartet: Comparison of Platforms for Virtualization-Based Confidential Computing”.

Comparing confidential computing platforms

We reviewed confidential computing implementations from four leading vendors of enterprise server platforms (in alphabetical order): AMD SEV-SNP, ARM CCA, IBM PEF and Intel TDX (we didn’t consider SGX). Following a brief description of how each of these technologies works, we compared them along eight diverse dimensions. There was a lot of ground to cover: deploying secrets; use of encryption; protection from other, neighbour virtual machines; protection from hypervisor attacks; communication; software support and attestation, and more.

Perhaps unsurprisingly, it turns out that many implementation aspects are similar across the four vendors. In many cases, solutions are similar since they consider the same adversary model or build on best-practices learned from past mistakes. Backward compatibility or relative ease of upstreaming software support push towards convergence too. On the other hand, there are some diverging designs when it comes to remote attestation or support for virtual machine migration. CanaryBit contributes to IETF standardisation work on confidential computing, and we hope that upcoming standards will encourage interoperability between  implementations.

Software Support Needed

Our analysis shows that the confidential computing ecosystem needs more tools and software support to drive a broader and more comprehensive adoption. This will help provide a richer functionality to the growing base of early adopters. This will also help get a more nuanced understanding of the trade-offs and differences between performance, setup complexity and security guarantees of confidential computing.  CanaryBit’s Confidential cloud includes standalone services for confidential computing resource orchestration and for verification and validation of security attestation results. 

We also launched a call for action to improve software support for Confidential Computing at the recent OpenInfra Forum held in Berlin in June this year.


We reviewed confidential computing implementations from four leading enterprise platform vendors and published a paper at SEED’22. In many cases they have similar approaches that build on security best practices or lessons learned from earlier vulnerabilities. Not all confidential computing implementations are created equal, since they assume slightly different adversaries and offer different security features.  Such slight differences build up, making the choice of confidential computing platforms a tricky exercise. CanaryBit can guide you in choosing the right platform to process your data using Confidential Cloud.


Get Started!

Explore how Confidential Cloud helps to secure your cloud infrastructure, protect your data from any AI workload and in turn, enable new business.



CanaryBit joins NVIDIA Inception Program for secure AI

CanaryBit joins NVIDIA Inception Program for secure AI

The solutions developed by CanaryBit have since its inception aimed to provide end-to-end data protection and governance solutions for confidential and secure AI processing, enabling B2B collaborations and compliance with data protection regulations. Today, we are...

CanaryBit joins ABB ‘s innovation growth hub SynerLeap

CanaryBit joins ABB ‘s innovation growth hub SynerLeap

CanaryBit has become a member of Synerleap, ABB's innovation growth hub. Synerleap aims to create an ecosystem where ABB can utilize and enable technology companies to grow and expand on a global market in its business areas including industrial automation, robotics...