AMD Memory Encryption Tutorial
Seoul, South Korea
Sunday June 19, 2:00pm
This tutorial will introduce the audience to 2 new x86 ISA features developed by AMD which can provide new security enhancements by leveraging integrated memory encryption hardware. These features, which will debut in upcoming CPUs, provide the ability to selectively encrypt some or all of system memory as well as the ability to run encrypted virtual machines, isolated from the hypervisor. The tutorial will cover technical details related to these features, including the ISA changes, security benefits, key management framework, and practical enablement.
The main objective of the tutorial is to educate the audience on the design and use of these features which are the first general-purpose memory encryption features to be integrated into the x86 architecture.
The target audience for this tutorial are both industry and academic individuals. Some familiarity with existing x86 virtualization technologies would be beneficial.
For additional information please see AMD Memory Encryption Whitepaper (PDF)
Introduction and architectural overview
o Design goals and objectives
o Feature details
o Software impact
Use cases and key management
o Secure platform provisioning
o Secure VM provisioning
o VM lifecycle flows
Enablement and future research areas
o OS/HV support
o Open problems and use cases to explore
David Kaplan, Security Architect, AMD. David is a hardware security architect who focuses on developing new security technologies across the AMD product line as part of the Security Architecture Research and Development center. He is the lead architect for the AMD memory encryption features and has worked on both CPU and SOC level security features for the last 4 years. David has over 9 years of experience at AMD with a background in x86 CPU development and has filed over 30 patents in his career so far.
Tom Woller, Security Architect, AMD. Tom is leading the Security Architecture Research and Development center at AMD. This team is responsible for establishing innovative security technologies and including these designs into AMD new product initiatives. Previously Tom has developed and led architectural teams in the areas of: heterogeneous GPU computing, virtualization, audio, parallel storage designs, and real-time call processing. He’s managed to be a contributor for over 35 patents in his career.
Jeremy Powell, Security Architect, AMD. Jeremy is a software security architect in the AMD Security Architecture Research and Development center. He contributes to the secure design of components and features across AMD’s product lines. He has worked in the security industry for seven years and has extensive experience in cryptography, vulnerability analysis, and operating systems which comes from his previous position as a Common Criteria evaluator at a security consulting company.