The Enterprise market is something that AMD has had their eyes on since they lost a major market share to Intel over the past few years. There’s a good reason that a particular cloud computing company would want to go with a particular range of processors. One obvious reason is performance. And the other one is security and AMD are hoping to put this uniqye feature-set as a one-up above Intel. Furthermore, AMD Zen will feature two unique features to aid network administrators in working within a secure environment.
AMD Zen will feature two new security systems
The first is SME known as Secure Memory Encryption. Second is SEV, Secure Encrypted Virtualization. Currently, these two solutions are unique to AMD. Even Intel are not supporting them with their Kaby Lake range of processors. The way they work is pretty simple but ingenious at the same time.
There is a second processor inside AMD Zen. It’s a system-on-ship, 32-bit microcontroller based on an ARM Cortex A5. This secure processor is a system wide approach to security. In essence, it allows tests to run in two distinct worlds. The first is Secure and the other is Standard Operations. Essentially, sensitive data can be cordoned off and sent to the Secure World. Meanwhile regular stuff doesn’t have to go through this.
You’ve probably seen this happen in movies before. Some bad guy encrypted the hard drive and you need to break into it. Theoretically, it means the data inside the hard drive is unreadable unless you have the decryption key or you simply crack it.
But in DRAM, data is stored in texts. We’ll let AMD explain the rest to you.
“Main memory encryption is performed via dedicated hardware in the on-die memory controllers. Each controller includes a high performance Advanced Encryption Standard (AES) engine that encrypts data when it is written to DRAM, and decrypts it when read as shown in Figure 1: Memory Encryption Behavior. The encryption of data is done with a 128-bit key in a mode which utilizes an additional physical address-based tweak to protect against cipher-text block move attacks.”
You can read the rest from AMD Zen document.