AMD SEV

AMD Secure Encrypted Virtualization (SEV) represents a CPU capability that encompasses the subsequent attributes:

Attestation

AMD SEV-SNP facilitates the retrieval of a signed attestation report. This report contains a cryptographic measurement that validates the instance's current state and identity. Furthermore, it guarantees the instance's operation on authentic AMD hardware. Comprehensive details can be found in the Attestation with AMD SEV-SNP documentation.

Memory encryption

Commencing from AMD EPYC (Milan), AWS Graviton2, and Intel Xeon Scalable (Ice Lake) processors, memory encryption becomes an inherent feature. Instances that are activated with AMD SEV-SNP utilize an instance-specific key to encrypt their memory.

Last updated 9 months ago

Was this helpful?