• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

AMD's ZEN to Implement Advanced Security Features not found in Intel's solutions

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.65/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
I was looking closer at that picture and it looked familiar...


AMD Beema

That's not Zen so, either the picture is bull or Beema already has this feature and it's not new to Zen.
 
Last edited:

Arnulf

New Member
Joined
Aug 25, 2016
Messages
11 (0.00/day)
I was looking closer at that picture and it looked familiar...


AMD Beema

That's not Zen so, either the picture is bull or Beema already has this feature and it's not new to Zen.

This is correct, Puma-based SoCs (Beema/Mullins) contain TrustZone Cortex CPU as well. Zen will be the first high performance chip to employ this though (for server/high end desktop market).
 

Raevenlord

News Editor
Joined
Aug 12, 2016
Messages
3,755 (1.35/day)
Location
Portugal
System Name The Ryzening
Processor AMD Ryzen 9 5900X
Motherboard MSI X570 MAG TOMAHAWK
Cooling Lian Li Galahad 360mm AIO
Memory 32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s) Gigabyte RTX 3070 Ti
Storage Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s) Acer Nitro VG270UP (1440p 144 Hz IPS)
Case Lian Li O11DX Dynamic White
Audio Device(s) iFi Audio Zen DAC
Power Supply Seasonic Focus+ 750 W
Mouse Cooler Master Masterkeys Lite L
Keyboard Cooler Master Masterkeys Lite L
Software Windows 10 x64
As a first post I'd say good job && well done! A comprehensive and well-rounded post, I'd say.
But as a news post it kinda fails, as this information has been known for well over a half a year now – ever since AMD pushed those patches to the linux kernel, implementing support for these features. xP
Either way, hope to see more of Your posts soon, as You really seem to have a knack for writing good, comprehensive and detailed articles.

Thanks for the kind words, Vinska!
Yeah, as a news post, it's kinda more like old-news :clap:

That said, I found the info and the technology interesting and potentially game-changing, so I tried to give it a relatively detailed, yet simple breakdown of what to expect and how it works.
 
Joined
Sep 6, 2013
Messages
2,973 (0.77/day)
Location
Athens, Greece
System Name 3 desktop systems: Gaming / Internet / HTPC
Processor Ryzen 5 5500 / Ryzen 5 4600G / FX 6300 (12 years latter got to see how bad Bulldozer is)
Motherboard MSI X470 Gaming Plus Max (1) / MSI X470 Gaming Plus Max (2) / Gigabyte GA-990XA-UD3
Cooling Νoctua U12S / Segotep T4 / Snowman M-T6
Memory 16GB G.Skill RIPJAWS 3600 / 16GB G.Skill Aegis 3200 / 16GB Kingston 2400MHz (DDR3)
Video Card(s) ASRock RX 6600 + GT 710 (PhysX)/ Vega 7 integrated / Radeon RX 580
Storage NVMes, NVMes everywhere / NVMes, more NVMes / Various storage, SATA SSD mostly
Display(s) Philips 43PUS8857/12 UHD TV (120Hz, HDR, FreeSync Premium) ---- 19'' HP monitor + BlitzWolf BW-V5
Case Sharkoon Rebel 12 / Sharkoon Rebel 9 / Xigmatek Midguard
Audio Device(s) onboard
Power Supply Chieftec 850W / Silver Power 400W / Sharkoon 650W
Mouse CoolerMaster Devastator III Plus / Coolermaster Devastator / Logitech
Keyboard CoolerMaster Devastator III Plus / Coolermaster Devastator / Logitech
Software Windows 10 / Windows 10 / Windows 7
But Yahoo owned those email servers ... unless I misunderstood something, memory encryption has no bearing on that story.
The reason I mentioned Yahoo! is because news like this, will make enterprises more worried about their sensible data stored on the cloud. When you see a big, old and established company like Yahoo!, spying it's customers emails, the first thing you will do if you are an enterprise is to lose part of your trust to your cloud service provider, even if until now you had absolute trust to that provider. And you don't have to be a terrorist or a criminal to worry about that. Industrial espionage is something totally real and happening every day between companies and countries.
 
Joined
Dec 14, 2011
Messages
115 (0.03/day)
It could be used to implement very hard to crack DRM schemes as well...
 
Joined
Jul 23, 2011
Messages
1,586 (0.34/day)
Location
Kaunas, Lithuania
System Name my box
Processor AMD Ryzen 9 5950X
Motherboard ASRock Taichi x470 Ultimate
Cooling NZXT Kraken x72
Memory 2×16GiB @ 3200MHz, some Corsair RGB led meme crap
Video Card(s) AMD [ASUS ROG STRIX] Radeon RX Vega64 [OC Edition]
Storage Samsung 970 Pro && 2× Seagate IronWolf Pro 4TB in Raid 1
Display(s) Asus VG278H + Asus VH226H
Case Fractal Design Define R6 Black TG
Audio Device(s) Using optical S/PDIF output lol
Power Supply Corsair AX1200i
Mouse Razer Naga Epic
Keyboard Keychron Q1
Software Funtoo Linux
Benchmark Scores 217634.24 BogoMIPS
It could be used to implement very hard to crack DRM schemes as well...
actually, no not really: the memory encryption feature hides information from memory contents leaking to outside of the OS controlled domain, but keeps it fully accessible within it – it has to for normal operation of the computer. So it can't and won't, e.g. hide the memory from a driver running within the OS on ring 0.
Same for encrypted virtualization: it won't hide the information from the host itself.
The only way I can see DRM being implemented with this is having a DRM-protected application running in a an encrypted virtual machine. For one kind of DRM, the stuff for games, which want to use "actual graphics", it's helluva problematic. While for the other kind of DRM, music and movies, that just introduces a problem of "we still need to get the decrypted content outside of the VM, to the hypervisor / underlying OS, so it could actually present it to the user."

And even if someone finds some convulated way to make use of these for DRM, due to the nature of the tech and since these both features interact with the OSes running on the hardware in a non-trivial way, it's simply an option one can, nay, has to be able to disable before boot. (Or more like, have to be explicitly enabled by the user before boot, likely in the form of BIOS/UEFI/whatever settings, lest all hell breaks loose if the software doesn't support it)

[...]
That's not Zen so, either the picture is bull or Beema already has this feature and it's not new to Zen.

What these had/have is called a TrustedZone, which is this just slightly useful thing mainly used by ARM platforms, which AMD licensed from aforementioned ARM.
What Zen is getting is this plus a whole lotta more and these additional features are not provided nor available on the TrustedZone dohicky.
 
Joined
Dec 30, 2010
Messages
2,082 (0.43/day)
Sounds neat, but has physical server security been an issue? But, it does impart that warm and fuzzy feeling, it's a good server feature.

From what i can think of, lets say your website gets hacked, malware is being installed, and it's trying to monitor for user passes, root passes and all that stuff. Basicly what this does is encrypt the contents of the memory and make it useless for readout.

Simular happens on PC, where malware esp. for Windows trying to grab bank details, would technically be encrypted making it useless. Malware is these days so sophisticated that it does'nt need any user input at all. It just sits and monitors what is going in and outside the memory for example.
 
Top