AWS Nitro Enclaves
AWS Nitro Enclaves enables customers to create isolated compute environments to further protect and securely process highly sensitive data such as personally identifiable information (PII), healthcare, financial, and intellectual property data within their Amazon EC2 instances. Nitro Enclaves uses the same Nitro Hypervisor technology that provides CPU and memory isolation for EC2 instances.
Nitro Enclaves helps customers reduce the attack surface area for their most sensitive data processing applications. Enclaves offers an isolated, hardened, and highly constrained environment to host security-critical applications. Nitro Enclaves includes cryptographic attestation for your software, so that you can be sure that only authorized code is running, as well as integration with the AWS Key Management Service, so that only your enclaves can access sensitive material.
There are no additional charges for using AWS Nitro Enclaves other than the use of Amazon EC2 instances and any other AWS services that are used with Nitro Enclaves.
Additional isolation and security
Enclaves are fully isolated virtual machines, hardened, and highly constrained. They have no persistent storage, no interactive access, and no external networking. Communication between your instance and your enclave is done using a secure local channel. Even a root user or an admin user on the instance will not be able to access or SSH into the enclave.
Nitro Enclaves uses the proven isolation of the Nitro Hypervisor to further isolate the CPU and memory of the enclave from users, applications, and libraries on the parent instance. These features help isolate the enclave and your software, and significantly reduce the attack surface area.
Attestation allows you to verify the enclave’s identity and that only authorized code is running in your enclave. The attestation process is accomplished through the Nitro Hypervisor, which produces a signed attestation document for the enclave to prove its identity to another party or service. Attestation documents contain key details of the enclave such as the enclave's public key, hashes of the enclave image and applications, and more. Nitro Enclaves includes AWS KMS integration, where KMS is able to read and verify these attestation documents that is sent from the enclave.
Nitro Enclaves are flexible. You can create enclaves with varying combinations of CPU cores and memory. This ensures you have sufficient resources to run the same memory or compute intensive applications that you were already running on your existing EC2 instances. Nitro Enclaves are processor agnostic, and can be used across instances powered by different CPU vendors. They are also compatible with any programming language or framework. Furthermore, because many components of Nitro Enclaves are open sourced, customer can even inspect the code and validate it themselves.
How it works
Figure 1: Nitro Enclaves How It Works Process Flow
Figure 2: Nitro Enclaves uses the same Nitro Hypervisor technology that creates the CPU and memory isolation among EC2 instances, to create the isolation between an Enclave and an EC2 instance.
Figure 3: An enclave is created by partitioning the CPU and memory of an EC2 instance, called a parent instance. You can create enclaves with varying combinations of CPU cores and memory. Above is an example using m5.4xlarge split into a parent instance (14 vCPU, 32 GiB Memory) and Enclave (2 vCPU, 32 GiB Memory). Communication between the parent instance and the enclave is done via a secure local connection called vsock.
Securing Private Keys
Customers can now isolate and use private keys (e.g. SSL/TLS) in an enclave, while preventing users, applications, and libraries on the parent instance from viewing those keys. Normally, these private keys are stored on the EC2 instance in plain text.
AWS Certificate Manager (ACM) for Nitro Enclaves is an enclave application that allows you to use public and private SSL/TLS certificates with your web applications and servers running on Amazon EC2 instances with AWS Nitro Enclaves.
Tokenization is a process that converts highly sensitive data such as credit card numbers or health care data into a token. With Nitro Enclaves, customers can run the application that does this conversion inside an enclave. Encrypted data can be sent to the enclave, where it is decrypted and then processed. The parent EC2 instance will not be able to view or access the sensitive data throughout this process.
Using the cryptographic attestation capability of Nitro Enclaves, customers can set up multi-party computation, where several parties can join and process highly sensitive data without having to disclose or share the actual data to each individual party. Multi-party computation can also be done within the same organization to establish separation of duties.
- AWS Nitro Enclaves User Guide
- Getting Started with Nitro Enclaves
- ACM for Nitro Enclaves
- AWS Nitro Enclaves CLI
- AWS Nitro Enclaves NSM API
- AWS Nitro Enclaves SDK
- Blog: AWS Nitro Enclaves – Isolated EC2 Environments to Process Confidential Data
- What's New: Nitro Enclaves
- What's New: ACM for Nitro Enclaves
"ACINQ is one of the main developers and operators of the Lightning Network, an open, high-performance payment network based on Bitcoin. By running our payment nodes inside AWS Nitro Enclaves, we were able to achieve the high level of protection we need for the private keys that control our funds with nearly no code modifications. The ability to run complex, cryptographically attested applications inside AWS Nitro Enclaves is a game changer from a security point of view and enables us to implement extra security measures such as the use of hardware wallets to administer our systems. Using AWS Nitro Enclaves, we operate one of the most secure payment nodes on the network, and plan to move more services to AWS Nitro Enclaves to reduce the attack surface of our overall system."
Fabrice Drouin, Co-Founder and CTO, ACINQ
“Anjuna innovated an enterprise-ready way to protect high-value assets leveraging AWS Nitro Enclaves. Now our customers can set up and manage isolated compute environments in EC2 to process and harden cloud workloads in minutes without recoding or refactoring applications. Anjuna Confidential Computing software, built on Nitro Enclaves, reduces the attack surface for confidential and sensitive data processing applications: personally identifiable information (PII), proprietary algorithms, multiparty computation (MPC) applications, databases, and key/secrets management. AWS Nitro Enclaves allows Anjuna’s software to better serve customers in highly regulated industries such as financial services, fintech, crypto, government, healthcare, and SaaS providers.”
Ayal Yogev, CEO and Co-founder, Anjuna Security
"Cape Privacy is focused on data security and privacy for AI that leverages the cloud. Companies can use Cape API to leverage the power of Large Language Models against a customized knowledge base that can include sensitive or confidential data. Cape API is designed to provide privacy for customer data without compromising the value of using a Large Language Model. Customers using Cape models on Amazon EC2 can be confident in Cape Privacy's approach to protect their sensitive data because they use AWS Nitro Enclaves on top of the AWS Nitro System with various privacy-preserving data processing techniques to ensure that nobody can ever see your data."
Ché Wijesinghe, CEO, Cape Privacy
"Highly available and secure validator infrastructure is critical for sustainable cryptocurrency networks (such as the Crypto.org Chain). Specifically, one key aspect that needs to be secured and hardened is the signing of consensus protocol messages. Within our cloud infrastructure, AWS Nitro Enclaves and AWS KMS make it easy for Crypto.com and our external partners to scale, deploy and manage these signing processes. AWS Nitro Enclaves provide cost-effective hardening and isolation for secure key management.”
Tomas Tauber, Chain Lead, Crypto.com
"As a Password Manager, Dashlane is responsible for securing some of the most sensitive data for organizations. Using AWS Nitro Enclaves, our customers are able to cut their integration setup time in half, while ensuring the highest level of security. AWS Nitro Enclaves offer an innovative way to fully isolate the encryption keys, allowing organizations to be confident that their data is private and protected, and that no unauthorized parties, including Dashlane, can see or access keys."
Frederic Rivain, Chief Technology Officer, Dashlane
"Protecting and processing highly sensitive information such as financial, healthcare, identity, and proprietary data is one of the main use cases for Evervault’s encryption infrastructure. At the core of Evervault is our Evervault Encryption Engine (E3), which performs all cryptographic operations and handles encryption keys for our customers. E3 is built on AWS Nitro Enclaves which provides an isolated, hardened, and highly constrained compute environment for processing sensitive data. Building E3 on Nitro Enclaves means that we can provide both security through cryptographic attestation, and a robust foundation for all other Evervault products and services. At no additional cost, Nitro Enclaves enable us to provide a highly secure, cost effective, and scalable service to our customers; a service that is capable of handling thousands of cryptographic operations per second.”
Shane Curran, Founder & CEO, Evervault
"Footprint’s mission is to bring trust back to the internet, and our first priority is to make sure that we use the most sophisticated and robust vaulting architecture to store, encrypt, and process sensitive financial and personal data for our customers and their users. To accomplish this, we’ve architected and built Footprint’s core vaulting infrastructure on top of AWS Nitro Enclaves because of the world-class security it provides: the ability to run cryptographically signed and attested code in a CPU, memory, and network isolated environment to massively lower the attack surface area and provide our customers with a security foundation that far outpaces the normal approaches businesses use today.”
Alex Grinman Co-founder & CTO of Footprint
"Itaú Digital Assets is Itaú Unibanco's business unit responsible for the development of solutions using the blockchain technology. In this context, Nitro Enclaves has helped us create a safe environment for the manipulation of cryptographic keys of our cryptoassets custody services, adding yet another layer of protection for processing data while reducing the attack surface at the same time. This high-level of protection was a key factor that allowed the execution of complex solutions associated with the excellence in security, one of the main pillars of our institution."
Carlos Eduardo Mazzei, Chief Technology Officer at Itaú Unibanco
"M10 Networks, Inc develops and deploys their M10 Ledger Platform, a service for developing and distributing central bank digital currencies and tokenized regulated liabilities, on AWS. The Ledger Platform uses AWS Nitro Enclaves to perform signature verification and cryptographic re-signing of batches of transactions. Using AWS Nitro Enclaves on AWS latest M6i instances, M10 is able to deliver a performant and cost effective solution for the digital currency market.”
Sascha Wise, M10 Founding Engineer
"Okta, an Identity as a Service (IDaaS) company, helps connect any person with any application on any device. Okta provides enterprise-grade identity management service for customers in the cloud or using on-premises applications. Okta’s Privileged Access Management (PAM) solution helps organizations manage risk by bringing critical PAM capabilities into core Identity and Access Management solution, including privileged access management, credential vaulting, and compliance reporting. Okta uses Nitro Enclaves to securely manage and store customer infrastructure credentials in their respective Okta PAM solution. Okta’s PAM solution leverages Nitro Enclaves help to manage customer credentials in a vetted and cryptographically attested environment. Using AWS Nitro Enclaves, Okta protects customers from attacks as part of our defense-in-depth architecture. Okta looks forward to expanding the capabilities of Okta Privileged Access on top of Nitro Enclaves continuing to build a secure foundation for protecting access to customer ecosystem."
Smitha Prasad, Director of Engineering, Okta