Dr. Nigel Edwards

This has to be done.

We need a common set of tooling across different vendors.

And we need common services, which is why we made our attestation service open source.

If we can get that right, then I think in maybe five years or so, it will become a regulatory requirement for sensitive data to be protected by these technologies.

It will be form part of that.

And if you're not using it, then you won't be in compliance with the regulations.

We will get to the point where the default will be that this is turned on when you create virtual machines.

And also price of containers as well.

It's using the same underlying technology, but for deploying virtual machines or deploying container workloads.

the confidential computing capability will just be turned on.

And developers and system users, they won't even be aware it's turned on.

I think the good thing is that the encryption algorithm that's used for this is AES.

And AES can be accelerated very efficiently by silicon.

So today, when we've got the hardware acceleration in place, the overhead we're measuring is an order of a few percent, 1%, 2% for most workloads, maybe 5%, sort of worst case.

But you require the hardware acceleration, the capabilities in the silicon.

I mentioned that SPDM is not fully in the silicon yet.

So we're having to basically emulate that in software.

So there you're seeing an overhead, therefore, of 10 to 20%.

But that will go in the next generation of silicon.

So in a couple of years' time, that will be back down to order of 1%, 2%, which is negligible.