Arqit NetworkSecure™ uses Intel® Trust Domain Extensions (Intel® TDX) to help increase confidentiality of both data in use and data in transit for sensitive workloads deployed across hosted environments.
Highly sensitive workloads require greater security controls, particularly when running on shared or managed infrastructure. Intel TDX creates a Trust Domain (TD), designed to encrypt and isolate Virtual Machines (VMs) from the underlying physical hardware, operating system, hypervisor, and other VMs. This robust security boundary increases VM security, even when attackers compromise the physical host. However, data entering or leaving the TD may still be at risk as it passes through a network interface or system bus. Arqit’s quantum-safe Symmetric Key Agreement Platform (SKA-Platform™) allows services running within a TD to create symmetric encryption keys that are considered safe to attack, even from quantum computers. This ensures data is encrypted securely before it leaves the TD boundary. The data can be shared with other TDs running on the same or different hosts with full end-to-end encryption. Encryption keys are ephemeral and never shared outside of the TD.
Together, Arqit and Intel provide a holistic solution designed to protect sensitive workloads and their data from external attacks. It’s especially well-suited for shared or managed infrastructure outside of the customer’s direct control, like the public cloud, and highly sensitive applications such as AI or user data processing. Not only does this protect the customer’s data, but it also benefits the hosting service provider as they can process and transmit data without any visibility, granting full sovereignty and reducing liability.