AWS Nitro Enclaves

Isolated compute in VM. No SSH, no persistent storage. Attestation proves running enclave. CPU-based (Intel SGX historically).

Advertisement

NVIDIA H100 Confidential Compute

GPU-level confidential compute. Enclave extends to GPU memory. Enables encrypted LLM inference at speed. Preview 2024.

Advertisement

Attestation

Enclave proves its identity via signed measurement. Client verifies before sending secrets. Zero trust cloud.

Trade-offs

~5-10% perf penalty for CC. Complex deployment. Limited to specific hardware.