(Image taken from the re:Inforce 2019 slides of this talk.)
When building the Nitro system, AWS paid special attention to the following security precautions:
The functionality of the Nitro system is provided by various PCI-card like devices. This design is inspired by microservice software architectures.
Some types of devices include:
The Nitro controller manages the host, hypervisor, and the other Nitro devices in the system.
The Nitro controller:
The Nitro EBS subsystem provides EBS volumes as NVMe devices to the motherboard.
All encryption happens on the Nitro device, encryption keys are managed by KMS, encryption keys can not be accessed by the EC2 host.
The Nitro local storage subsystem provides ephemeral volumes as NVMe devices to the motherboard.
All encryption happens on the Nitro device, encryption keys are generated on, and never leave, the device.
After use, the volumes are cryptographically wiped, i.e., the keys are removed, the actual data in encrypted form remains on the physical disks. Before use, the first and last bytes of the volumes are zeroed to prevent confusing the guest operating system (as the device would still be filled with “random” data from previous uses).
The Nitro VPC subsystem provides network interface controller devices to the motherboard.
The VPC stack runs on the Nitro system; only the Nitro system has access to the private AWS network, the EC2 host and guests can only access the network via the Nitro system.
All traffic between Nitro powered instances is transparently encrypted on the Nitro system, traffic to non-Nitro instances is not encrypted as this would impact the performance.
The Nitro security chip guards the firmware of the motherboard in two ways:
The Security Benefits of the Nitro architecture session taught us: