Intel has promised to introduce full memory encryption in its processors. This feature is similar to what AMD already offers in its CPUs, but does not necessarily make Intel's chips immune to side-channel attacks such as Spectre and Meltdown.

This type of attack exploits vulnerabilities in various techniques employed by the processor, such as out-of-order execution (OOOE), branch prediction, and speculative execution, all of which are designed to improve performance Meltdown and Spectre CPU We've posted a detailed guide on what you need to know about exploits, if you haven't already.

Memory encryption can help against this type of attack, but as our friends at Tom's Hardware point out, researchers warn (PDF) that it is not enough to completely stop side-channel attacks. However, it is not without merit.

One way Intel protects its chips from attacks is through a feature called Software Guard eXtensions (SGX). Available on both enterprise and consumer processors, SGX is a hardware encryption technique that acts as a "secure enclave" within the memory section, but only for small amounts of data.

Arstechnica provides a thorough description of the technical details, but in brief, SGX has some limitations; SGX only works on Intel processors, and developers must design their applications to specifically take advantage of SGX. [In contrast, AMD's Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV) features are more flexible. SME can encrypt all system RAM without imposing any special considerations on the application developer. In addition, AMD's implementation is not only more flexible than SGX, but also has a smaller performance impact.

Intel attempts to remedy this with two features called TME (Total Memory Encryption) and MKTME (Multi-Key Total Memory Encryption). According to Intel, TME and MKTME are not yet present in actual CPU hardware, but will eventually become present.

Although not specifically mentioned at the Security Day event, this is to be on par with AMD's processors and will probably surpass AMD's memory protection scheme. When it comes out, it will support encryption of regular memory, volatile DRAM, and persistent/non-volatile memory such as 3D Xpoint.

It is too early to judge what this will mean for consumers, and it is not likely to be available with an impending CPU announcement such as Comet Lake. But it is definitely something we should keep an eye on.