What Is Intel® Trust Domain Extensions (Intel® TDX)
Content Type: Product Information & Documentation | Article ID: 000097227 | Last Reviewed: 06/01/2026
Support Knowledge Base
Environment
Intel Xeon
Intel® Trust Domain Extensions (Intel® TDX) is a hardware-based security technology designed to protect virtual machines (VMs) from unauthorized access, even by the system software that manages them. TDX enables a new class of workloads known as confidential virtual machines, which keep data and code private while in use.
TDX is part of Intel’s broader Confidential Computing portfolio, focused on protecting sensitive workloads in modern, multi-tenant cloud environments.
The Problem Intel® TDX Solves
In traditional virtualization models:
- The hypervisor and host operating system have full access to VM memory.
- Cloud operators and infrastructure software are inherently trusted.
- Sensitive workloads (cryptographic keys, personal data, proprietary algorithms) are exposed at runtime.
This model creates risk when workloads run in shared or untrusted environments.
What Is a Trust Domain Intel® TDX?
Intel® TDX introduces the concept of a Trust Domain (TD).
A Trust Domain is:
- A special type of virtual machine
- Enforced and isolated directly by Intel CPU hardware
- Protected from the hypervisor, host OS, and other VMs
Even software running at the highest privilege level outside the TD cannot inspect or modify its memory or CPU state.
How Intel® TDX Works (High Level)
- Hardware-Enforced Isolation
The Intel processor enforces strict isolation between:
- Trust Domains
- The hypervisor
- Other system software
This reduces reliance on software-based security controls.
- Memory Encryption
Each Trust Domain uses:
- Dedicated, hardware-managed encryption keys
- Automatic encryption and decryption of memory
Encrypted memory cannot be read or reused by other components.
- Controlled Interfaces
Intel® TDX limits and validates interactions between:
- Trust Domains and the hypervisor
- Trust Domains and physical hardware
Only approved operations are allowed, reducing the attack surface.
- Attestation
Intel® TDX supports remote attestation, enabling a workload to prove:
- It is running on genuine Intel hardware
- Intel® TDX protections are enabled
- The initial software state is trusted
This is critical for zero-trust and compliance-driven deployments.
Intel® TDX vs Traditional Virtual Machines
| Feature | Traditional VM | Intel® TDX |
| Hypervisor trust | Fully trusted | Treated as untrusted |
| Memory visibility | Readable by host | Encrypted and isolated |
| Isolation | Software-based | Hardware-enforced |
| Cloud suitability | Standard | Confidential workloads |
Intel® TDX vs Intel® SGX
| Feature | Intel® SGX | Intel® TDX |
| Protection scope | Application enclaves | Full virtual machine |
| Programming model | Specialized | Standard OS and VM |
| Cloud scalability | Limited | High |
| Primary use | App-level security | VM-level security |
Intel® TDX is designed specifically for cloud-scale confidential VMs, while SGX focuses on application-level isolation.
Common Use Cases
Intel® TDX is well-suited for:
- Confidential cloud workloads
- Multi-tenant environments
- Financial services and healthcare data processing
- Secure AI and machine learning pipelines
- Cross-organization data sharing
- Bring-your-own-key (BYOK) scenarios
Benefits of Intel® TDX
- Strong hardware-based isolation
- Reduced trust in cloud infrastructure
- Compatibility with existing VM-based workflows
- Improved compliance and data protection
- Support for confidential computing architectures
