Conversation
Jarkko Sakkinen
jarkko
Edited 10 months ago
To this day even tho I've contributed #Intel #SGX support to the kernel, I don't know how to check the chain as an end user.
E.g. Signal claims to use Intel SGX. How do I verify that for my benefit? There really should be some sort of universal standard for attestation of SGX/TDX/SNP workloads.
I mean the workload itself can be with a proprietary technology but attestation should be standardised. With that we could perhaps have something like certification chain that goes from data center up to the web browser.
I think confidential computing today is broken because of this and for most somewhat useless, expect in the white papers speaking about military grade security and all that :-) The hardware is expensive, attestation is broken and even the terminology is broken. In normal crypto-terminology confidentiality does not guarantee integrity. Better name would be thus trusted computing and somewhat easier to put into your mouth too. I've hated that term since I first heard about it.
E.g. Signal claims to use Intel SGX. How do I verify that for my benefit? There really should be some sort of universal standard for attestation of SGX/TDX/SNP workloads.
I mean the workload itself can be with a proprietary technology but attestation should be standardised. With that we could perhaps have something like certification chain that goes from data center up to the web browser.
I think confidential computing today is broken because of this and for most somewhat useless, expect in the white papers speaking about military grade security and all that :-) The hardware is expensive, attestation is broken and even the terminology is broken. In normal crypto-terminology confidentiality does not guarantee integrity. Better name would be thus trusted computing and somewhat easier to put into your mouth too. I've hated that term since I first heard about it.
2
0
0
@jarkko when you mention confidential computing is broken does that include MPC protocol used in custody services?
0
0
0