|
|
|
|
|
|
by eqvinox
1921 days ago
|
|
|
> At the lowest level of the stack, the hardware must be able to provide a TEE (trusted execution environment) that isolates the code and data of a given confidential workload from any other code running in a system—including code running at the highest privilege levels. [...] This in turn requires a hardware root of trust to hold the platform root secrets and signing keys, and a public-key infrastructure to endorse these keys. [...] Uh... no... what "the hardware must be able to provide" is a platform that I, the cloud user, trust. It's nice that the manufacturer installed some hardware key somewhere, but that just means the manufacturer can maybe trust this key. If the NSA or China wants my data, they'll just supply-chain-attack and replace whatever entity contains these keys with something else. The manufacturer might be able to determine that this replacement happened / trust is no longer established, but I can't. And, unfortunately, supply chain attacks like this are exactly what we're seeing, e.g. https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa... NB: you don't even have to replace the TPM/Processor/... with an identical, tampered component. You just need something that behaves the same as far as I can see. It could be some huge-ass FPGA board programmed to emulate shit and I wouldn't be able to tell as long as they got the emulation right. After all I can't go physically inspect the server... |
|
|
Getting the emulation right is nontrivial because you also need to extract the hardware key that's on the processor, otherwise remote attestation won't work.
Also, there are plenty of use cases for confidential computing that don't involve hiding from the NSA. For instance, if you simply don't want amazon (or their workers/contractors) to see your data.