[jude-]

While I agree with Theo in principle, it sounds like he's precluding the possibility that one can create a virtualization layer with formally-proven correctness guarantees (be it a hypervisor, an OS, or an application VM). For example, seL4 is proven to be free of many common types of bugs (NULL pointer dereferences, use-after-free errors, buffer overflows, etc.) that lead to security holes. AFAIK, there is no such proof for OpenBSD.

I'm not trying to suggest that a virtualization layer with formal proofs of correctness is a security panacea (it's not--correctness is necessary but not sufficient for security). What I am suggesting is that there is a way forward to developing secure virtualization layers.

If anything, this paper suggests to me that it would be best if the lowest layer in the stack (be it the OS or the hypervisor) implemented some of the crypto primitives on behalf of the applications. I can't see any other way to run them while also guaranteeing that (1) their execution is correct with the specification, (2) they run in full isolation from one another, and (3) they avoid timing attacks and whatever side-channels we can think of.