[Cryptography] Intel SGX: Augean stables piled higher & deeper?

Henry Baker hbaker1 at pipeline.com
Tue May 19 11:11:57 EDT 2015 

At 01:26 PM 5/18/2015, Steve Weis wrote:
>I think SGX is one of the most significant new security architecture features from Intel.  I'm looking forward to experimenting with it as a defensive tool.
>
>For those who aren't familiar with SGX, see the links below.  Some pros and cons that I see:
>+ You can run code in a "secure enclave" that is not accessible from either ring-0 code or SMM.

Mathematical proof?

>+ Secure enclaves are backed by physically encrypted memory, and thus not exposed to cold boot attacks or non-volatile RAM.

Mathematical proof?

>+ Enclaves should be remotely attestable with CPU-bound public keys using anonymized or pseudonymized signatures.

Mathematical proof?

>- Enclaves are limited in size; I think 128MB initially.
>- Enclaves are user-land code only.
>
>I expect adoption will be slow since there needs to be support in build tools, the kernel, and around enclave management.  There are also limited applications since it's user mode only, but performing cryptographic operations is a nice use case.
>
>That is one of the reasons there are concerns about SGX enclaves being used for DRM (see [2]).  I think the flip side is the potential as a privacy-preserving technology.  You could run your own code on leased hardware without the service provider being able to see what it is doing.

Mathematical proof?

>[1] https://www.nccgroup.trust/en/blog/2015/01/intel-software-guard-extensions-sgx-a-researchers-primer/
>[2] http://theinvisiblethings.blogspot.com/2013/08/thoughts-on-intels-upcoming-software.html
>[3] http://theinvisiblethings.blogspot.com/2013/09/thoughts-on-intels-upcoming-software.html

My point is that I can come up with all sorts of ideas that aren't mathematically sound, but which sound good. -- e.g., a program that tests another program for "bad" behavior (something that politicians would love to do, but -- like the transcendental nature of pi -- is not susceptible to politically-motivated laws).

http://en.wikipedia.org/wiki/Indiana_Pi_Bill

If Intel can't provide sound & complete & public proofs for their wet dreams, then these technologies are simply more BS for the pile.

In the absence of such mathematical proofs, Intel SGX is providing more "security through obscurity" than true security.

The existing experience with UEFI insecurity does not bode well for SGX.

Intel could provide a lot more security by _removing certain misfeatures_ than by adding any new misfeatures.

More information about the cryptography mailing list