[Cryptography] Intel SGX: Augean stables piled higher & deeper?
hbaker1 at pipeline.com
Tue May 19 13:33:01 EDT 2015
At 10:13 AM 5/19/2015, Steve Weis wrote:
>SGX is implemented through hardware mechanisms, not through cryptography or anything with a mathematical proof that would satisfy you. Yes, you do need to trust Intel to implement it correctly and yes, Intel certainly ships hardware with hundreds of errata.
Encryption is (nearly) _always_ broken through "errata". That's the reason why it is so hard; you can't make even one mistake.
>If Intel can't provide sound & complete & public proofs for their wet dreams, then these technologies are simply more BS for the pile.
>In the absence of such mathematical proofs, Intel SGX is providing more "security through obscurity" than true security.
>You seem to be asking for formal proofs of both the correctness of the architecture design and that a hardware implementation properly embodies the design. I can't think of any hardware which would satisfy your criteria.
Precisely my point about improving security by _removing_ misfeatures/errata, rather than by adding more.
More information about the cryptography