[Cryptography] Intel SGX: Augean stables piled higher & deeper?

Henry Baker hbaker1 at pipeline.com
Tue May 19 13:33:01 EDT 2015

At 10:13 AM 5/19/2015, Steve Weis wrote:
>Mathematical proof?
>SGX is implemented through hardware mechanisms, not through cryptography or anything with a mathematical proof that would satisfy you. Yes, you do need to trust Intel to implement it correctly and yes, Intel certainly ships hardware with hundreds of errata.

Encryption is (nearly) _always_ broken through "errata".  That's the reason why it is so hard; you can't make even one mistake.

>If Intel can't provide sound & complete & public proofs for their wet dreams, then these technologies are simply more BS for the pile.
>In the absence of such mathematical proofs, Intel SGX is providing more "security through obscurity" than true security.
>You seem to be asking for formal proofs of both the correctness of the architecture design and that a hardware implementation properly embodies the design.  I can't think of any hardware which would satisfy your criteria.

Precisely my point about improving security by _removing_ misfeatures/errata, rather than by adding more.

More information about the cryptography mailing list