[Cryptography] Intel SGX: Augean stables piled higher & deeper?

Henry Baker hbaker1 at pipeline.com
Wed May 20 09:19:21 EDT 2015

At 06:02 AM 5/20/2015, Peter Gutmann wrote:
>Henry Baker <hbaker1 at pipeline.com> writes:
>>Mathematical proof?
>Because all of the existing security mechanisms we use also have rigorous mathematical proofs?

No.  But many/most hardware "improvements" come with serious glitches that are only appreciated in hindsight.

Since SGX is intended as an "improvement" in security, it deserves a much higher level of scrutiny than do other types of HW improvements.  In particular, it deserves some sort of proof that this "improvement" didn't inadvertently (or not: NSA) introduce additional bugs/insecurities.

We spend endless hours debating random number generators, but modifications like this get a pass.  How come?

More information about the cryptography mailing list