Homomorphic encryption ?
#justsayin
Problem is that's old and hackneyed, and so unlikely to prise open the wallets of the neophiles.
Amid the theft of billions of dollars in cryptocurrency over recent months, confidential computing may have a role in protecting people's money in future. Confidential computing aims to isolate sensitive data and code without exposing it to the rest of the host system – including other applications and users, any rogue …
CTO Idan Ofrat commented on the need to "protect the private key itself".
Here's the thing.....this implies that the "private key" is persistent somewhere....stored....so it needs to be "protected".
If a Diffie/Helman transaction is exchanged between peers, the only exchange will be two random tokens.
The crucial part of this is that the shared secret key is calculated by each peer, then thrown away.
Note that a D/H implementation provides that:
(1) The token exchange can be used to calculate multiple secret keys, and so enable multi-pass encryption/decryption
(2) The token exchange tells a snooper nothing about the secret key(s), and nothing about the encryption algorithm
(3) The tokens and the secret key(s) are unique to each transaction
(4) The secret key(s) are calculated locally when needed (i.e. not stored), and can (and should) be thrown away after use
If this D/H protocol is used, it would seem that, since keys are never stored, there would be no need to "protect" keys.
What am I missing?
"Confidential computing" is a joke when OS can do whatever it wants with the data and every commercial OS leaks all of it to the mothership.
Even worse with PC machines which have remote control/spying baked at hardware level.Thanks Microsoft/Intel. No amount of software can bypass that, so there's zero confidentality. Only a fool believes there is.
Groan…..
Yet another shiny new buzz wank to suffer until someone points out how bollox it is and eventually the billions of venture capital being thrown at it dries up because of lack of interest or demonstrable practical application
Well I suppose we need something to replace “blockchain” don’t we?
Yuk
From https://www.fortinet.com/resources/cyberglossary/confidential-computing
"Confidential computing refers to cloud computing technology that can isolate data within a protected central processing unit (CPU) while it is being processed. Within the CPU’s environment is the data that the CPU processes and the methods used to process this data. This is only accessible to specially authorized—for the purpose of providing privileged access—programming code. The CPU’s resources are otherwise invisible and cannot be discovered by any program or person, and that applies to the cloud provider as well."
OK, so the CPU is isolated and the data cannot be read while inside this protected environment, but the comms in and out of the protected environment can be read and copied, and so can the code to be executed within. Or have I misunderstood?
Yes. Far more than the number that were due to private-key compromises.
Enclaves also have a number of documented vulnerabilities.
Frankly, the attack-tree difference between using an HSM for private-key protection and using any variant of creating and signing transactions in enclaves looks very small to me. The vast majority of vulnerability classes in the cryptocurrency / DeFi domain don't seem to be affected by this proposal. There are much bigger challenges in cryptocurrency and DeFi than private-key compromises in shared (cloud) environments, as anyone who reads Molly White's blog or similar sources knows.
So its security derived from a closed off environment? Like a container, or a VM, or a Java Applet?
No?
Oh, OK, but it enables you to share MRI images without sharing patient data... Like by not sharing patient data and only sharing images..?
El Reg. Can you explain what this is instead of quoting mouthpieces?
Because it sounds like useless bullshit at the moment