[messaging] Encrypted Pulic Contact Discovery
steveweis at gmail.com
Sun Aug 23 11:05:50 PDT 2015
Hi Mike. This idea reminds me of Microsoft's VC3, which runs Hadoop in SGX
On Sun, Aug 23, 2015 at 6:34 AM, Mike Hearn <mike at plan99.net> wrote:
> Useful article Moxie, thanks.
> There is a way to do practical PIR for the contacts use case, although
> nobody here will like it much.
> You use the new SGX features in the Intel Skylake+ processors to create a
> trusted computing "enclave" that generates some encryption keys. Then your
> other servers do the same, and remotely attest to the first what software
> they're running. The first then gives them copies of the keys as well. Now
> you have a server farm with encryption keys you don't yourself know, and
> cannot extract without impractical time and expertise spend breaking the
> hardware security on the x86 chips.
> This isn't as good as mathematically unbreakable security that relies on
> heat-death-of-the-universe type arguments, but it's in practice nearly as
> good, and would actually be deployable.
> Once you have provisioned the keys, you can then use regular encrypted
> block storage to protect the database which can be stuffed onto regular
> sharded disk storage. Or you can store the whole thing in RAM on some of
> the lookup servers, if it fits (SGX encrypts RAM). Or get fancier and use
> one of the new ORAM algorithms.
> SGX isn't quite launched yet. There is a lot of technical documentation
> about it, but it's not quite clear when Intel will consider the tech
> production ready and release all their tools/SDKs publicly.
> Once it's out there, I think it'd be the next step for protection of
> contact lookups.
> Messaging mailing list
> Messaging at moderncrypto.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging