[messaging] Encrypted Pulic Contact Discovery

Steve Weis steveweis at gmail.com
Sun Aug 23 11:05:50 PDT 2015


Hi Mike. This idea reminds me of Microsoft's VC3, which runs Hadoop in SGX
enclaves:
http://research.microsoft.com/pubs/210786/vc3-MSR-TR-2014-39.pdf

On Sun, Aug 23, 2015 at 6:34 AM, Mike Hearn <mike at plan99.net> wrote:

> Useful article Moxie, thanks.
>
> There is a way to do practical PIR for the contacts use case, although
> nobody here will like it much.
>
> You use the new SGX features in the Intel Skylake+ processors to create a
> trusted computing "enclave" that generates some encryption keys. Then your
> other servers do the same, and remotely attest to the first what software
> they're running. The first then gives them copies of the keys as well. Now
> you have a server farm with encryption keys you don't yourself know, and
> cannot extract without impractical time and expertise spend breaking the
> hardware security on the x86 chips.
>
> This isn't as good as mathematically unbreakable security that relies on
> heat-death-of-the-universe type arguments, but it's in practice nearly as
> good, and would actually be deployable.
>
> Once you have provisioned the keys, you can then use regular encrypted
> block storage to protect the database which can be stuffed onto regular
> sharded disk storage. Or you can store the whole thing in RAM on some of
> the lookup servers, if it fits (SGX encrypts RAM). Or get fancier and use
> one of the new ORAM algorithms.
>
> SGX isn't quite launched yet. There is a lot of technical documentation
> about it, but it's not quite clear when Intel will consider the tech
> production ready and release all their tools/SDKs publicly.
>
> Once it's out there, I think it'd be the next step for protection of
> contact lookups.
>
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150823/9e4426b8/attachment.html>


More information about the Messaging mailing list