Information Security Asked by Aventinus on November 4, 2020
I was in a workshop about privacy recently and at some point, a passionate debate started about Intel’s Software Guard Extensions (SGX). Although I have a security background (Master in Information Security), I find it very difficult to understand exactly how SGX works. But I understand that it is an alternative to homomorphic encryption, since it can process data securely way faster than homomorphic encryption does.
At that workshop some people made the argument that there are no guarantees about privacy when it comes to SGX and that, by using SGX, you basically have to consider Intel a trusted third party.
My question is: What are the concerns, or drawbacks, regarding Intel’s SGX when it comes to privacy?
Intel SGX does not really replace homomorphic encryption. It is designed to protect from compromise of one of the communicating computers by verifying, that the other computer runs the correct, unmodified software and that any data the SW saves can be only read by the unmodified software. You have to trust Intel to achieve this. This can be used to for example make sure, that self-destructing messages are really deleted by the other party in communication. Signal wants to use it to confirm they don't keep user metadata and contact list.
On the other hand, to protect the data, you can still add your own encryption as an inner layer, whether in transport or at rest.
As for privacy and trust in Intel, this is a moot point considering the Intel Managment Engine is effectively a backdoor into your computer black box with full access to your computer, that can not be fully removed or disabled.
Answered by Peter Harmann on November 4, 2020
0 Asked on December 30, 2020 by uncaught
1 Asked on December 29, 2020 by gsnail
1 Asked on December 29, 2020 by user242761
1 Asked on December 28, 2020 by appdeveloper
0 Asked on December 27, 2020 by waterbyte
2 Asked on December 26, 2020
4 Asked on December 26, 2020 by userk
1 Asked on December 26, 2020 by citylight
3 Asked on December 25, 2020 by thanatos
1 Asked on December 25, 2020
6 Asked on December 24, 2020 by acsor
1 Asked on December 22, 2020 by canine
cryptography hash john the ripper password cracking passwords
1 Asked on December 20, 2020 by badddy
1 Asked on December 19, 2020 by user851
2 Asked on December 15, 2020 by turnip
2 Asked on December 12, 2020 by gethopr
2 Asked on December 8, 2020 by nutle
2 Asked on December 7, 2020 by mojo
Get help from others!
Recent Answers
Recent Questions
© 2023 AnswerBun.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP