Hi Mike. This idea reminds me of Microsoft's VC3, which runs Hadoop in SGX enclaves: http://research.microsoft.com/pubs/210786/vc3-MSR-TR-2014-39.pdf
On Sun, Aug 23, 2015 at 6:34 AM, Mike Hearn <[email protected]> wrote: > Useful article Moxie, thanks. > > There is a way to do practical PIR for the contacts use case, although > nobody here will like it much. > > You use the new SGX features in the Intel Skylake+ processors to create a > trusted computing "enclave" that generates some encryption keys. Then your > other servers do the same, and remotely attest to the first what software > they're running. The first then gives them copies of the keys as well. Now > you have a server farm with encryption keys you don't yourself know, and > cannot extract without impractical time and expertise spend breaking the > hardware security on the x86 chips. > > This isn't as good as mathematically unbreakable security that relies on > heat-death-of-the-universe type arguments, but it's in practice nearly as > good, and would actually be deployable. > > Once you have provisioned the keys, you can then use regular encrypted > block storage to protect the database which can be stuffed onto regular > sharded disk storage. Or you can store the whole thing in RAM on some of > the lookup servers, if it fits (SGX encrypts RAM). Or get fancier and use > one of the new ORAM algorithms. > > SGX isn't quite launched yet. There is a lot of technical documentation > about it, but it's not quite clear when Intel will consider the tech > production ready and release all their tools/SDKs publicly. > > Once it's out there, I think it'd be the next step for protection of > contact lookups. > > _______________________________________________ > Messaging mailing list > [email protected] > https://moderncrypto.org/mailman/listinfo/messaging > >
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
