Hi Jim. Always interesting to see reporting on topics that have any mention of encryption...such an easily misunderstood area of technology. Reporters misunderstand Confidential Computing all the time, and this one made the same mistake I've seen made nearly universally: stating that the data is being operated on in memory while encrypted. This is not how the Intel SGX model works, though it is understandable that journalists get this wrong. The author of the article states that the following: "
In-memory encryption, another term for confidential computing, encrypts data in use to eliminate the possibility of exposure." This is incorrect. Data is not encrypted in use. The Intel SGX hardware leverages cryptography in the overall solution, but once data is brought into the enclave it must be decrypted in order to operate on the data. What the author should have included in the article was a statement that in the case of application code that was developed as a "shim" for your application - or, in the case of Fortanix, a 3rd party application - you must trust the application code instead of the cloud provider. In other words, either you must write
(or re-write) all of your own application code to natively leverage SGX, or you must trust the code of the vendor that writes it. Of course in the case of code that is written by the CSP that is hosting the "Confidential Computing" environment you are still placing trust in the cloud provider that there is no "back door" in their code. There are schemes that will attempt to provide attestation for that 3rd party code (again, using cryptographic methods) but ultimately unless the customer owns all the code that is allowed to run (and handle data) in the enclave there will be a non-zero risk of data compromise.
Years back I was interviewed for an article in CIO Magazine. It had to do with cloud providers' access to customer data. They got encryption details wrong, too. Nearly all reporting on this topic includes some kind of technical error, and obviously in this case you weren't asked about these dynamics and I agree with everything you were quoted as saying. I'm currently addressing this topic from one angle in the Cloud Key Management Working Group, but am thinking that the document doesn't cover anything on Intel SGX and key management challenges in that particular case...maybe we should. Your thoughts on this would be appreciated.
------------------------------
Paul Rich
------------------------------
Original Message:
Sent: Apr 23, 2020 12:38:01 PM
From: Jim Reavis
Subject: Confidential Computing
I was interviewed for an article about Confidential Computing at Dark Reading. If you are not familiar with the topic, it is about using the Trusted Execution Environment in the computer hardware to protect very sensitive data and compute so that even the CSP cannot see what the tenant is doing. The context was IBM's announcement. Right now this is fairly nascent in cloud, it will be interesting to see how it develops.
https://www.darkreading.com/cloud/ibm-cloud-data-shield-brings-confidential-computing-to-public-cloud/d/d-id/1337626
------------------------------
Jim Reavis CCSK
Cloud Security Alliance
Bellingham WA
------------------------------