[Cryptography] HSMs or Intel SGX? Which is harder to hack?
grarpamp
grarpamp at gmail.com
Sun Feb 19 00:00:13 PST 2017
On Thu, Feb 16, 2017 at 8:57 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> If you wanted to store secrets so securely that you could never get them
> out, how would you do it? The secrets need to be usable for things like
> signing, but they should be unrecoverable. In particular, is it better to
> buy an HSM, or use Intel's SGX mode on some of its newer processors?
Don't use a general purpose device.
Though certainly dedicated HSM's have their list of hacks too.
Note that some regard SGX
https://github.com/kudelskisecurity/sgxfun
as having already been broken
https://www.ibr.cs.tu-bs.de/users/weichbr/papers/esorics2016.pdf
and btw ASLR just got beat up again
https://www.vusec.net/projects/anc/
https://github.com/vusec/revanc
https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-about-to
-make-drive-by-exploits-much-nastier/
Esorics 2016 freebies
http://link.springer.com/book/10.1007/978-3-319-45744-4
http://link.springer.com/book/10.1007/978-3-319-45741-3
More information about the cypherpunks
mailing list