[liberationtech] PrivateCore and secure hosting

[Eleanor Saitta]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

So, a bunch of us were talking about secure hosting in Tunis.  At one
point in a side conversation, PrivateCore came up as a tool that might
be interesting when you're looking at aggressive malware.  It's
designed to allow you to perform certain kinds of secure computations
in a context where you can't trust anything off the CPU die, including
your north bridge or main memory, while still allowing you to use
commodity x86 hardware.  This is interesting, as CPU packages are
relatively more expensive to tamper with than complete boards are, and
represent a smaller (the smallest possible?) target when looking at
issues like firmware rootkits.  Sadly, their available online
documentation doesn't make it clear how the initial keying is
performed; e.g., are they relying on secrets already baked into the
chip or using some initialization process?  If the latter, how do they
guarantee a trusted path to the chip during initialization, and if the
former, how do they ensure that the secret is actually secret to all
parties but the initializer?  If anyone knows more about them, I'd be
quite interested to hear it.

(There's a larger issue of their technology not being open source, for
our context, but that's a separate issue.)

E.

- -- 
Ideas are my favorite toys.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHDsWwACgkQQwkE2RkM0wovOwD+NFxHfUuR5KPfbYpxzTMXVNZX
jnYSrl2YEHQBzmKUFIEA/1GHlD8jm3Zw13LSJQC0MrlZ0Ev4cpnBT4B59KAm7DVL
=oQCa
-----END PGP SIGNATURE-----