#eweekchat - CrowdChat

Confidential Computing

JOIN US: This is a chat-based conversation about how a newly recognized trend in IT security that follows data all the way through the transom and protects it at every stage--including when it's processing. Join us!

#eweekchat @editingwhiz @rodrigue_@technophobe01 @brucekornfeld

LeaderBoard

#eweekchatNext-Gen Cloud ServicesJOIN US: This is a chat-based conversation about new types of cloud (and cloud delivery) services, which are becoming more pervasive and diversified than ever. We are becoming more dependent on the cloud each day--especially during the COVID-19 pandemic. Join us!

#eweekchatLegacy Company InnovationJOIN US: This is a chat-based conversation about how companies that have become standard providers are--or are not--continuing to be creative. New competitors are entering the markets all the time, so the pressure is on. Join us!

Stream Ended

Establishing a secure connection

Bruce Kornfeld5

A2: Very interesting concept. Edge and IoT typically means smaller and smaller form factors - but - with Moore's Law continuing, these TEE with hardware and chipsets are available even at the edge.

[+] Show Hidden Comments

In fact, TEE has been around in ARM chips (and x86) for years, trouble is, many vendors don't make use of it because they cut corners to save on costs

Will we be able to defend against ALL new attack surfaces? well....CC will help...but I don't think you can ever say "All"

Agreed. Its a leap frogging problem... I make a defensive move and you make one better...

(edited)

Agree, TEEs themselves don't address attacks like social engineering or physical theft. They must be paired with classic physical security appropaches.

@jckgld agreed. we see that changing over the coming months and quarters.

Yes, but we still will have legacy systems to deal with that are exposed, and that will remain with us for a long time...

A core problem with edge and IOT is computational power. A key aspect is that you want to remove security observer overhead. This is something that is close to my heart ;-)

More places to put up wall the better, right? But I do see your point about computational power. Intel/AMD/ARM should be solving that part of the equation - that's one of the things that keeps our industry advancing!

Chuckle, it is a problem I work on, check out Moving target Defense - we approach the problem differently.

Will do, Pete. Sounds interesting.

A2 In the not too distant future (5-10 years), most encryption will be broken by Quantum Computing, so its imperative we look for quantum safe encryption, and that includes in the internals of traditional computing systems

[+] Show Hidden Comments

Chris Preimesberger

Wow. It's never too early to look at the potential impact of future IT like quantum. But is it practical to invest in this at this early stage?

Its likely to take us 5+ years to upgrade all the embedded encrypted systems we use, so yes, its time to start looking at it seriously... If we wait, it will be too late

Quantum computing is interesting...but I just don't see that having a real practical impact anytime soon. In fairness - you say 5-10 years...so I can see that point.

One time keypads (OTP) are arguably defensible against Quantum computing. The problem is key distribution, it is worth looking into. There is a lot of research into key distribution for the above reasons.

https://pastebin.com/raw/XSsyUb0f

https://pastebin.com/raw/XSsyUb0f

Chris Preimesberger

So Pete, you're talking about keypads that blow up after you use them once?

Yes, however you can use them as a bootstrap mechanism. They are very secure (chuckle) the problem is not the keypad it is sharing the keypad.

OTP is a beautiful thing, you can insert temporal and location entropy to make the retrieval possible. i.e. Meet me here in the either at this time, present this credential and I'll give you a one time keypad. Rinse, repeat.

Chris Preimesberger3

Q2: Will we still be able to defend all the new attack surfaces using this CC method in IoT, edge computing and mobile computing?

[+] Show Hidden Comments

Rodrigue Hajjar

A2: We have been seeing more high profile attacks while data is being used (memory-scraping). Confidential computing helps alleviate some of that responsibility though I do think there are still important security practices for software engineers to use and keep in m

Chris Preimesberger

@rodrigue_ Good point, Rodrigue. Can you offer a couple of examples of those important security practices?

It has to be a combined effort - both the HW and SW have to maximize security to make either work effectively

A core problem today is that "An attacker only needs to find a single weakness to exploit all like systems." Why? All software today is distributed a single clone instance. This means that an exploit for one, will work for all of the same OS version.

There is a gap today in security, the time between discovery of an exploit and its patching. That period is what we call the patch gap. You have no defense if connected to the internet.

A great example of this was Dell, and Sonic wall - Dell didn't release a second patch and the hacker go into the Cayman Island bank. Dell is a leader in security threat mitigation, it took just one omission to gain access.

(edited)

@TechnoPhobe01 The problem is not people, expertise or diligence or lax company processes. It is mathematics, in that it only takes one exploit to win as a cyber attacker.

This is why data integrity and security is becoming so important.

Read section 4 onwards https://pastebin.com/raw/XSsyUb0f

(edited)

https://pastebin.com/raw/XSsyUb0f

Exactly correct. And all the derivatives of the system are also exposed once a flaw is discovered. Often weak components make there way into systems for generations (Cisco routers had this issue)

Rodrigue Hajjar

For software engineers: Encrypt the data in storage, encrypt the data in transit. Don't re-invent the wheel with encryption, use existing proven protocols and mechanisms. I like to share this internally: https://github.com/OWASP/

OWASP
The OWASP Foundation. OWASP has 747 repositories available. Follow their code on GitHub.

so does this argument mean CC isn't as important?

Chris Preimesberger0

Q2 on deck ...

[+] Show Hidden Comments

A1 CC is more than just protecting data, which we do, more or less, reasonably well with encryption. Its about protecting the compute logic associated with the utilization of data. Its about the apps, transmission, storage and more which we do poorly in many cases.

[+] Show Hidden Comments

Chris Preimesberger

Thank you, Jack. Protecting the compute logic is a key term.

A1: Confidential Computing protects data in use by performing computation in a
hardware-based Trusted Execution Environment. These secure and isolated
environments prevent unauthorized access or modification of applications
and data while they are in use, thereby increasing th

[+] Show Hidden Comments

Chris Preimesberger

Thanks, Seth. Do you do security for a company called Samsung? ;-)

Chris Preimesberger2

Q1 addendum: So CC (shortcut!) means protecting data from creation to cold storage, and everything in between. Isn't that what we're doing right now?

[+] Show Hidden Comments

"from creation to cold storage" is very broad. Until CC, protecting data while its being computed wasn't commonplace or easy to do.

Chris Preimesberger

@brucekornfeld Thanks for the alignment in terminology! CC, then really involves data in creation and in transit. Fair statement?

Yes - a TEE (Trusted Execution Environment) could include both data in movement and creation, but the common denominator is that its about computing - inside a computer. Data in transit outside the box is protected in other ways.

@brucekornfeld Agreed

A problem we increasingly see is the creation of false data. You have to be able to verify the data has not been tampered with.

@TechnoPhobe01 Consider for example, sensor data that we use to model a large system. We have to be able to verify the data has not been tampered with. The Iraq nuclear hack copied the data from the system then played it back. Meanwhile increasing rotation speed.

Rodrigue Hajjar

Nicely said @brucekornfeld .
Client <--We know how to transit data securely--> Server <--We know how to store securely--> DB
We have had secure enclaves on smartphones for a while now.
CC is a good addition to the server piece, whenever we need to work with data.

Rodrigue Hajjar0

A1: Level of effort - With CC we have data encrypted in memory and outside the CPU. With less effort, we can deploy our services and apps while knowing (instead of simply trusting) that our services will be more resistant to folks having physical access.

[+] Show Hidden Comments

Chris Preimesberger1

Q1: What are the key facets of confidential computing that separate it from conventional security?

[+] Show Hidden Comments

Typically, "conventional" security typically address protection against threats before they make it into a system and/or protecting data at rest. Confidential Computing is all about protecting data while it is being processed inside a computer. So its another layer

Chris Preimesberger

@brucekornfeld So Bruce, does this mean CC has to be embedded inside chips?

Kinda of. It doesn't have to be completed embedded inside chips. But there is a hardware (chip level) component to CC. This is where the extra security and processing power comes from.

Two examples of chip level options would be TPM and SGX.

Confidential computing entails Security, Encryption, Auditing, and Verification of use of the data for me. You have to be able to control access, be able to see what is being accessed, and verify by whom.

(edited)

A key aspect of this is technologies such as homomorphic encryption.

@TechnoPhobe01Worth reading: https://en.wikipedia.org/wiki/Homomorphic_encrypti...

Homomorphic encryption - Wikipedia
Homomorphic encryption is a form of encryption allowing one to perform calculations on encrypted data without decrypting it first. The result of the computation is in an encrypted form, when decrypted the output is the same as if the operations had b...

Chris Preimesberger

@TechnoPhobe01 I'm thinking, Pete, that we wil be looking up this definition a lot more often as time goes by!

Homomorphic Encryption provides confidentiality at the place of computation, but does not guarantee the correct operation was done. Running HE inside an attested TEE, for example, can provide such an assurance.

First, CC is data-centric vs other perimeter or endpoint approaches. Second, it is protecting data end to end throughout its lifecycle enabling a 'failsafe' scenario.

Chris Preimesberger0

Q1 coming right up ...

[+] Show Hidden Comments