On Thu, Feb 16, 2017 at 8:57 AM, Bill Cox <waywardg...@gmail.com> wrote: > If you wanted to store secrets so securely that you could never get them > out, how would you do it? The secrets need to be usable for things like > signing, but they should be unrecoverable. In particular, is it better to > buy an HSM, or use Intel's SGX mode on some of its newer processors?
Don't use a general purpose device. Though certainly dedicated HSM's have their list of hacks too. Note that some regard SGX https://github.com/kudelskisecurity/sgxfun as having already been broken https://www.ibr.cs.tu-bs.de/users/weichbr/papers/esorics2016.pdf and btw ASLR just got beat up again https://www.vusec.net/projects/anc/ https://github.com/vusec/revanc https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-about-to -make-drive-by-exploits-much-nastier/ Esorics 2016 freebies http://link.springer.com/book/10.1007/978-3-319-45744-4 http://link.springer.com/book/10.1007/978-3-319-45741-3