-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2013.06.20 22.55, Steve Weis wrote: > Hi Eleanor. I am a co-founder of PrivateCore and happy to answer > questions. I'll keep it non-commercial and focus on the technical > answers for this mailing list:
Thanks for responding! > "[It isn't] clear how the initial keying is performed" > > ...Please let me know if you have more questions. To have a secure channel between two processes/compartments (in this case, the CPU of the hosted machine and the remote, non-service-provider-controlled system), they must share a secret. Just encrypting local system memory with a key generated on the CPU doesn't permit secure communication - e.g., you have no way of getting data in and out of the compartment. Doing computation on known inputs where trojaned hardware can read both the input data and the code isn't useful, because the work can just be done in parallel by your adversary. So, to provide useful benefit, I assume you must have a method for secret-sharing between processes/compartments. What is it? E. - -- Ideas are my favorite toys. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iF4EAREIAAYFAlHEuE0ACgkQQwkE2RkM0wpwiQD9HcScoAMTi5hpPYTSEDjdetpg 4rFKX/8wh+DlyaMF2mIA/2yvPf2EL1SK+eNrWrE9xz8vCue+as2AI/osNHB05uZX =k5++ -----END PGP SIGNATURE----- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
