Replying to Avatar Marks

This is a new level of encryption. Confidential computing uses enclaves on both the CPU and the GPU to encrypt the data while processing. The services use attestation to verify that they are running the proper software and sever the connection if the code has been tampered with.

So yes, E2EE typically is about encrypting data in transit. Now we can encrypt on the processing unit and in the memory.
Avatar
semisol 11mo ago

Contrary to popular belief, enclaves do not have encrypted state

The isolation and confidentiality is enforced by the AWS Nitro hypervisor

Any code on the hypervisor can bypass confidentiality

Reply to this note

Please Login to reply.

Discussion

Avatar
AdamHodl 11mo ago

As a layperson your comment comes across sounds like a back door. Do you mind expanding?

Avatar
semisol 11mo ago

You always have to trust someone

The end