Confidential Computing in Three Acts

This talk will begin with the „foundations“ of confidential computing, tracing its origins from early research to hardware support for trusted execution environments. We will explore where earlier platforms faced challenges, while Intel SGX marked a pivotal moment in defining and democratizing confidential computing.

The second act focuses on the „foes“—the rollercoaster era of building with and breaking into Intel SGX using an untrusted operating system. Even after the shift from enclaves to confidential virtual machines, we find ourselves revisiting the same cycle of attacks and defenses, this time with an untrusted hypervisor.

Finally, we will look toward a hopeful „future“, examining its potential to enable innovative use cases, such as sovereign smartphones, and its expanding role in accelerators and custom silicon for large-scale data centers.

Crypto Wars Revisited

The Crypto Wars reflect the ongoing conflict between governments seeking access to encrypted data for national security and crime prevention and the protection of individual and collective privacy. The talk will start with a brief overview of the history of crypto wars, that have dealt with suppression of research of cryptography, access to secure communications (the Clipper Chip), access to stored data (Apple versus the FBI) and spyware (NSO Group). In recent years, the focus has shifted to dealing with end-to-end encryption communications through client-side scanning: all information transmitted would be filtered at large scale on devices prior to encryption or directly after decryption. While officially aimed at detecting Child Sexual Abuse Material (CSAM), this technology is also positioned for use against terrorism and organized crime.

However, universal client-side scanning technology violates the essence of end-to-end encryption, would be easy to bypass and –like all other third-party access methods– is prone to misuse and abuse. Moreover, its effectiveness remains highly questionable. Serious flaws have been identified in perceptual hash functions that are essential to detect known CSAM without revealing the content itself. These hash functions map visually similar content to similar short hash values. Our recent work shows that a broad class of designs (including all widely used schemes) result in very high false positive and false negative rates. Regulatory proposals have also put forward the use of AI for the detection of new and in particular AI-generated CSAM; these raise further concerns about technical feasibility and reliability. Over the past decade, law enforcement agencies have gained vast amounts of metadata, biometric data, and surveillance data from cameras, supported by increasingly powerful analytical tools. These capabilities may well offset the challenges posed by encryption. The priority should be strengthening cybersecurity and privacy while ensuring transparency around interception technologies. A broader societal debate is essential to balance security with fundamental rights.