Profile picture
, 14 tweets, 3 min read
My Authors
Read all threads
I have two comments on this new Signal proposal for backing up secrets:

1. If your solution to a hard problem is “use Intel SGX”, please say so right at the beginning!
2. Despite that criticism, holy cow does this look like sophisticated work. signal.org/blog/secure-va…
So the basic problem here is an important one: Signal wants to back up your secrets in the cloud, so you can get them back if you lose your device. At the same time, being Signal, they don’t want your secrets accessible to hackers. 2/
Password-based encryption solves the problem, but then you need really strong passwords to prevent offline dictionary attacks. Putting a key on your device helps, but the whole point is to secure against lost devices. 3/
The only way anyone has ever practically solved this problem is to use secure hardware at the service provider. Apple does this with iCloud Keychain. Signal is trying to do the same with SGX. 4/
So the idea is that Signal will run an SGX enclave on its server. All the secrets will live inside of it. You’ll only get the secret if you can show you know the password (presumably with a low limit on guesses.) This works great! 6/
Wait that was 5. This is 6/
If this were an academic paper everyone would just stop there. But Signal is trying to build stuff, and a concern when you build real stuff is: what happens if your server goes down. Does the data get lost? 7/
The good news is that the actual secret “data” shouldn’t be that big. Worst case you could have a single key inside the enclave and use that to derive all the other secrets. The real problem is that you have to keep a counter for each user to prevent guessing attacks. 8/
This is a problem I love. The trick is that you have to make sure every single replica stays in sync here. If there are ten replicas and each gives you five attempts, you can isolate them from each other and get 50 independent guesses. 9/
So the TL;DR of this thing is that they’ve built a whole consensus protocol so that multiple replicas on different cloud providers can stay in sync.

This is so crazy it just might work. 10/
My main criticism of this idea is that I worry that it relies too heavily on the security of SGX, and particularly the SGX attestation process. 11/
Intel SGX just keeps getting broken. Last week it was an undervolt attack you could run from software. This week it turns out some Intel setups have the GPU sharing cache lines with the CPU, exposing parts of enclave memory to the former. 12/
This system seems to rely heavily on the use of SGX attestation, which uses a key inside the processor to sign a message that says “I am a real Intel CPU, you can safely send your backup data here.” If that key gets taken out, anyone can impersonate SGX. 13/
To me that seems like the real weak point. Maybe not a likely attack but definitely a little worrying. Other than that, very neat work. ///
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Matthew Green

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @matthew_d_green see all

Profile picture
Matthew Green
@matthew_d_green
@Pinboard I think that they might monetize and share user profiles/models in ways they currently don’t. Or maybe they’re not planning it, but it will eventually be on the table.

Frankly I can’t tell you what they’ll do, just that their data collection is astounding and keeps growing. 1/
@Pinboard For example: right now they’re combining online data with real-world data like credit card purchases in ways that 10 years ago would have seemed impossible and/or outraged us. But today that’s just “oh well of course Google needs that.” 2/
@Pinboard When you combine real time location with purchases, with every search, with health data, and add advanced machine learning, is there really anything Google doesn’t know about us?

What mitigates this is that so far they’ve been “benignly” using it to just serve us Sprite ads. 3/
Read 4 tweets
Profile picture
Matthew Green
@matthew_d_green
The EFF has a piece out on how client-side scanning ‘breaks’ end-to-end encryption. They take a pretty strong position here (one I happen to agree with.) But I thought it would be helpful to explain my specific technical concerns. Thread: 1/ eff.org/deeplinks/2019…
Just to explain what we’re talking about: many current unencrypted messaging systems scan every photo sent through the service, in order to detect abusive content (CP). Encrypted messaging systems can’t do this. Hence proposals to do scanning on the client side. 2/
The service would send down some kind of list of content hashes that are problematic, and your app would check for matches before encrypting the message/photo/whatever. 3/
Read 10 tweets
Profile picture
Matthew Green
@matthew_d_green
@AriannaSimpson @zcash @avichal @JacobPPhillips Why not just take the existing non-profit ZF board and make that your elected five person council? Note that this organization exists (and already has community elected members) while spinning up yet another organization is risky and redundant.
@AriannaSimpson @zcash @avichal @JacobPPhillips PS I am a board member (nominated originally by Zooko) but I’m happy to resign or stand for a new election if the community wants to.
@AriannaSimpson @zcash @avichal @JacobPPhillips Anyway I have several concerns here. The biggest is that the sudden creation of this new five-member counsel creates a huge opportunity for scammers to take control of Zcash. This is a foolish risk.
Read 4 tweets

Related threads

Profile picture
Hans HODL
@hansthered
Let's start with the problem set laid out by @RayDalio in this post.

linkedin.com/pulse/world-ha…

1. There's too much money.

"Money is free for those who are creditworthy because the investors who are giving it to them are willing to get back less than they give."
2. This extra money is acting like a hidden tax on growth rather than creating inflation.

"As a result of this dynamic, the prices of financial assets have gone way up and the future expected returns have gone way down while economic growth and inflation remain sluggish."
3. Because we can't seem to balance our federal budget we will end up printing money to pay our bills.

"large government deficits exist and will almost certainly increase substantially... central banks, (will) buy the debt that is produced with freshly printed money"
Read 21 tweets
Profile picture
Alan Mygatt-Tauber
@AMTAppeals
The transcript is finally up! Unsurprisingly, Justice Sotomayor is the first to jump in with a question, comparing the Board to the US Attorney.

#PROMESA OA
She follows up by asking if Congress could pass #PROMESA for a state. Former SG, on behalf of the Board, argues that no, it couldn't - and that Aurelius's problem is really with Art. IV, not Art. II.
CJ Roberts pushes him back on track to answer the US attorney question - he argues US Atty enforces nation-wide laws. Sotomayor doesn't seem to buy it, arguing there are federal laws with local effects.

#PROMESA
Read 99 tweets
Profile picture
All Your Smart Contract are Connect to Us
@KoalaKowboy
1/18 Advice from the heart: Stop being a mere speculator with little control over his own future and become an empowered entrepreneur. The smart contract revolution is here. Let me share an example of how you could create superior products that might generate income/profits.
2/18 @chainlink will provide many entrepreneurial opportunities to those that paid attention. A new ecosystem is being built that will become the enterprise-grade standard for corporations to do business with one and each other, and create superior products for their customers.
3/18 Some truly smart people have already undertaken the first steps: projects like @linkpoolio, @Fiewsio, and @clcgio have been some of the first to truly see the underlying potential, and thus have been building upon this new ecosystem. They will profit, and so could you.
Read 18 tweets
Profile picture
Lucas Guttenberg
@lucasguttenberg
Wednesday was BICC day again. Hardly anyone noticed, but the @EU_Commission published its proposal for the governance framework of the instrument formerly known as the Eurozone budget.

It's not really beachside material, still here the main take-aways:
europa.eu/rapid/press-re…
1/ The proposal makes clear that the COM essentially sees the BICC as an upgraded form of their Reform Delivery Tool (2018 proposal in the link). But rather than proposing an amended version of the orginal RTD proposal, it went for the minimal solution.
ec.europa.eu/commission/sit…
2/ The new BICC proposal would set up a two-step process: In the "euro area recommendation" in spring, the Council in EZ composition (i.e. de facto the Eurogroup) would, on a COM proposal, define "strategic orientations" for the BICC for the upcoming cycle.
Read 11 tweets
Profile picture
Neil Chilson
@neil_chilson
THREAD. Mark, I get it. You're trying to do hard things and you're not doing them perfectly. Some you might not be doing well. Some you're doing down right badly. washingtonpost.com/opinions/mark-…
Because of these imperfect or failed attempts to solve hard problems, you have a public relations problem. You have a gov relations problem. And you have a compliance problem.
So you want gov to fix it. New Internet regulation solves your PR problem. It solves your GR problem. And for a company with FB resources it solves your compliance problem.
Read 10 tweets
Profile picture
Matt Elliott
@GraphicMatt
Toronto City Council meets today! The mayor has designated the report on the subway upload as his key matter, meaning it’ll be debated first. You can stream it live here:
Councillor Paul Ainslie rises to note today is the anniversary of the day @rebelmayor first took office. Wonder how he’d react to the subway upload.
Council votes 23-1 to designate the Hearn as a heritage property.
Read 70 tweets

Trending hashtags

#Trump #emotions #SmallGroupTeaching #selfregulatedlearning #CognitiveTheory #pedagogy #largelectures #Portland #benefits #RoyalWedding2018 #students #QanonPosts #Epstein #NEW #Denmarks #dance #notetaking #Imagery #Pause #TrustThePlan #Enhancing #ideas #broccoli #WWG1WWA #ReadingList
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!