Comment by Retr0id
3 days ago
Protecting secrets via hardware is always "decorative" in some sense, the question is just how much time+work it takes to extract them (and probability of destroying the secrets/device in the process). (outside of things like QKD)
But for software systems under a software threat model, bug-free implementations are possible, in theory at least.
This is a reasonable take.
Perfect security isn't a thing. Hardware/Software engineers are in the business of making compromise harder, but eyes are wide open about "perfection".
Confidential Computing is evolving, and it's steadily gotten much more difficult to bypass the security properties.
I don't follow this - the software must necessarily run on some hardware, so while the software may be provably secure that doesn't help if an attacker can just pull key material off the bus?
Soldering wires to LPC is not a software threat model
but it is a threat model. "This system is unhackable, if the user doesn't do the thing that hacks it" is not very useful.
1 reply →