Confidential Computing Consortium

July 7, 2022

To Whom It May Concern:

Please consider the following submission to the Request for Information on Advancing Privacy-Enhancing Technologies from the Confidential Computing Consortium. The Confidential Computing Consortium (https://confidentialcomputing.io) is a Linux Foundation project “to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards” and has a diverse membership of hardware and software vendors and cloud service providers (https://confidentialcomputing.io/members/). This response was prepared by the group’s Technical Advisory Council with participation from across the membership, and ratified by its Governing Board. The Linux Foundation is a non-profit organization registered in the United States as a 501(c)(6).

The Confidential Computing Consortium has a mandate to engage with governments, standards agencies and regulatory agencies to encourage adoption of Confidential Computing, as well as work with the larger ecosystem and engage with existing and potential end-users of the technologies. It also works with open source projects to further development of implementations. The Confidential Computing Consortium is committed to encouraging open source implementations of Confidential Computing technologies to ensure wide-spread adoption, scalable community involvement, transparency of process, increased security and ease of auditing by relevant interested parties and authorities.

The Confidential Computing Consortium welcomes collaboration with governmental and non-governmental organizations and has mechanisms in place to provide appropriate membership, as well as open technical participation without any membership requirement.

Sincerely,
Stephen R. Walli
Confidential Computing Consortium, Governing Board Chair

Read the response here.

The Confidential Computing Consortium (CCC) was one of the 10 communities selected to be part of Roadsec, LATAM’s largest hacker conference. Over 5000 participants were present at this in-person conference held in Sao Paulo.

Roadsec started as meetups about cyber-security that were organized across different cities (thus the name Roadsec, as speakers were always on the road). Every year the community gathers in Sao Paulo for the main conference.

Sao Paulo is considered an alpha global city and serves as Latin America’s financial and technological hub. Major banks and cloud service providers have their headquarters and data centers in this city.

Nick Vidal, CCC’s Outreach Committee Co-Chair, was at the conference promoting the CCC and also inviting participants to the Cryptle Hack Challenge, a secure multi-player Wordle clone that demonstrates how Confidential Computing works.

Roadsec organizers were kind enough to provide the CCC a booth to present this emerging technology called Confidential Computing, which protects data in use by performing computation in a hardware-based Trusted Execution Environment. These secure and isolated environments prevent unauthorized access or modification of applications and data while in use, thereby increasing the security assurances for organizations that manage sensitive and regulated data.

Recently, there have been many serious cyber attacks in Brazil, including the leakage of sensitive patient data from DATASUS and sensitive client data from Banco Pan. Confidential Computing could have helped prevent these data leakages.

Check out what the CCC Projects have been up to!

Gramine

Gramine project (formerly known as Graphene) will release a new stable version v1.2 in upcoming weeks.

Gramine is a library OS that enables protecting sensitive workloads with Intel® Software Guard Extensions (Intel® SGX). Gramine runs unmodified Linux applications on Intel® SGX out of the box and provides all functionality required for end-to-end protection of workloads: remote SGX attestation, transparent encryption of security-critical files, secure multi-processing. Gramine follows a “lift-and-shift” paradigm for running unmodified applications: to “graminize” the application, it is enough to write a so-called *manifest* file that reflects a runtime configuration of the protected application. Gramine also supports Docker integration via a tool called Gramine Shielded Containers (GSC) and provides a growing set of curated applications, runtimes and frameworks.

In comparison to the previous release, Gramine v1.2 introduces a major overhaul of the FS subsystem. In particular, the Protected Files (PF) feature was significantly reworked. A new manifest syntax allows to mark whole FS mounts for encryption. The PF feature is now available not only in the SGX mode of Gramine, but also in the direct mode, for ease of debugging. We also added support for renaming PFs, memory mapping them with read-write permissions and encrypting them with different user-supplied encryption keys. As a side effect of this rework, multiple bugs in the FS and PF subsystems were fixed.

Additionally, Gramine v1.2 introduces a final reworked CPU/NUMA topology feature (previously marked as experimental). Now, CPU/NUMA topology is securely forwarded inside a Gramine SGX enclave and enabled by default. Among other improvements in Gramine, we highlight better support for CentOS/Fedora/RHEL Linux distributions and the update of the EPID SGX attestation tools to use IAS API v4. We also added a Rust example (a simple web server that uses hyper and tokio crates), as well as a new Python example for SGX quote retrieval.

Along with this technical work, Gramine was presented in different forums and featured in articles and blog posts:

– Gramine talk at the FOSDEM’22 conference: https://fosdem.org/2022/schedule/event/tee_gramine/

– Gramine talk at a Confidential Computing Consortium (CCC) webinar:  https://confidentialcomputing.io/webinar-gramine/

– Highlighted in several use cases and projects at the Open Confidential Computing Conference (OC3 2022) conference: https://www.oc3.dev/program

– Integration with Open Federated Learning (OpenFL) framework: https://medium.com/openfl/a-path-towards-secure-federated-learning-c2fb16d5e66e

– Integration with IBM/Gematik e-Prescription solution: https://github.com/eRP-FD/vau-base-image

– Reference solutions with Gramine as part of the Confidential Computing Zoo (CCZoo): https://github.com/intel/confidential-computing-zoo

– Whitepaper “Computation offloading to hardware accelerators in Intel SGX and Gramine Library OS”: https://arxiv.org/abs/2203.01813

– Blog post “How Open Source Gramine Accelerates Expanding Confidential Computing Market”: https://www.linkedin.com/pulse/how-open-source-gramine-accelerates-expanding-confidential-mona-vij/?trk=articles_directory

– A series of technical blog posts: https://gramineproject.io/blog/

For more information on the release please check out: https://github.com/gramineproject/gramine/releases/tag/v1.2

We invite you to join the Gramine community and contribute to adoption of confidential computing through open source collaboration. We also look forward to your feedback as you deploy this latest release of Gramine for your solutions.

Enarx

The Enarx project had three releases this quarter:

– Enarx 0.3.0 (Chittorgarh Fort) released in March with TLS support, attestation & validation support (https://blog.enarx.dev/chittorgarh-fort/).

– Enarx 0.4.0 (Fort of Dhat al-Hajj) released in April with SGX2 support, improved TLS support, and much more (https://blog.enarx.dev/enarx-0-4-0-fort-dhat-al-hajj/).

– Enarx 0.5.0 (Elmina Castle) released in May with many new/improved features: New enarx deploy subcommand. SGX with EDMM / SGX2 support (https://blog.enarx.dev/elmina-castle/).

In addition to Linux, Enarx is now available on MacOs, Windows, and Raspberry Pi:

– Enarx can now be compiled on additional platforms in a light development version. From MacOS to Raspberry Pi — Extending the Enarx Development Platforms.  (https://blog.enarx.dev/backend-nil/)

The Enarx project announced the Cryptle Hack Challenge:

– Cryptle is a secure multi-player clone of Wordle. The goal of the Cryptle Hack Challenge is to uncover vulnerabilities in the Enarx project. (https://blog.enarx.dev/cryptle-hack-challenge/).

The Enarx community has achieved a huge milestone: we have collectively published 100 tutorials and articles over at Wasm Builders!

– As part of the Confidential Computing Fellowship program, the Enarx project has received several mentees from Outreachy and LFX Mentorship. Wasm Builders has served as a welcoming environment where Enarx community members can share their learning experiences with others (https://blog.enarx.dev/enarx-community-reachs-100-tutorials/).

The Enarx project has participated in the following events:

– Nathaniel McCallum presented “WASI Networking” at Wasm Day at KubeCon + CloudNativeCon Europe 2022 (https://blog.profian.com/wasm-day-at-kubecon-cloudnativecon-europe-2022/).

– Outreachy intern Shraddha Inamdar presented “Enarx: The Platform Abstraction for Trusted Execution Environments” at FOSSASIA (https://enarx.dev/resources/2022-04-09-fossasia).

– CCC Fireside Chat: Stephen Walli received Mike Bursell to discuss his book “Trust in Computer Systems and the Cloud,” with a particular focus on the impact of Confidential Computing on security, trust and risk (https://blog.profian.com/trust-in-computer-systems-and-the-cloud/).

Veracruz

• We recently announced our 22.05 release which included first-time contributions from several people including Aryan Godara, Mohamed Abdelfatah, and Sagar Arya.  Many of these contributions focussed on adding new examples to the Veracruz repository.  Mohamed will be joining us as our Outreachy-sponsored intern shortly, working on providing better documentation of the expected behavior of Wasi system calls (https://github.com/veracruz-project/veracruz/releases/tag/veracruz-2205).
• We’ve worked to simplify Veracruz attestation further, across all of our supported platforms, making the process more uniform and removing platform-specific quirks.
• We’ve started work, and are progressing quickly, on supporting seL4 as an in-enclave operating system for ultra-low TCB enclaves.
• We’ve worked to improve Veracruz documentation.
• Many other smaller bug fixes, performance improvements, and upgrades of dependencies to fix security concerns.

Check out what the CCC Projects have been up to!

Gramine

Following the first production-ready release “v1.0”, The Gramine Project is releasing “v1.1” in upcoming weeks. One highlight of this release is stability improvements for Golang and Rust workloads. Another prominent feature of the release is support for the musl C standard library – now Gramine allows users to choose between glibc and musl, depending on users’ requirements on the binary size (TCB), as musl is more light-weight than glibc. Also, AddressSanitizer was integrated in Gramine, and it runs in the CI on each change, for detecting any security issues ahead of code merge. This version adds several other features as well as multiple bug fixes (thanks to our ever-increasing user base for reporting issues!).

While there are several use cases under development, we would like to highlight the production release of the OpenVino Security Add-on (OVSA) for Model IP protection (consider using it for your protected ML workloads). Please reach out to the Gramine team if you are experimenting with Gramine and would like to be added to the list of “Users of Gramine”

Enarx

In Enarx’s first release “version .0.1.0” (codenamed Alamo) we provided WebAssembly as a runtime. For our upcoming release “version 0.2.0” this coming quarter we are looking forward to providing support for attestation, including Intel’s SGX and AMD’s SEV.

Other areas where we are working on are support for filesystem and networking, which depend on upstream collaboration with the WebAssembly community.

Enarx is under high development and is not production ready yet, but our hope is that these initial releases will allow developers to experiment with Enarx and see its progress.

If you are interested in learning more about the Enarx project, please access our website, star us on GitHub, and join our chat.