The Linux Foundation Projects
Skip to main content
All Posts By

jshelby

Oct 02

September Newsletter: CC Mini Summit Recordings, Tech Talks, Secure AI Pipelines, and more

By Newsletter No Comments

Hello Community!

Welcome to the 2024 September Newsletter

In Today’s Issue:

  1. Executive Director September Recap
  2. Recordings from the CC Mini Summit @ OSSEU
  3. TAC Tech Talks & Upcoming Discussions
  4. Community Blog Highlights

Welcome to the September edition of our newsletter – your guide to awesome happenings in our CCC community. Let’s go!

Executive Director Update

September saw us holding a Confidential Computing Mini-Summit, co-located with Open Source Summit Europe in Vienna.  Despite torrential rain and major flooding in the preceding days, all of the speakers and panel members made it and we had an interesting – and sometimes spirited! – set of discussions.  I particularly enjoyed moderating a panel on attestation – see below for more on that topic.  The slide decks from the speakers as well as the video recordings at the Mini-Summit will be available for you to watch.

I also popped over to Dublin for the Eyes Off Data Summit, where I appeared as a panel member in a session about the opportunities and challenges of Confidential Computing.

The main thing that I’m seeing at the moment in the community is a realization that while there’s still a lot of work to be done educating the wider world on the basics of Confidential Computing and TEEs, the really interesting work and the really exciting business opportunities are likely to revolve around attestation.  This is reflected in the conversations we’re having at conferences and the work that we’re doing in the CCC.  There are two main streams of work: the technical, where we’re looking at definitions, protocols and related areas; and business questions such as “who should run an attestation verification service?” and “what sorts of policies should we expect an attestation verification service to enforce?”.  Spanning these streams is the work by the Governance, Risk and Compliance (GRC) SIG, which also considers issues around regulation.

If any of this sounds interesting to you, or you’d like to be involved in any way in the work of the CCC, we’d love to hear from you.

Get in touch

CC Mini Summit Recordings & Slides

On Demand Content is Available NOW!

Enjoy the recordings from the Confidential Computing Mini Summit at OSS EU.

Watch the Recording

TAC Update

This month we had three really deep tech talks. A couple are more on the advanced end of the spectrum but don’t let that scare you away from checking them out. They were all presented in really accessible formats. You’ll see the TAC Tech Talks playlist alongside our other playlists on the CCC YouTube channel:

TAC Tech Talk playlist 

Heading into October we’re in our final quarter to complete the goals we set for ourselves for the year. One of the big topics is getting Confidential Computing Features upstreamed into the Linux Kernel. The primary maintainers conference (The Linux Plumbers Conference) just concluded in late September so we’ll be getting some feedback from that in the TAC in October.

We’re also looking at starting some new work related to attestation verification. Feedback from another exercise showed us that there’s still areas that need a common definition. Among them, being able to identify entities that are in and out of the Trusted Computing Base (TCB), also informally called the trust boundary. Entities like CSPs are pretty big and we want to be more granular to more accurately reflect who is and isn’t trusted for a given deployment – or at least what sort of questions an adopter should think through.

Community Blog Highlights

Sep 30

Key Takeaways from the Confidential Computing Consortium Mini Summit at OSS EU

By Blog No Comments

The Confidential Computing Consortium (CCC) recently participated in the Open Source Summit Europe (OSS EU), hosting a dedicated Confidential Computing Mini Summit. 

The event gathered some of the brightest minds in the industry to discuss the evolving landscape of Confidential Computing, its capabilities, and its impact across various industries. 

Check it out—All sessions from the summit are now available on the CCC YouTube channel for anyone who missed the event or wants to revisit the discussions.

Mini Summit Recap

The Mini Summit featured an impressive lineup of speakers and thought leaders, offering insights into the latest trends and innovations in Confidential Computing. Here’s a recap of the key sessions:

Opening Keynote- Confidential Computing: Enabling New Workloads and Use Cases

Mike Bursell, Executive Director of the CCC, opened the summit with a deep dive into Confidential Computing, showcasing how hardware-based Trusted Execution Environments (TEEs) now support new workloads. He highlighted its role in securing data with hardware-backed security and attestation, while exploring emerging applications in Generative AI, Web3, and multi-party computation.

Mike emphasized the transformative power of Confidential Computing, enabling secure workloads through the fusion of hardware security and cryptographic assurances. As Confidential Computing grows, remote attestation is becoming crucial, ensuring confidentiality and integrity in sensitive workloads across diverse environments.

Presentation here

Mini Summit Sessions

Cocos AI – Confidential Computing

  • Drasko Draskovic (CEO, Abstract Machines) and Dusan Borovcanin (Ultraviolet) shared, with a demo, how Cocos AI, using Confidential Computing, is leveraging computing to create more secure AI environments.

Presentation here

TikTok’s Privacy Innovation- A Secure and Private Platform for Transparent Research Access with Privacy-Enhancing Technologies

  • Mingshen Sun (Research Scientist, TikTok) presented TikTok’s approach to privacy-enhancing technologies, showcasing a secure and private platform designed for transparent research access.  The TikTok project is currently going through the process of being accepted as an open source project under the CCC.

Panel Session:  Attestation and Its Role in Confidential Computing

  • This panel, moderated by Mike Bursell, included expert perspectives from Paul Howard (Principal System Solutions Architect, Arm), Yuxuan Song (Ph.D. student, Inria Paris, and Sorbonne University), Ian Oliver(Cybersecurity Consultant), and Hannes Tschofenig (Professor, University of Applied Sciences Bonn-Rhein-Sieg). They explored how remote attestation serves as a key enabler for confidentiality and integrity, driving business value by assuring the trustworthiness of computing environments.  A wide-ranging – and at times quite lively! – discussion covered topics from IoT use cases to issues of transparency, from attestation models to approaches to integration.

Supporting Confidential Computing Across Europe’s Cloud-Edge Continuum

  • Francisco Picolini (Open Source Community Manager, OpenNebula Systems) highlighted the efforts to extend Confidential Computing capabilities within a new European project, looking across in the cloud and edge computing spaces.

Presentation here

Hiding Attestation with Linux Keyring in Confidential Virtual Machines

  • Mikko Ylinen (Cloud Software Architect, Intel) presented an innovative approach to using Linux Keyring to enhance security in confidential virtual machines, offering new techniques for securing workloads.

Presentation here

Looking Ahead

The Confidential Computing Mini Summit at OSS EU provided attendees with a comprehensive view of Confidential Computing’s present and future potential. Discussions around Gen AI, Web3, and multi-party computation showed how Confidential Computing is set to play a pivotal role in shaping the future of technology by enabling more secure, trusted, and scalable computing environments.

Join the conversation with the CCC and its ecosystem of members for more on how Confidential Computing is transforming industries and unlocking new capabilities. The future of secure computation is just beginning, and there’s much more to discover.

Confidential Computing Consortium Resources

Sep 26

Confidential Computing for Secure AI Pipelines: Protecting the Full Model Lifecycle

By Blog No Comments

By Sal Kimmich

As AI and machine learning continue to evolve, securing the entire lifecycle of AI models—from training to deployment—has become a critical priority for organizations handling sensitive data. The need for privacy and security is especially crucial in industries like healthcare, finance, and government, where AI models are often trained on data subject to GDPR, HIPAA, or CCPA regulations.

In this blog, we’ll explore how confidential computing enhances security across the entire AI model lifecycle, ensuring that sensitive data, models, and computations are protected at every stage. We’ll also examine the role of technologies like Intel SGX, ARM TrustZone, and trusted execution environments (TEEs) in achieving end-to-end security for AI workflows.

The AI Model Lifecycle: From Training to Deployment

The AI model lifecycle consists of several stages where sensitive data is exposed to potential risks:

  1. Data Collection and Preprocessing: This is the stage where data is gathered and prepared for model training. In regulated industries, this data often contains personally identifiable information (PII) or other sensitive details.
  2. Model Training: During training, AI models are fed data to learn patterns. This process is compute-intensive and often requires distributed systems or multi-cloud environments.
  3. Inference and Deployment: Once trained, AI models are deployed to make predictions on new data. At this stage, the model itself and the inference data need to remain secure.

Each stage presents unique security challenges. Data can be exposed during preprocessing, models can be stolen during training, and sensitive inputs or outputs can be compromised during inference. Securing all aspects of the AI pipeline is critical to maintaining data privacy and ensuring compliance with regulations like GDPR and HIPAA.

How Confidential Computing Protects AI at Each Stage

Confidential computing provides a solution to these challenges by using trusted execution environments (TEEs) to secure data, models, and computations throughout the AI pipeline.

  • Data Collection and Preprocessing: In this stage, TEEs ensure that sensitive data can be preprocessed in a secure enclave. Technologies like Intel SGX and ARM TrustZone create isolated environments where data can be cleaned, transformed, and anonymized without exposing it to unauthorized access.
  • Model Training: Confidential computing plays a critical role during AI model training, where TEEs are used to protect both the training data and the model itself. By running the training process within a secure enclave, organizations can ensure that no external party—whether malicious actors or cloud providers—can access or steal the model.
  • Inference and Deployment: After training, confidential computing ensures that the model remains protected during inference. Remote attestation allows organizations to verify that the AI model is running in a secure environment before it is deployed. This prevents data leakage during inference and ensures that the model’s predictions are based on trusted data inputs.

Intel SGX and ARM TrustZone: Securing AI Workflows

Intel SGX and ARM TrustZone are two leading technologies that enable confidential computing in AI pipelines by securing sensitive workloads at every stage.

  • Intel SGX: Intel SGX provides hardware-based security by creating secure enclaves that isolate data and code during processing. In AI workflows, Intel SGX is used to protect data during preprocessing and model training, ensuring that sensitive data and AI models remain secure even in multi-cloud environments.
  • ARM TrustZone: ARM TrustZone enables secure computation on mobile and IoT devices, providing isolated execution environments for sensitive AI models. ARM TrustZone is particularly useful in edge computing, where AI models are deployed close to data sources, and confidentiality is critical.

Both Intel SGX and ARM TrustZone provide the infrastructure needed to implement confidential AI pipelines, from data collection and training to inference and deployment.

Real-World Use Case: Confidential AI in Healthcare

A prime example of how confidential computing secures AI pipelines is in the healthcare industry, where AI models are often used to analyze sensitive patient data. By using confidential computing, healthcare organizations can ensure that patient records are protected during model training, and predictions are made without exposing sensitive data to unauthorized access.

In this case, confidential computing helps healthcare providers comply with regulations like HIPAA, while still benefiting from the insights generated by AI models.

Confidential Computing and AI Regulations: Ensuring Compliance with GDPR and HIPAA

As AI becomes more embedded in regulated industries, maintaining compliance with data privacy laws like GDPR and HIPAA is essential. Confidential computing ensures that sensitive data and AI models are protected at every stage of the AI lifecycle, reducing the risk of data breaches or unauthorized access.

By securing both data and models, confidential computing helps organizations meet the requirements for data minimization, transparency, and consent, ensuring that AI workflows remain compliant with global regulations.

AI Pipelines with Confidential Computing

As AI workflows become more complex and data privacy concerns grow, confidential computing will play a central role in securing the AI model lifecycle. From data preprocessing to model inference, confidential computing ensures that data and AI models remain protected in trusted execution environments, enabling organizations to deploy AI securely and compliantly.

With technologies like Intel SGX and ARM TrustZone, organizations can now secure their AI pipelines at every stage, ensuring privacy, security, and regulatory compliance in industries like healthcare, finance, and national security.

Hyperlinks Summary:

Sep 24

Strengthening Multi-Cloud Security: The Role of COCONUT-SVSM in Confidential Virtual Machines

By Blog No Comments

By Sal Kimich

Introduction:

As businesses increasingly adopt multi-cloud environments to run their critical workloads, ensuring data security and compliance with regional privacy regulations becomes paramount. The proliferation of sensitive workloads across different cloud providers raises concerns about the safety of data, particularly in virtualized environments where virtual machines (VMs) handle vast amounts of personal and regulated data.

This is where COCONUT-SVSM (Secure Virtual Machine Service Module) shines. Designed to provide secure services and device emulations for confidential virtual machines (CVMs), COCONUT-SVSM ensures that sensitive workloads remain secure, even in distributed or potentially untrusted cloud environments. In this blog, we will explore the value of COCONUT-SVSM in safeguarding virtualized workloads, highlighting how it strengthens multi-cloud security.

Why Secure Virtual Machines Matter in Multi-Cloud Environments

Virtual machines (VMs) are a critical part of the modern cloud infrastructure, enabling organizations to efficiently allocate resources and scale their operations. However, traditional VMs are vulnerable to attacks from both external threats and privileged insiders, especially when data is processed in the cloud.

In multi-cloud environments, workloads can span multiple cloud providers, making it difficult to ensure that each environment is secure. This is where confidential computing and technologies like COCONUT-SVSM come into play. By creating confidential virtual machines (CVMs), organizations can isolate sensitive workloads from the underlying host operating system, ensuring that data remains protected, even if the host is compromised.

The Architecture of COCONUT-SVSM: Providing Security for Confidential VMs

At the heart of COCONUT-SVSM is its ability to provide secure services to CVMs through device emulations and remote attestation. These features enable organizations to run sensitive workloads with the assurance that both the data and the virtual machine environment are secure from unauthorized access.

Key features of COCONUT-SVSM include:

  • TPM Emulation: Emulating a Trusted Platform Module (TPM), COCONUT-SVSM enables secure key management and encryption within the virtual machine.
  • Secure Boot: Using UEFI variable storage, COCONUT-SVSM ensures that VMs can only boot in secure environments, preventing malicious actors from modifying the boot process.
  • Live Migration Support: In multi-cloud environments, VMs often need to be moved between physical hosts. COCONUT-SVSM supports secure live migration, ensuring that sensitive data remains protected during transitions.

These features help organizations comply with strict data privacy regulations, such as GDPR and CCPA, by maintaining control over how and where sensitive data is processed.

How COCONUT-SVSM Enhances Compliance in Multi-Cloud Systems

Compliance with data sovereignty and privacy regulations is a major challenge for organizations operating across multiple jurisdictions. For example, regulations like GDPR mandate that personal data is processed and stored within specific geographic boundaries, while ensuring that security controls are in place to prevent unauthorized access.

COCONUT-SVSM enhances compliance by ensuring that data processed in confidential virtual machines is always secured, regardless of where the data is physically located. This is particularly important for businesses with operations in multiple regions, as it allows them to securely process sensitive workloads while adhering to local regulations.

Additionally, remote attestation provided by COCONUT-SVSM ensures that workloads are only processed in trusted environments, providing an additional layer of security for organizations handling sensitive data.

Real-World Applications: COCONUT-SVSM in Healthcare and Finance

The healthcare and finance sectors are two prime examples of industries that can benefit from the enhanced security provided by COCONUT-SVSM. Both industries handle vast amounts of personal and financial data, making security and compliance critical to their operations.

  • Healthcare: In healthcare, COCONUT-SVSM can be used to protect sensitive patient data during AI-driven diagnostics or clinical trials. By creating secure environments for processing healthcare data, COCONUT-SVSM helps healthcare providers comply with regulations like HIPAA while ensuring that patient privacy is maintained.
  • Finance: In the financial sector, COCONUT-SVSM can be used to secure fraud detection models or other sensitive financial operations. By protecting virtual machines used to process financial transactions, COCONUT-SVSM helps financial institutions comply with PCI-DSS standards and other financial regulations.

COCONUT-SVSM as a Pillar of Multi-Cloud Security

As organizations continue to embrace multi-cloud strategies, the importance of securing virtualized environments cannot be overstated. COCONUT-SVSM provides the tools needed to ensure that confidential virtual machines (CVMs) remain secure and compliant, even when workloads are distributed across multiple cloud providers.

By leveraging features like TPM emulation, secure boot, and remote attestation, COCONUT-SVSM enables organizations to maintain control over their data and adhere to data sovereignty regulations, making it an essential part of any confidential computing strategy. As industries like healthcare and finance continue to handle sensitive data, COCONUT-SVSM will play a critical role in protecting workloads and ensuring compliance in multi-cloud environments.

Hyperlinks Summary:

 

Sep 19

Post-Quantum Cryptography: Preparing for a Quantum Future

By Uncategorized No Comments

Author:  Sal Kimmich

In a recent presentation to the Confidential Computing Consortium’s Technical Advisory Committee, Hart Montgomery discussed the pressing topic of post-quantum cryptography (PQC). The presentation highlighted the looming threat posed by quantum computers to traditional public key cryptography and outlined the proactive steps necessary to secure digital information in a post-quantum world.

The Quantum Threat

Montgomery began by addressing the fundamental issue: quantum computers, once sufficiently powerful, will be able to break nearly all existing widely deployed public key cryptography methods. These methods include widely used standards like RSA, DSA, and elliptic curve cryptography (including ECDSA). The crux of the problem is that quantum computers can solve complex mathematical problems—such as factoring large numbers and the discrete logarithm problem—exponentially faster than classical computers, rendering current cryptographic techniques vulnerable. ​ 

  • RSA (Rivest–Shamir–Adleman): A widely used public-key cryptosystem that relies on the difficulty of factoring large integers. Learn more about RSA.
  • DSA (Digital Signature Algorithm): A Federal Information Processing Standard for digital signatures, based on the difficulty of solving discrete logarithms. Learn more about DSA.
  • ECDSA (Elliptic Curve Digital Signature Algorithm): A cryptographic algorithm used by many standards for digital signatures that relies on the hardness of discrete logarithm over elliptic curves. Learn more about ECDSA.

Why Does This Matter?

The implications of quantum computers’ ability to break these cryptographic methods are far-reaching. A particularly concerning scenario is the “harvest now, decrypt later” problem, where adversaries could intercept and store encrypted data today, only to decrypt it in the future when quantum computing is sufficiently advanced. This is especially problematic for sectors like finance, where regulations often require data to be secure for decades. All experts queried by Global Risk Institute’s 2023 Quantum Threat report agreed that shift is likely to occur within the next 3 decades. 

The Power of Quantum Computing

To better understand the quantum threat, Montgomery provided a brief overview of quantum computing’s capabilities. Quantum computers operate using quantum bits, or qubits, which can exist in a superposition of states, allowing for massive parallelism in some computations. This property enables quantum algorithms, such as Shor’s algorithm, to solve problems like integer factorization exponentially faster than classical algorithms.

Shor’s algorithm, in particular, presents a significant threat to cryptography. It can factor large numbers exponentially faster than the best-known classical algorithms, such as the General Number Field Sieve (GNFS). For example, while classical algorithms might take an impractically long time to factor a 1,000-digit number, a quantum computer running Shor’s algorithm could potentially do so in a feasible amount of time.

  • Quantum Superposition: A fundamental principle of quantum mechanics where a quantum system can exist in multiple states simultaneously. Learn more about superposition.
  • Shor’s Algorithm: A quantum algorithm that can efficiently factorize large integers, threatening current public-key cryptographic systems. Learn more about Shor’s Algorithm.
  • General Number Field Sieve (GNFS): The most efficient classical algorithm for factoring large integers. Learn more about GNFS.

Quantum-Safe Cryptography

To counter the quantum threat, the cryptographic community has been developing quantum-safe cryptographic algorithms. These new methods are based on mathematical problems that are believed to be resistant to quantum attacks. One of the leading approaches is lattice-based cryptography, which involves complex mathematical structures known as lattices.

Montgomery emphasized the importance of transitioning to quantum-safe cryptography well before quantum computers reach a stage where they can break existing cryptographic systems. The timeline for the advent of quantum computers remains uncertain, with experts estimating that powerful quantum computers could emerge within the next 15 to 30 years. For organizations that need to secure data for extended periods, the shift to quantum-safe methods is urgent.

Standardization Efforts and Challenges

Montgomery highlighted the extensive efforts to standardize post-quantum cryptography. The National Institute of Standards and Technology (NIST) has been leading a global initiative to develop and evaluate quantum-safe algorithms. This process has involved rigorous review and testing by cryptographers worldwide. The first set of standardized algorithms were released in August 2024, with four key candidates emerging: Kyber, Dilithium, and Sphincs+.

While these algorithms offer security against quantum attacks, they also introduce challenges. One significant issue is the larger key sizes and computational overhead associated with these new methods. For example, lattice-based schemes like Kyber and Dilithium require larger keys and ciphertexts, which could impact performance in certain applications, particularly those involving large-scale or high-frequency cryptographic operations.

  • NIST (National Institute of Standards and Technology): A U.S. federal agency that develops and promotes measurement standards, including cryptographic standards. Learn more about NIST.
  • Kyber: A lattice-based key encapsulation mechanism (KEM) designed for post-quantum security. Learn more about Kyber.
  • Dilithium: A lattice-based digital signature algorithm designed for post-quantum security. Learn more about Dilithium.
  • Falcon: A compact lattice-based digital signature scheme optimized for post-quantum security. Learn more about Falcon. (standards still developing)
  • Sphincs+: A stateless hash-based digital signature scheme that provides post-quantum security. Learn more about Sphincs+.

Impact on Confidential Computing

The discussion also touched on the implications for confidential computing, particularly in areas like attestation, which heavily relies on cryptographic methods. Attestation is a critical component in confidential computing, used to verify the integrity and authenticity of a system or software environment. 

Montgomery noted that while the transition to post-quantum cryptography will require careful planning, many aspects of confidential computing, such as firmware and microcode, may not require significant hardware changes to implement quantum-safe cryptographic algorithms.

However, he did caution that the larger key sizes and ciphertexts associated with post-quantum cryptography could pose challenges in scenarios where numerous attestations (process of verifying the integrity and authenticity of a computing environment) or key exchanges occur frequently. Despite these challenges, the transition is crucial to ensure the long-term security of confidential computing environments.

The Post-Quantum Cryptography Alliance

To further advance the adoption of quantum-safe cryptography, Montgomery introduced the Post-Quantum Cryptography Alliance, The alliance’s goal is to build high-quality, quantum-safe cryptographic code and foster collaboration between the research community and developers to refine cryptographic algorithms that are resistant to quantum attacks. The alliance is structured similarly to other Linux Foundation projects, with an emphasis on open collaboration and transparency. Two key projects within the alliance are the Open Quantum Safe (OQS) project and the PQ Code Package project. OQS focuses on the development and implementation of quantum-safe algorithms, while the PQ Code Package project is dedicated to creating formally verified, high-assurance implementations of quantum-safe standards like Kyber.

Looking towards the Quantum Computing Era 

Post-Quantum Cryptography (PQC) addresses the quantum threat by developing cryptographic algorithms that can withstand attacks from quantum computers, ensuring that encrypted data remains secure and that signatures cannot be forged. Meanwhile, Confidential Computing (CC) protects data in use through secure enclaves and hardware-based security features, safeguarding sensitive computations from unauthorized access. 

Together, PQC and CC provide a layered security approach that covers the entire data lifecycle—from protection at rest and in transit to safeguarding data during processing. As digital threats evolve, integrating both PQC and CC into security strategies is vital for organizations looking to future-proof their operations. These technologies are not just essential on their own; they complement each other, forming the foundation of tomorrow’s secure computing environment.

As we approach the era of quantum computing, the need for quantum-safe cryptography becomes increasingly urgent. Hart Montgomery’s presentation underscored the importance of proactive measures, including the development and standardization of post-quantum cryptographic methods. While challenges remain—such as increased computational overhead and larger key sizes—the work being done today will be crucial in securing our digital future against the quantum threat.

You can watch the entire discussion on the CCC youtube channel

Sep 16

Exploring Enclave SDKs: Enhancing Confidential Computing

By Blog No Comments

Author:  Sal Kimmich

 

In the realm of confidential computing, enclave SDKs play a pivotal role in ensuring secure and private execution environments. These software development kits provide developers with the necessary tools and frameworks to build, deploy, and manage applications that operate within enclaves. In this blog, we will explore three prominent open-source enclave SDKs: Open Enclave, Keystone, and Veracruz. Additionally, we will touch upon the Certifier Framework, which, while slightly different, contributes significantly to the landscape of confidential computing.

Open Enclave

Open Enclave is a versatile SDK that provides a unified API surface for creating enclaves on various Trusted Execution Environments (TEEs) such as Intel SGX and ARM TrustZone. Developed and maintained by a broad community, Open Enclave aims to simplify the development of secure applications by offering a consistent and portable interface across different hardware platforms.

Key Features of Open Enclave:

  • Cross-Platform Support: One of the standout features of Open Enclave is its ability to support multiple hardware architectures, making it a flexible choice for developers working in diverse environments.
  • Rich Documentation and Community Support: Open Enclave boasts extensive documentation and a supportive community, providing ample resources for developers to learn and troubleshoot.
  • Comprehensive Security Measures: The SDK incorporates robust security features, including memory encryption, attestation, and secure storage, ensuring that applications remain secure and tamper-resistant.

Keystone

Keystone is an open-source framework designed to provide secure enclaves on RISC-V architecture. It is highly modular and customizable, allowing developers to tailor the security features to meet the specific needs of their applications.

Key Features of Keystone:

  • Modularity: Keystone’s design philosophy revolves around modularity, enabling developers to customize the enclave’s components, such as the security monitor, runtime, and drivers.
  • RISC-V Architecture: Keystone is built specifically for the RISC-V architecture, leveraging its open and extensible nature to offer a unique and highly configurable enclave solution.
  • Research and Innovation: Keystone is often used in academic and research settings, driving innovation in the field of confidential computing and providing a platform for experimental security enhancements.

Veracruz

Veracruz is an open-source project that aims to create a collaborative computing environment where multiple parties can jointly compute over shared data without compromising privacy. It emphasizes data confidentiality and integrity, making it ideal for scenarios involving sensitive data.

Key Features of Veracruz:

  • Collaborative Computing: Veracruz enables secure multi-party computation, allowing different stakeholders to collaborate on computations without revealing their individual data.
  • Privacy-Preserving: The framework ensures that data remains confidential throughout the computation process, leveraging TEEs to provide strong privacy guarantees.
  • Flexible Deployment: Veracruz supports various deployment models, including cloud, edge, and on-premises, making it adaptable to different use cases and environments.

Certifier Framework: A Slightly Different Approach

While the Certifier Framework for Confidential Computing shares the goal of enhancing security and privacy in computational environments, it adopts a distinct approach compared to traditional enclave SDKs.

Certifier Framework focuses on providing a unified certification and attestation infrastructure for confidential computing environments. It aims to ensure that the software and hardware components in a system can be securely attested and certified, providing trust guarantees to end-users and applications.

Key Features of the Certifier Framework:

  • Certification and Attestation: The primary focus of the Certifier Framework is on certification and attestation, ensuring that all components of a confidential computing environment meet stringent security standards.
  • Unified Approach: The framework offers a unified approach to certification across different TEEs, simplifying the process of establishing trust in diverse environments.
  • Integration with Existing Solutions: The Certifier Framework can be integrated with other enclave SDKs and confidential computing solutions, enhancing their security posture through robust certification mechanisms.

Conclusion

Enclave SDKs like Open Enclave, Keystone, and Veracruz are critical tools for developers aiming to build secure and private applications in the realm of confidential computing. Each of these projects brings unique strengths and features to the table, catering to different hardware architectures and use cases. Meanwhile, the Certifier Framework provides an essential layer of trust and certification, complementing these SDKs and ensuring that confidential computing environments meet the highest security standards. By leveraging these powerful tools, developers can create innovative solutions that protect sensitive data and maintain user privacy in an increasingly digital world.

Confidential Computing Consortium Resources

Sep 10

Library OS for Confidential Computing: Enhancing Data Security with Cutting-Edge Projects

By Blog No Comments

Author:  Sal Kimmich

Introduction

As the landscape of data security continues to evolve, the concept of a Library OS (operating system) for Confidential Computing is gaining traction. Library OS projects create secure environments for applications by providing “auto” enclaves for process isolation. These enclaves, also known as runtimes or sandboxes, ensure that sensitive data remains protected even during processing. In this blog, we explore the significance of Library OS for confidential computing and highlight three key projects: Gramine, Occlum, and Enarx.

What is a Library OS?

A Library OS, or “libOS,” is a streamlined operating system that runs applications within secure enclaves. These enclaves isolate processes, providing a trusted execution environment (TEE) that safeguards data from unauthorized access and tampering. This approach is particularly valuable for confidential computing, where data must remain secure throughout its lifecycle, including during computation.

Key Projects in Library OS for Confidential Computing

Gramine
  • Overview: Gramine is an open-source Library OS designed to run applications in trusted execution environments. It supports Intel SGX and enables the secure execution of unmodified applications.
  • Features: Gramine provides robust security by isolating applications within enclaves, ensuring that data remains protected even if the underlying host is compromised. Its compatibility with existing applications makes it a versatile choice for enhancing data security.
  • GitHub: Gramine Project
Occlum
  • Overview: Occlum is a memory-safe, multi-process Library OS that supports Intel SGX. It aims to provide a secure and efficient environment for running applications within enclaves.
  • Features: Occlum ensures data confidentiality and integrity by isolating processes and providing strong security guarantees. Its design focuses on performance and scalability, making it suitable for a wide range of applications.
  • GitHub: Occlum Project
Enarx
  • Overview: While not a traditional Library OS, Enarx uses WebAssembly (Wasm) to provide similar benefits. It enables the secure execution of applications in TEEs, ensuring data privacy and integrity.
  • Features: Enarx leverages Wasm to create secure runtimes that can run across different hardware platforms. Its approach simplifies the deployment of secure applications, making it a compelling option for confidential computing.
  • GitHub: Enarx Project

The Importance of Library OS in Confidential Computing

Library OS projects like Gramine, Occlum, and Enarx play a crucial role in the realm of confidential computing. They offer a layer of security that ensures sensitive data remains protected during processing. By isolating applications within secure enclaves, these projects mitigate risks associated with data breaches and unauthorized access.

Conclusion

The concept of a Library OS for confidential computing represents a significant advancement in data security. Projects like Gramine, Occlum, and Enarx demonstrate the potential of this approach to enhance privacy and protect sensitive information. As the need for secure data processing continues to grow, these projects will play an increasingly vital role in ensuring the confidentiality and integrity of data in various applications.

Stay tuned for more insights into the world of confidential computing and the innovative projects that are driving this field forward.

Sep 09

Partisia Joins the Confidential Computing Consortium as a Start-up Tier Member

By Blog No Comments

We are pleased to welcome Partisia, a global pioneer in Multiparty Computation (MPC) and advanced cryptographic privacy, as a Start-up Tier member of the Confidential Computing Consortium (CCC). Their membership strengthens the CCC’s efforts to advance secure, privacy-preserving computing by bringing Partisia’s expertise in cutting-edge cryptographic solutions to the forefront of our initiatives.

Founded in 2008, Partisia has a long history of delivering commercial-grade MPC software solutions, with an initial focus on secure, high-stake auctions used for trading energy and spectrum licenses. Over the years, Partisia’s MPC solutions have evolved, becoming the foundation for various services, including key management, data activation, statistics, and various bespoke applications such as DeFi, voting, and e-cash.

Partisia’s commercial activities have also led to the creation of successful spinouts, such as Sepior, which was acquired by Blockdaemon in 2022, and the Partisia Blockchain Foundation. This Swiss-based foundation governs and launches a public blockchain built by Partisia.

By joining the Confidential Computing Consortium, Partisia aligns itself with a global community dedicated to defining and accelerating the adoption of confidential computing. This membership further solidifies Partisia’s commitment to addressing weak and single points of failure across digital infrastructures through commercializing advanced cryptographic technologies.

We eagerly anticipate the valuable contributions that Partisia will bring to the CCC and the broader tech community. As they continue to push the boundaries of secure, privacy-preserving computing, we are excited to see the innovative solutions they will develop.

Confidential Computing Consortium Resources

Aug 29

August Newsletter

By Newsletter No Comments

In Today’s Issue:

  1. Executive Director August Recap
  2. Agenda Released! CC Mini Summit @ OSSEU
  3. Post-Quantum Cryptography
  4. Web3 Use Case
  5. Community Blog Highlights

Welcome to the August edition of our newsletter – your guide to awesome happenings in our CCC community. Let’s go!

Executive Director August recap

While it’s holiday season in much of the Northern Hemisphere, the CCC’s work continues (uninterrupted even by the Olympics and Paralympics!), and as we’ve grown over the past few years, we’ve made the decision to continue Governing Board meetings throughout the year, instead of breaking for the (Northern) summer period.  The Governing Board manages the strategic and policy directions of the CCC, including budgetary decisions and the acceptance of new open-source projects into the Consortium.  Attendance is open to officers of the Consortium, Premier Member representatives, and the elected Governing Board representatives of the General Members.  Representatives from other committees typically attend and present the status of work in their respective areas and sometimes the Governing Board requests reports from other groups.

While keeping within the governance structure of the Consortium, we try to maintain a “minimal viable governance” approach.  Post-Covid (and changing travel budget constraints for many organizations), opportunities to meet in person have been reduced, so we are considering a face-to-face meeting (supplemented by video conferencing) at the Linux Foundation Member Summit in November: please let us know if you’re going to be there (even if you’re not a Premier member!).

One of the areas that the Governing Board has been keen to promote work on this year has been lowering barriers to the adoption of Confidential Computing.  One of these is the availability of Attestation Verification Services, which allow consumers of Confidential Computing services to gain the cryptographic assurances about the workloads they need.  Attestation is a core part of Confidential Computing, and the word “attested” was deliberately added to the CCC’s definition of Confidential Computing to reflect that:
“Confidential Computing is the protection of data in use by performing computation in a hardware-based, attested Trusted Execution Environment.”

The CCC has recently kicked off a piece of work to encourage discussion of business models around Attestation Verification Services and to help those considering providing or consuming them.  An initial discussion document has generated a great deal of input and the plan is to start a working group with online meetings later in August.  If you are interested in participating, please get in touch.

CC Mini Summit Agenda Announced!

Bringing EU Community Together

CCC is hosting the “Confidential Computing Mini Summit” at the Open Source Summit EU, Vienna Austria

  • 📢 Mini Summit Agenda
  • ⏰ Time: 13:30 – 17:00
  • 📍 Room 0.14 (level 0) – see floor plan here
  • 🎫 Mini Summit Registration Fee: $10
  • 💰 20% Discount Code for Main Summit: OSSEUCOLOSPK20
    (*Note: Registration for the main conference is required to attend the Mini Summit.)
  • Register Here

Post-Quantum Cryptography

Over the last few weeks at TAC meetings, we’ve been discussing the new evolution of cryptography called Post-Quantum Cryptography or PQC. As full-scale quantum computers become more and more likely, cryptographers have had to invent new algorithms that will remain secure against adversaries with new capabilities. In Confidential Computing, we rely on cryptography in a number of ways to protect workloads in use. As a trusted execution environment (TEE) starts we use cryptographic hash algorithms to fingerprint each component.

Later we use cryptographic signatures when the hardware attests to those measurements. While the workload is running the memory is protected with encryption and in some cases integrity provisions. Some of these algorithms are more impacted by quantum computing than others. Hardware vendors will need to update their algorithms. Software vendors may want to shield downstream adopters by carefully designing their APIs. If you are interested to learn more keep your eyes open for an upcoming blog on our Post Quantum Cryptography discussions or watch our Tech Talk.

TAC Tech Talk playlist 

Bringing EU Community Together

CCC is hosting the “Confidential Computing Mini Summit” at the Open Source Summit EU, Vienna Austria

  • 📢 Mini Summit Agenda
  • ⏰ Time: 13:30 – 17:00
  • 📍 Room 0.14 (level 0) – see floor plan here
  • 🎫 Mini Summit Registration Fee: $10
  • 💰 20% Discount Code for Main Summit: OSSEUCOLOSPK20
    (*Note: Registration for the main conference is required to attend the Mini Summit.)
  • Register Here

Web3 Use Case

Enabling Verifiable, User-Owned and Tradable AI Agents in Games – with Veriplay, Polygon, Immutable and Super Protocol

True Web3 Games, with their potential for rich gaming experiences, advanced AI agents, and genuine digital asset ownership, can only reach their full potential through the implementation of Confidential Computing in a truly decentralized manner. The Confidential Computing Consortium, alongside its member Super Protocol, is at the forefront of this revolution, demonstrating how these technologies can unlock new business opportunities.

Read the Full Use Case

Community Blog Highlights

Aug 29

July Newsletter

By Newsletter No Comments

In Today’s Issue:

  1. Executive Director July Recap
  2. The Case for Confidential Computing
  3. Community News
  4. OSS EU 2024, Confidential Computing Mini Summit

Welcome to the July edition of our newsletter – your guide to awesome happenings in our CCC community. Let’s go!

Executive Director July recap

Following the announcement of a 12-month free subscription to the CCC for new members of under 100 employees, we’ve had a steady stream of new members and it’s continuously growing! If you are a start-up and would like to get involved in the CCC’s work (or you know another organization that might be interested), please get in touch. You can find information about many of the benefits on our website.

This month, I went back in Asia, meeting members (and potential members) in South Korea and Singapore. The CCC sponsored the Privacy-Enhancing Technology Summit Asia-Pacific again this year and we had a fantastic turnout. Read the full recap blog here.

Having had the CC Summit in North America and the PET Summit in Singapore, we’re not about to leave out Europe, where we’re seeing increasing interest and traction for Confidential Computing. I led a panel discussion on CC for the European Central Bank with Parviz Peiravi from Intel and Felix Schuster from Edgeless Systems recently. And we’re also running a CC Mini-Summit at Open Source Summit in Vienna on the 19th September. No waltzes are promised, but there are opportunities to speak: still few more days to submit your talk! Mini Summit CFP

CCC’s Use Case Report is LIVE

As the collection, storage, and analysis of data become increasingly important across industries, businesses are looking for solutions that keep data secure and processes compliant with regulations. Confidential computing is one of these solutions, involving the use of a trusted execution environment that runs on shared infrastructure but processes data away from unauthorized users.

This use case report interviewed members of the confidential computing community on the ways they have implemented the technology and what they believe its future holds.

Read the Full Report

Community News

Meet us at Open Source Summit

Bringing EU Community Together

CCC is hosting the “Confidential Computing Mini Summit” at the Open Source Summit EU, Vienna Austria

  • ⏰ Time: 13:30 – 17:00
  • 🎫 Mini Summit Registration Fee: $10
  • 💰 20% Discount Code for Main Summit: OSSEUCOLOSPK20
    (*Note: Registration for the main conference is required to attend the Mini Summit.)
  • Register Here
Close Menu