On Mon, Nov 26, 2018 at 05:00:39AM -0600, Dr. Greg wrote: > We will be interested in your comments as to why the proposal is > insufficient in the real world of FLC. > > I believe the proposed architecture can be defended as being effective > in the real world, as it allows the root user to use cryptographic > protections of access to the PROVISION bit and to enclave execution in > general. On FLC that is the strongest guarantee that can be > delivered. > > When we speak of 'unauthorized' users I believe we are speaking in the > parlance of discretionary access controls which has a much wider TCB > scope then the cryptographic model we are proposing. The model we > propose allows the platform owner (root) to effectively implement the > same level of security over the PROVISION bit that current locked > platforms have, in a free and open fashion of course. > > We can certainly attempt to explain our position further. I think kernel controlled provision would in all cases lower the mitigations of thread scenarios (at least what you've presented so far) assuming that a compromissed kernel could be detected fairly quickly, wouldn't it? Even without SGX, having a compromissed kernel, you can anyhow stealth your malware in many ways. /Jarkko
