Can confidential computing stop the next crypto heist?

Amid the theft of billions of dollars in cryptocurrency over recent months, confidential computing may have a role in protecting people's money in future.

Confidential computing aims to isolate sensitive data and code without exposing it to the rest of the host system – including other applications and users, any rogue insiders, intruders, malicious administrations, and compromised kernels and hypervisors. It does this by processing data out of sight in private memory using hardware-based secure enclaves.

Fireblocks is one firm of many that focuses on digital asset infrastructure for banks, cryptocurrency exchanges, NFT marketplaces and other organizations that want to build blockchain-based products. And it argues that secure enclaves, when implemented properly and with the right host support, can be used to safeguard valuable secrets from intruders, compromised software, and malicious insiders.

"When you think about digital asset security, the first thing that you need to protect is the private key of the wallet," Fireblocks co-founder and CTO Idan Ofrat told The Register. 

There are alternate technologies, such as cryptographic hardware security modules (HSMs) and other key management systems, which may be enough for your use case. In the digital asset space these aren't secure enough, Ofrat claimed, natch.

You can set up secure virtual machines and containers to handle this info, though these could be attacked by rogue administrators and malicious low-level software, something that hardware-protected enclaves should be able to stop, in theory.

And there are, of course, ways to defeat today's secure enclaves. But if they work as expected and intended, the enclaves can offer a complete walled garden from snoops in a way simple VMs, say, can't. Again, in theory.

If you want to go to great lengths, you can – for instance – have one party store sensitive data in an enclave, have another party run their code in the protected space – with attestation to prove the code hasn't been tampered with – and send a simple result back to that second party.

That way, the first party's data isn't exposed to the second party, and the second party can provide a service, such as fraud detection or predict a medical diagnosis. There are other forms of multi party computation that can be used with these enclaves to shield workloads and data from others on remote systems.

Private key security

"Confidential computing is much more powerful because it allows you to protect the entire flow including the generation of the transaction, the policies that you want to apply to this transaction and who approves it, and then also protect the private key itself," Ofrat argued.

That said: a lot of the billions in crypto-coins stolen lately were done so via smart contract bugs or poor access controls, as seen in the Ronin Bridge heist, which secure enclaves may or may not have been able to stop. But in terms of blocking off malicious entities on host servers, the enclaves have a potential use there.

Fireblocks uses confidential computing and multi-party computation for securing and using private keys. The specific implementation is based on the concept of threshold signatures, which distributes the generation of key shares across multiple parties and requires a "threshold" of these shares (for example, five of the eight total shares) to sign a blockchain transaction. 

"Off-the-shelf key management products like HSMs don't support the algorithm that you need for multi-party computation," Ofrat adds. "So in order for us to both protect the key but also use multi-party computation to break the key into multiple shards, the only way to do it is confidential computing."

All of the major cloud providers have their own flavor of confidential computing, and at their respective conferences last month both Microsoft and Google added services to their confidential computing portfolios. 

Pick your flavor

Google, which first introduced its Confidential Virtual Machines in 2020, announced last month Confidential Space, which offers secure multi-party collaboration. This, according to Google Cloud Security VP and GM Sunil Potti, will let organizations work on sensitive data privately while strictly limiting access to said info.

For example, banks can work together to identify fraud or money laundering activity without exposing private customer information to extra parties and breaking data privacy laws in the process. Similarly, healthcare organizations can share MRI images and collaborate on diagnosis while locking down who exactly can and can't access the data, Potti said at the event.

Meanwhile, Microsoft also announced the general availability of its confidential virtual machine nodes in Azure Kubernetes Service in October. Redmond first demonstrated confidential computing at its 2017 Ignite conference, and Azure is widely considered the most mature provider of the still-nascent technology.

Amazon calls its confidential computing product AWS Nitro Enclaves — but as all cloud customers with data spread across multiple environments quickly discover, providers' services don't always play nice with each other. This holds true for confidential computing technologies, which has created a market for companies like Anjuna Security.

Or use cloud-agnostic software

Anjuna developed confidential computing software that allows companies to run their workloads on any hardware and in any cloud providers' secure enclaves without having to rewrite or otherwise modify the application. This makes securing sensitive data really easy, Anjuna CEO and co-founder Ayal Yogev tells The Register. 

He likens his company's cloud-agnostic software for confidential computing to the ease of the transition to HTTPS for protecting websites. "We make it super simple to use."

• How Intel and AMD hope to win the cloud security game
• Microsoft, Nvidia extend Azure confidential computing to GPUs
• AWS users can finally use Nitro Enclaves on Arm Graviton EC2 instances
• Red Hat backs CNCF project, spills TEE support over Kubernetes

Anjuna's customers include the Israeli Ministry of Defense, banks and other financial services firms, and digital asset managers.

While Fireblocks started using Azure Confidential Computing when the service was available in preview, and its core is built on Intel SGX for secure enclaves, "we want to give out customers options, like AWS Nitro or GCP," Ofrat says. "Customers can choose whatever cloud partner they want, and Anjuna supports all of them."

Will it go mainstream?

A recent Cloud Security Alliance survey [PDF], commissioned by Anjuna, found 27 percent of respondents currently use confidential computing and 55 percent plan to do so in the next two years. 

Ofrat says he expects confidential computing to become more mainstream across cloud environments over the next three or five years. 

"This will support Web3 use cases, but also government and healthcare use cases around privacy," he adds. 

Benefits of confidential computing even extend to protecting against ransomware and IP theft, Ofrat tell us, noting the rumored Disney movie theft in which crooks reportedly threatened to release film clips unless the studio paid a ransom.  

"They could take this simple technology and encrypt movies before they're out," he says. "The technology can be really beneficial."

And keeping stolen cryptocurrency out of crooks' hands wouldn't be such a bad thing, either. ®