- From: Michael Kleber via GitHub <sysbot+gh@w3.org>
- Date: Fri, 11 Feb 2022 15:18:38 +0000
- To: public-patcg@w3.org
I've been trying to figure out how to think about MPC and non-MPC systems on an equal footing, and it seems to me that it's not as binary as our in-person discussion depicted it. @ekr took the position that for a Trusted Execution Environment approach like Amazon Nitro, there is not robust protection against an attacker with physical or side-channel access, so "you need to trust Amazon" — i.e. we need to pessimistically act as if Amazon can observe all the data the TEE processes, can steal the crypto keys the TEE uses, etc. To make a reasonable comparison, then, where do we expect the MPC helpers are embodied in the physical world? In particular: if a system's privacy requires two non-colluding helpers, then they must be running on two different cloud providers, and that those cloud providers are trusted to be non-colluding as well? -- GitHub Notification of comment by michaelkleber Please view or discuss this issue at https://github.com/patcg/proposals/issues/7#issuecomment-1036323229 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 11 February 2022 15:18:41 UTC