Plans to support and why:
There are plans to support cloud providers as the root of trust. Although Nitro is not an enclave, some cloud providers do allow you to generate an attestation-like structure that asserts what disk image was used to boot a virtual machine. For cases where you’re willing to trust a cloud provider but still want an auditable code module as part of your app, we may consider adding support for this in the future.
AMD and Intel are in increasingly strong competition, and so we expect AMD to catch up with the SGX feature set in the future. Intel are also working on a SEV-equivalent feature for protecting entire (Linux) virtual machines from the host hardware. Conclave may add support for this at some point in the future as well.
Plans of not supporting and why not at this time :
- AMD SEV — strongly oriented around the protection of VMs in the cloud. Every protected domain has an owner that has full access to it. This makes it useless for multi-party comp utations where nobody should have access to the full state of the calculation.
It has no equivalent of SGX TCB recovery, meaning flaws permanently break the system. Prior versions of SEV have been rendered useless by the discovery of numerous fatal bugs in AMD’s firmware. Although patches were made available, there was no way to remotely detect if they are applied, which made patching meaningless.
ARM TrustZone — ARM TrustZone doesn’t have any form of remote attestation support. It’s meant for hardening mobile phone operating systems, and supported use cases don’t go beyond that. ARM will likely enhance their CPUs to support remote attestation in the future, and we will re-evaluate when such support ships.
AWS/Nitro — Nitro is the name Amazon uses to refer to in-house security technology on their custom servers that restrict access by AWS employees. It’s not an enclave and Amazon must still be assumed to have access to all your data, institutionally because they design and implement Nitro; thus you have only their assurance that there are no back doors or internally known weaknesses and of course you must assume sufficiently privileged administrators can override Nitro if they need to.