Marks @Marks - 3mo
This is a new level of encryption. Confidential computing uses enclaves on both the CPU and the GPU to encrypt the data while processing. The services use attestation to verify that they are running the proper software and sever the connection if the code has been tampered with. So yes, E2EE typically is about encrypting data in transit. Now we can encrypt on the processing unit and in the memory.
semisol @semisol - 3mo
Contrary to popular belief, enclaves do not have encrypted state The isolation and confidentiality is enforced by the AWS Nitro hypervisor Any code on the hypervisor can bypass confidentiality
