Open eriktaubeneck opened 2 years ago
My concern here would be if an attacker controls the cloud provider and the first/delegated party, and all coordinators run on that cloud provider, the attacker can construct the entire private key and decrypt the data.
As for getting the key into the TEE, I believe we are assuming a secure communication channel between the coordinator and the TEE (i.e. the TEE has an internal private key with an externally known public key, allowing the coordinator to send in encrypted data that even the TEE operator couldn't see.)
Ah, sorry I missed this assumption. What you have makes sense in that case, although this is a difference in how the ARA deployment works (which does put root of trust in the cloud operator). I think as long as this is an optional mitigation I am fine with it.
_Originally posted by @csharrison in https://github.com/patcg/docs-and-reports/pull/14#discussion_r1002112095_
I think this deserves more discussion, as it seems like a reasonably fundamental assumption.
_Originally posted by @csharrison in https://github.com/patcg/docs-and-reports/pull/14#discussion_r1001887110_