Hasty Briefsbeta

Bilingual

Confidential computing's core trust mechanism is broken. The fix may not exist

10 hours ago
  • #Cybersecurity
  • #Digital Sovereignty
  • #Confidential Computing
  • Confidential computing relies on remote attestation to prove a server runs in a genuine Trusted Execution Environment (TEE) before sharing sensitive data.
  • New research reveals flaws in attested TLS protocols used in confidential computing, allowing relay attacks where a client’s connection can be redirected to a compromised server without detection.
  • The study formalizes three levels of cryptographic binding for attestation, with level three (tying evidence to application traffic keys) potentially unattainable in current intra-handshake architectures.
  • Real-world implementations like Meta’s WhatsApp, Edgeless Systems’ Contrast, and Cocos AI are vulnerable, leading to CVE-2026-33697, a high-severity vulnerability.
  • Despite responsible disclosure, the Confidential Computing Consortium’s Attestation Special Interest Group delayed creating a repository for the research artifacts, raising concerns about vendor influence.
  • Germany’s Federal Office for Information Security (BSI) cautions that confidential computing alone cannot meet digital sovereignty requirements, highlighting dependencies on external services.
  • Intel and Google continue marketing confidential computing for sovereignty, but Intel avoided addressing legal risks under U.S. laws like RISAA, while Google did not respond.
  • The IETF has incorporated formal verification into its standards process, but the sales pitch for confidential computing often overlooks these fundamental security gaps.
  • The researcher recommends abandoning intra-handshake attestation in favor of post-handshake methods to achieve stronger security guarantees.