Welcome to the betrusted wiki!
betrusted.io aims to extend the boundary of security enclaves to include user I/O. Rather than just securing private keys and computing cryptographic operations on said key, betrusted.io aims to explore the minimum viable set of human computer interactions that can be securely implemented within the boundaries of a monolithic enclave.
Thus, in the context of a minimalistic computational environment of a self-contained security enclave, the big questions are:
- How do we implement multi-lingual IMEs and unicode font rendering? In other words, how do we accommodate the linguistic diversity of a global userbase?
- How do we implement the secure rendering of bitmap images? In other words, what's the trade-off between a sufficiently simple image format with a small attack surface and a sufficiently rich image format for interoperability?
- How to implement a secure chat? In other words, how do we get Signal to fit inside a secure enclave?
- How to implement a peer to peer secure voice call and/or audio snippets in chat?
Don't see your favorite use case on the list? See HCI target rationale.
Many of these questions have obvious or popular answers in the context of a fully featured mobile SoC (several GHz CPU, several GiB RAM). However, a self-contained cryptographic enclave is estimated to have a CPU that runs around a couple hundred MHz, with a few megabytes of RAM, and perhaps dozens of megabytes of storage (based on e.g. fabricating an enclave in a 40nm silicon process with a wirebonded in-package SPI ROM). See hardware systems architecture analysis for more details on these constraints.
Furthermore, simply pulling in existing open source frameworks for many of these applications introduces security surfaces that may be too difficult to harden, so some libraries need to be re-coded for the specific context of a security enclave.
See betrusted development plan for more information about the schedule and overall development plan.
Documents and notes
Let's keep notes and ideas about betrusted.io here.
Untriaged ideas can be kept in the ParkingLot
Making noise: avalanche noise source notes