Attested-enclave networks
"An attested network is a governed network—where each app is its own government."
Believe it or not, there are people who see me mainly as a computer scientist. I am not officially a computer scientist because I never came close to finishing my PhD. But I have indeed done some computer science stuff. I generally do not plug that here or this there—it is bad to cross the streams.
Sometimes the streams have to be crossed, because we have to know what is possible. Here is something that is possible. It would work well with my stuff but does not, of course, strictly depend on it. My stuff is a personal server; there are many personal servers; mine is the one I like. Here is the user experience that I want.
I want to be able to sit down in front of any uncompromised console on Earth, validate my permanent identity, and see all of my persistent state on my own personal server. On that server, I want to run persistent applications which use that state. And I want my applications to be able to communicate with my friends’ applications.
So far, this is conventional distributed computing. But suppose we add a constraint: this network of servers should be attested.
What does network attestation mean? How does it improve the security and/or user experience of the network?
Secure enclaves and attested networks
In an ordinary network, such as the raw Internet, the network programmer’s mantra is: be liberal in what you accept, and conservative in what you send.
If you are a network node, you have no idea what software sent you a packet, and no idea what software your packet is being sent to. Outside your network card is anarchy. This is the normal assumption of network programming. But the existing hardware technology of secure enclaves can invalidate this assumption.
A secure enclave allows an operating system to run code inside a sort of encrypted castle, whose internal data can neither be modified nor read. All the OS outside the castle can see is its input and output. But the OS can attest to what code the castle is running—and that attestation can be remote: it can be validated by other castles.
If the castle is running a deterministic general-purpose functional operating system, a network of these castles can form an attested network—in which every node can verify what software every other node is running.
What is the power of an attested network? Consider a simple cell-phone application such as Signal, with expiring messages. Signal, a wonderful product, is of course the Apple of practical message encryption. Everything Signal does is absolutely the best. Still, when you send a spicy expiring message to your friend, this “friend” could be running a bogus Signal clone that logs the message. Signal cannot prevent this.
On an attested network, these castles exchange packets through an armored pipe. The data is encrypted at each layer, and the software of each peer, at every layer, is attested as the version stack of the application at that layer. A messaging application on this network can enforce expiring messages, because it will refuse to communicate with a bogus counterparty application that it does not recognize.