Yesterday at R3’s CordaCon in London, the firm unveiled research into a possible second R3 product. Former lead engineer Mike Hearn is now working full-time on Conclave, a new trusted computing solution to enhance privacy and security.
Largescale cybersecurity attacks are now a common occurrence. Hackers often exploit a vulnerability in one piece of software to infiltrate a computer’s operating system. And they can then undermine the entire machine. One solution is quite similar to what we do in the physical world.
Some homes have safe rooms. Even if someone breaks into the building, the person inside the room is secure.
In the computing world, the equivalent is trusted computing. Chipsets that support secure enclaves allow pieces of software code and data to be ringfenced so that the memory it uses cannot be accessed by any other process running on the computer, even the operating system.
Conclave – a play on enclave – is the name for R3’s research product which hopes to make ‘Enclave oriented computing’ (EoC) accessible to developers. In other words, Conclave aims to make it easier for software developers to make sure the saferoom door isn’t breached.
“In the same way that Corda is about making building blockchain apps easier by hiding the technical details from you, so Conclave is about making enclave development easy by hiding the technical details,” said Hearn.
The solution is still at an early stage. It’s not yet ready for beta testing, but Hearn is keen for people to start signing up. He’s unveiling it now to get feedback from the community to help to focus development and to gauge the level of interest.
Since the very early days, R3 said it planned to work with Intel’s new SGX chipset which supports secure enclaves. More recently, Hyperledger and the Enterprise Ethereum Alliance have also started to pursue this avenue for distributed ledger privacy.
Hearn argued that one of the reasons for the industry interest is because other privacy solutions such as Zero-Knowledge Proofs (ZKP) have proven slow in terms of performance and hard to implement. And as the blockchain networks go into production, they need practical privacy solutions fast. His talk at CordaCon coincided with another by ING where they unveiled a ZKP privacy solution for Corda.
The Conclave project aims to generalize the work already done for Corda smart contracts to run inside Intel SGX enclaves. In future, it’s conceivable that developers could apply Conclave for use cases within a single company rather than for Corda.
However, it’s logical with limited resources to focus on blockchain-related solutions. And multiparty computation (MPC) is the initial target, though the potential for other applications is vast. MPC involves running calculations on numbers, perhaps from twenty different companies, and sharing the result without anyone seeing the underlying data. Even the person operating the computer cannot access the information.
An example that springs to mind is the U.S. organization AAIS which acts as a trusted third party for the insurance industry. It collects data from the sector for regulatory reporting, but also provides market statistics to the insurers based on the data. AAIS gets to see all the data, but with something like MPC, a trusted third party would not be needed.
“We think that multiparty computation is going to be a fundamental capability that all blockchain systems will be expected to have in the coming years,” said Hearn. “Not just [for] private data on ledger, but the ability to come together and contribute data into a shared calculation and get out your little bit of the answer in ways that are secure; such that no one ever sees that pool of data; no one ever sees that whole set of data used for the calculation.”
Under the hood
So we’ve established what Conclave could be used for, but why can’t any developer write code for a secure enclave? It turns out it’s rather hard.
“Enclaves change how computers work in a fundamental way, and suddenly the operating system is no longer all powerful,” explained Hearn. “It’s had the ability to see inside your enclave taken away from it. And now it’s an adversary who might try and trick you in various ways.”
The developer also has to be concerned about how trustworthy other components are like the graphics card and especially the computer’s clock. Being able to manipulate time is a significant avenue for cyberattacks. As a result, in the early stages, Conclave won’t deal with time-sensitive operations, until Hearn is confident they can be secure.
Developers might be tempted to put a lot of data inside the enclave, but that’s undesirable. The objective is that everything that happens inside the enclave should be audited. So if there’s were lots of database changes, then every update has to be checked, which becomes expensive.
Even if the data is encrypted and safe inside the enclave, it’s possible to leak information. For example, if it’s a number, the size of the data going into the enclave could be a clue that it’s a large number. Hence Conclave will standardize message sizes. But the message content is checked, and if the real content is bigger, it may take longer to inspect, revealing a little information.
With security and privacy, there are often tradeoffs in terms of efficiency and performance. Hearn aims to make it more like a dial that the developer can select the efficiency level rather than having to dive deep into the enclave code.
And as secure as enclave computing might be, it still proved vulnerable to major design vulnerabilities such as Spectre and Foreshadow which Intel has now addressed.
But assuming the CPU is not undermined then “everything on the motherboard is against you except the CPU, and as a consequence, you must use cryptography and clever design to survive in this harsh environment,” said Hearn. “But if you can do that, you can do really useful things.”