Conversation

1/3 Thankyou

I entirely agree. "My major issue with SVR is that it’s something I basically don’t want, and don’t trust." Yep. And thanks for telling me I can at least generate a high-entropy password instead of a PIN - that is not at all obvious from the UI.

Quote Tweet

Matthew Green

@matthew_d_green

Jul 12, 2020

I wrote a post about why Signal’s “Secure Value Recovery” backup system (and decision to force users to choose PIN codes) has made me so concerned. blog.cryptographyengineering.com/2020/07/10/a-f

Show this thread

Replying to

and

Thanks for the careful and clear explanations! One thing I am curious about: if the threat model is "SGX gets pwned", how does this compare to the threat model of "your phone gets pwned by a Spectre-like attack"?

Replying to

and

(or, say, your desktop Signal app)

Replying to

and

A leaked key from any SGX implementation or from an Intel employee is enough to bypass the feature. They aren't just relying on the security of SGX but also an attestation system based on a root of trust. SGX also isn't a proper secure element. It's not isolated from the CPU.

5:47 PM · Jul 13, 2020Twitter Web App

Replying to

and

There's a pretty big difference between a targeted attack on a user vs. gaining access to the Signal servers (through compromise, insiders or legal requests) and then obtaining contacts + groups + profiles for the vast majority of users who didn't use a high entropy passphrase.

Replying to

and

It's true that if the server was actively compromised, an attacker can monitor metadata. Contact discovery also already relied upon SGX before this new feature. They previously had an approach using bloom filters which didn't rely on SGX but according to them it didn't scale.

Show replies