It would be wonderful if SGX weren't a pile of hacks in a trenchcoat pretending to be a secure enclave, but
Conversation
This Tweet was deleted by the Tweet author. Learn more
Intel built SGX for DRM but then didn’t get a whole lot of buy-in from DRM companies, so they tried to pivot to more general purpose secure enclave... poorly...
1
11
TrustZone sucks for almost anything other than DRM too.
TrustZone as a technology is an exception handler. It’s not really comparable to SGX.
1
4
I'm comparing it with implementations of it like QSEE rather than the standardized interface for calling it.
SGX shares a lot more in common with those than dedicated secure elements. Even a SIM card or eSIM is a superior technology for a secure enclave than the SGX approach.
2


