In the first part of our exploration into verifiable confidential computing, we delved into the fascinating world of this technology. Building upon that, in this installment, we will shift our focus to the Humanode team’s strategic decision to embrace confidential computing, highlighting its advantages and acknowledging its limitations. Additionally, we will outline our approach to address these limitations, paving the way for the creation of trustless systems. Let’s dive right in.
Enabling Encrypted Computation on Biometric Data:
At Humanode, the goal is to empower encrypted computations on biometric data within a decentralized distributed system. The key principle behind our approach is to eliminate the need for decrypting the data at any stage of the process. Instead, we leverage homomorphic encryption to securely send encrypted data to any node in our system. These nodes can then compare the data with the rest of the encrypted dataset, ensuring the uniqueness of each individual.
Transitioning from CVMs to Homomorphic Encryption:
While our future vision relies on the implementation of a fully functional homomorphic encryption scheme, we currently employ a temporary solution that combines hardware encryption and Confidential Virtual Machines (CVMs). This approach allows us to handle biometric data securely, ensuring its confidentiality both in transit and at rest. By utilizing CVMs with memory encryption and external access restrictions, we maintain the desired level of data security.
Limitations and Trade-offs of CVMs:
While CVMs provide a valuable interim solution, they come with certain limitations that must be addressed. One such limitation arises when operating in a cloud environment, where control over the kernel, operating system, and BIOS becomes crucial for remote attestation. Unfortunately, the current CVM provider does not allow firmware specification, hindering our ability to execute end-to-end remote attestation and ascertain the code operating in the BIOS.
Seeking Transparency and Trustlessness:
To achieve a higher degree of transparency and trustlessness, we are actively exploring alternatives to relying on proprietary cloud provider solutions. Our approach involves deploying Confidential VMs that support remote attestation and allow us to set up our own firmware. This shift empowers us to control the entire stack, including the BIOS, and conduct secure attestation independently, without relying on third-party providers.
Verifiable Confidential Computing:
Enabling Trust and Security: Our ongoing efforts revolve around the latest version of CVM deployment, integrating two key features. First, we include our firmware to authenticate the loaded code, ensuring the integrity of the entire booting process. Second, we aim to have control over the host part of the system, further enhancing security measures. This combination enables us to establish a deterministic launch measurement, facilitating the comparison of our system’s code with that running in the cloud.
Empowering Individuals to Verify Code Integrity:
To enhance transparency, we plan to release the official disk image and kernel, allowing individuals to manually compute hashes and compare them with our verified launch measurement. Furthermore, we will provide access to the source code and all other components included in the image, empowering interested parties to review and build the same image from the source code. This step ensures that the code running on our VMs aligns with the intended purpose of verifying biometric uniqueness.
The Promise of Verifiable Confidential Computing: In summary, while homomorphic encryption remains the ideal solution for data privacy and security, our current utilization of hardware encryption with verifiable CVMs offers a temporary yet effective approach. As we progress towards the implementation of verifiable CVMs, we aim to provide isolation and verifiability as key features.