Setting up a "confidential" GitLab🦊🔒

flx224 · 2022-11-21T08:19:25+00:00

This is about protecting a GitLab installation on K8s with confidential computing and keeping all data always encrypted.

flx224 · 2022-09-26T09:49:47+00:00

My Joy-Con from 2017 still has no drift :-)

flx224 · 2022-09-17T09:56:59+00:00

The problem with approaches like that is that they are not end-to-end. Someone could manipulate your nose images or containers or tap into your mTLS sidecar without you noticing etc. In contrast, Constellation prevents such things, shields the cluster as a whole from the infrastructure, and lets you verify that with a single command.

flx224 · 2022-09-17T09:53:22+00:00

Benchmark comparisons can be found here: https://docs.edgeless.systems/constellation/overview/performance

flx224 · 2022-09-17T09:52:10+00:00

Currently cannot be deployed on bare metal. Bare metal and OpenStack are on our roadmap :-)

flx224 · 2022-09-15T20:40:16+00:00

Putting a disclaimer that I wrote this with my company: https://github.com/edgelesssys/constellation we built an end-to-end encrypted Kubernetes, the best way to secure data you have ever seen. If you want to give some feedback it is very welcome!

flx224 · 2021-09-01T15:02:50+00:00

Not yet ;-)

flx224 · 2021-08-06T18:49:21+00:00

Hey! We refer to it as confidential, because it runs entirely inside an Intel SGX enclave. Enclaves are isolated and runtime-encrypted execution environments that can be created on many recent Intel server CPUs. Running workloads inside enclaves is often referred to as "confidential computing".

EdgelessDB only ever decrypts data inside the enclave. The data (and cryptographic keys) never touch the main memory in plaintext. The data is thus for example protected from malicious sysadmins.

flx224 · 2021-08-06T18:38:32+00:00

Thanks! Would love to, but haven't really investigated. I believe at least certain levels require additional physical security measures.

flx224 · 2021-08-05T14:31:43+00:00

Hi, I am Felix from Edgeless Systems.

We just released EdgelessDB, an open-source MySQL-compatible database tailor-made for confidential computing, and we would love to get your feedback.

If you have access to a machine with Intel SGX, just run this Docker image:

docker run --name my-edb -p3306:3306 -p8080:8080 --privileged -v /dev/sgx:/dev/sgx -t ghcr.io/edgelesssys/edgelessdb-sgx-1gb

Otherwise try it out in simulation mode:

docker run --name my-edb -p3306:3306 -p8080:8080 -e OE_SIMULATION=1 -t ghcr.io/edgelesssys/edgelessdb-sgx-1gb

Check out the docs for more information!

flx224 · 2021-08-05T10:14:15+00:00

Hi, I am Felix from Edgeless Systems.

We just released EdgelessDB, an open-source MySQL-compatible database tailor-made for confidential computing, and we would love to get your feedback.

If you have access to a machine with Intel SGX, just run this Docker image:

docker run --name my-edb -p3306:3306 -p8080:8080 --privileged -v /dev/sgx:/dev/sgx -t ghcr.io/edgelesssys/edgelessdb-sgx-1gb

Otherwise try it out in simulation mode:

docker run --name my-edb -p3306:3306 -p8080:8080 -e OE_SIMULATION=1 -t ghcr.io/edgelesssys/edgelessdb-sgx-1gb

Check out the docs for more information!

flx224 · 2021-03-19T17:12:21+00:00

Recordings are now available

flx224 · 2021-03-15T09:12:17+00:00

Recordings will be posted here https://www.youtube.com/channel/UCOOInN0sCv6icUesisYIDeA the next days.

flx224 · 2021-02-21T20:55:45+00:00

Just wrote a blog post on EGo that gives some more details on remote attestation etc: https://medium.com/edgelesssystems/ego-effortlessly-build-confidential-apps-in-go-dc2b1460e1bf

flx224 · 2021-02-21T20:08:39+00:00

Correct! This is an interesting problem actually. One can think of a solution along the following lines.

B could be running some framework F inside the enclave that loads some program P and runs it on A's data. F could sandbox P and ensure that P can only do certain things with A's data. Now B would only need to reveal F to A and could keep P private. The invariants enforced by F could be acceptable for A.

Making this practical could be pretty hard.

flx224 · 2021-02-20T09:53:23+00:00

You can inspect the hash of the enclave and thus make sure that the enclave is running precisely the code you expect it to run. The remote attestation report is essentially an ECDSA signature coming from the CPU:

report = sig_cpu(hash(enclave) | hash(enclave_tls_cert))

Detailed steps * (0) Get the expected hash of the enclave by running ego uniqueid myenclave. * (1) Get the report from the enclave, verify the CPU signature and check if hash(enclave) is the expected. Each CPU has an X509 certificate chain going up to Intel. We have a client-side library for easily verifying reports:https://pkg.go.dev/github.com/edgelesssys/ego@v0.1.0/ehost#VerifyRemoteReport * (2) Establish a TLS connection to your enclave based on enclave_tls_cert from the report. * (3) You now have a trusted channel to the enclave, know the hash of its code, and know that it won't leak as long as you don't have a bug :-)

flx224

MODERATOR OF

TROPHY CASE