top | item 32448427

(no title)

But then, all usages of SGX, not only DRM, would be compromised easily.

I don't know, for instance, if password wallets use it for protecting their data when they are loaded, but that would lead to pretty bad consequences.

discuss

josephcsible|3 years ago

I'm pretty sure that no password wallets, or any other legitimate security, relies on SGX.

mmis1000|3 years ago

These usually relies on TPM. Which is always designed as 'no private key can be extracted physically'.

If your hardware enhanced wallet relies on SGX, It sounds it is defected as it shouldn't be readable after first write at first place.

And why did you think you need signing key for SGX to extract info from it? You only need the decrypt key (Which is already been pwned). Lack of signing key only prevent you from running random program in SGX but not decrypt existing one.