Author

Topic: RFC: Private outsourced computations (Read 518 times)

legendary
Activity: 2142
Merit: 1010
Newbie
November 27, 2015, 09:26:37 AM
#1
Our team is designing a general-purpose processor that will have protected memory. Code residing in that memory can only be rewritten or executed, not read. We are looking for review of the following scheme:

The processor has a private key of the processor manufacturer stored in ROM.
Alice can store (an)other private key(s) in the processor, she needs physical access to the hardware for that.
Bob can purchase the processor from Alice and add his own key(s) too.
Charlie can encrypt code with public keys of Bob, Alice and the manufacturer and ask Bob to execute the code.
None of the parties except Charlie can decrypt the code.
The result of execution can be encrypted with symmetric encryption algorithm of Charlie's choice, the code itself can contain the algorithm and the key, so only Charlie will be able to decrypt the result.

Do you see security holes in this scheme assuming that at least one of the manufacturer, Alice and Bob won't corrupt?
Jump to: