One of the many interesting things in Vernor Vinge's near future SF novel 'Rainbows End' is that all computing hardware has a legal requirement to have a Secure Hardware Environment (SHE) which is basically a secure government controlled enclave on every computing device:
What I learned recently is that, at least in the open source world:
1) there is a very tiny number of mcu that you can use without NDA, and thus there's little choice and you often have to trade off between features
2) having crypto in hardware reduces exportability and thus increases cost
For example, in making Solo (open source security key) [1], we were planning to use NRF or SAM L11 chips, but gave up because of power consumption or flash available. We ended up with STM32L4, and we had to go for L432 that doesn't have AES in hw because it's cheaper and easier to find than the L442 with AES.
Conor recently spoke about this at Shmoocon 2019: [2].
Sometimes it can be useful for the user to have software they provably can't tamper with. The Golem project is making a marketplace for distributed computing where anyone can offer to sell computing power. Users who submit workloads have the option of requiring that their workload execute inside of a secure enclave, so that whoever hosts their workload can't read its resources or tamper with it.
By owning a CPU with a secure enclave feature, you gain the ability for people to trust you to not be able to tamper with their workloads. I think of this has a very pro-user feature in this scenario.
In my hardware security course we were recreating state of the art cache side channel and rowhammer attacks (at the Vrije Universiteit Amsterdam, the final project was to reimplement an attack published by the VUSec group).
They don't seem to be quite prevalent here, I wonder what gives.
No required reading for the following has been mentioned there, while everything else has. If anyone has anything interesting required reading in mind for the following 5 items, please contribute.
