At Zxs, we have been involved in several AWS Nitro Enclave-related projects. We have noticed a few areas where the AWS documentation doesn’t clearly mention some cryptographic considerations. We have discussed these issues with the security team at AWS and we understand that their hands are tied: they can’t easily change their existing design/APIs and they don’t want to risk confusing their developers by appending their documentation.
Blog
Short (usually) posts for your enjoyment.
-
Thoughts on AWS Nitro Enclave ⇔ AWS KMS interactions
Cryptography Aws nitro enclave December 15, 2024
-
Confidential Computing at 1Password: audit report
Cryptography Aws nitro enclave November 29, 2024
Zxs conducted an external security assessment of 1Password’s Confidential Computing system. 1Password leverages AWS Nitro Enclaves to provide server-side features while preserving a security and privacy profile equivalent to their current end-to-end setup.