{"@attributes":{"version":"2.0"},"channel":{"title":"blog katexochen","link":"https:\/\/katexochen.aro.bz\/","description":"Recent content on blog katexochen","generator":"Hugo","language":"en-us","copyright":"Paul Meyer","lastBuildDate":"Wed, 29 Apr 2026 09:00:00 +0200","item":[{"title":"Secure signatures without a private key","link":"https:\/\/katexochen.aro.bz\/posts\/reproducible-secure-signatures\/","pubDate":"Wed, 29 Apr 2026 09:00:00 +0200","guid":"https:\/\/katexochen.aro.bz\/posts\/reproducible-secure-signatures\/","description":"<p><em>Reproducible builds allow anyone to verify that a binary matches its source code.\nBut what if the build artifact must contain a cryptographic signature?\nReproducing the signature requires the private key, which defeats the purpose of reproducibility.\nIn this post, we present a technique based on ECDSA public key recovery that produces signatures which are both secure and fully reproducible, without anyone ever knowing a private key.<\/em><\/p>\n<h2 id=\"build-artifacts-with-signatures---a-reproducibility-issue\">Build artifacts with signatures - a reproducibility issue<\/h2>\n<p>Remote attestation is a fundamental part of Confidential Computing.\nIt can be used to prove what software is running in a remote environment.\nUsers of such an attested environment do not need to trust the software vendor, excluding them from the trusted computing base<sup id=\"fnref:1\"><a href=\"#fn:1\" class=\"footnote-ref\" role=\"doc-noteref\">1<\/a><\/sup>.<\/p>"},{"title":"Reproducing and mitigating BadAML","link":"https:\/\/katexochen.aro.bz\/posts\/badaml\/","pubDate":"Thu, 26 Mar 2026 08:55:44 +0100","guid":"https:\/\/katexochen.aro.bz\/posts\/badaml\/","description":"<p><em>BadAML is an attack that exploits host-supplied ACPI tables to gain arbitrary code execution inside confidential VMs, bypassing their memory isolation guarantees.\nWorking on Contrast, we reproduced the attack end-to-end against our stack and mitigated it with an AML sandbox that restricts bytecode execution to shared memory pages.<\/em><\/p>\n<h2 id=\"on-untrusted-ground-protecting-guests-with-confidential-computing\">On untrusted ground: Protecting guests with confidential computing<\/h2>\n<p>Confidential Computing (CC) is a paradigm that aims to protect trusted workloads on an untrusted, remote platform.\nUsing Trusted Execution Environments (TEEs) and their two basic primitives, memory isolation and remote attestation,\nit can secure a confidential workload in a hostile environment, protecting against a potentially malicious infrastructure\nprovider<sup id=\"fnref:1\"><a href=\"#fn:1\" class=\"footnote-ref\" role=\"doc-noteref\">1<\/a><\/sup> or platform operator. Today, TEEs most commonly come in the form of confidential virtual machines (CVMs),\nwhich are isolated from the host and other VMs through a set of ISA extensions and chip properties provided by the CPU vendor (AMD SEV-SNP, Intel TDX, ..).<\/p>"}]}}