In theory you only need to trust the hardware to be correct, since it doesn't have the decryption key the worst it can do is give you a wrong answer. In theory.
In theory you only need to trust the hardware to be correct, since it doesn't have the decryption key the worst it can do is give you a wrong answer. In theory.
But can you trust the hardware encryption to not be backdoored, by design?
That's my point, this sounds like a way to create a backdoor for at-rest data.
By design, you don't trust it. You never hand out the keys so there's no secret to back door. The task is never unencrypted, at rest or otherwise.
You can if the manufacturer has a track record that refutes the notion, and especially if they have verifiable hardware matching publicly disclosed circuit designs. But this is Intel, with their track record, I wouldn't trust it even if the schematics were public. Intel ME not being disable-able by consumers, while being entirely omitted for certain classes of government buyers tells me everything I need to know.
> That's my point, this sounds like a way to create a backdoor for at-rest data.
I get the feeling honestly it seems more expensive and more effort to backdoor it..
Well yeah... You do the initial encryption yourself by whatever means you trust