HsmEnclave VS ContactDiscoveryService

They built a solution for private contact discovery using Intel SGX which allows looking up contacts without revealing the social graph to the server. The code is run in an SGX enclave which clients will run remote attestation to verify the code (and soon they'll switch to an HSM enclave: https://github.com/signalapp/HsmEnclave).

[1] https://signal.org/blog/private-contact-discovery/

Signal uses SGX for remote attestation, which presumably lets the client verify that the code running on the server is a build of the OSS code and not a modified version. But I don't know the details or if this is reliable.

SGX and remote attestation described here:

https://signal.org/blog/private-contact-discovery/

Signal does private contact discovery and the effort they've gone to to do this is quite impressive.

TEEs have numerous privacy-enhancing applications that may benefit users. One of them is, as discussed earlier, private contact discovery; the Signal application uses a contact discovery service enhanced using Intel SGX, a TEE technology, to protect its users' privacy. A similar application of TEEs is performing malware analysis in a remote cloud service, so that the service may not identify users by the contents of their devices, such as the applications they have installed, especially important as 98.93% of users may be uniquely identified by the list of applications they have installed.

Signal (or, more accurately, one of its predecessors) used to use client-side private set intersection for contact discovery, but this scales poorly [1].

Now they use a solution based on Intel SGX and server-side trusted computing [2].

[1] https://signal.org/blog/contact-discovery/

[2] https://signal.org/blog/private-contact-discovery/