CINXE.COM
Confidential Computing or Cryptographic Computing? – Communications of the ACM
<!doctype html> <html lang="en-US"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <script id="Cookiebot" src="https://consent.cookiebot.com/uc.js" data-cbid="095b91a6-f087-4380-b01d-e44b1c2af358" data-blockingmode="auto" type="text/javascript"></script> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-XYTVD2CXR4"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-XYTVD2CXR4'); </script> <title>Confidential Computing or Cryptographic Computing? – Communications of the ACM</title> <meta name='robots' content='max-image-preview:large' /> <style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style> <link rel='dns-prefetch' href='//cdn.parsely.com' /> <link rel='dns-prefetch' href='//stats.wp.com' /> <link rel="alternate" type="application/rss+xml" title="Communications of the ACM » Feed" href="https://cacm.acm.org/feed/" /> <link rel="alternate" type="application/rss+xml" title="Communications of the ACM » Comments Feed" href="https://cacm.acm.org/comments/feed/" /> <link rel="alternate" type="application/rss+xml" title="Communications of the ACM » Confidential Computing or Cryptographic Computing? Comments Feed" href="https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/feed/" /> <script class="wp-asset-manager usage-logger" type="text/javascript">window.amScripts = window.amScripts || {}; window.amScripts["usage-logger"] = {"nonce":"0a0041155a","id":762197,"type":"digital-library","doi":"10.1145\/3677616"}</script><style class="wp-asset-manager cacm-global-critical" type="text/css">@font-face{font-display:swap;font-family:Inter;font-style:normal;src:url(../be7cb18dc7caf47cf7e9.woff2) format("woff2"),url(../817c4274293e221c5076.woff) format("woff")}@font-face{font-display:swap;font-family:Inter;font-style:normal;font-weight:700;src:url(../54321e26b8bf4739a16d.woff2) format("woff2"),url(../7ad0df5561cc0933cead.woff) format("woff")}@font-face{font-display:swap;font-family:Work Sans;font-style:normal;font-weight:500;src:url(../2dd7c3c79fd1aa1d85ca.woff2) format("woff2"),url(../9a8cbe3b3bec955df411.woff) format("woff")}@font-face{font-display:swap;font-family:Work Sans;font-style:normal;font-weight:700;src:url(../ab8702255905c24de1c1.woff2) format("woff2"),url(../9ab52d2504cfe145b9bd.woff) format("woff")}@font-face{font-display:swap;font-family:Work Sans;font-style:normal;font-weight:800;src:url(../cef488e4e9f273a0a1e3.woff2) format("woff2"),url(../a99bf2b51c426338ae2c.woff) format("woff")}html{box-sizing:border-box}html *,html :after,html :before{box-sizing:inherit}a,abbr,address,article,aside,audio,b,blockquote,body,canvas,caption,cite,code,dd,del,details,dfn,div,dl,dt,em,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,object,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,u,ul,var,video{margin:0;padding:0;border:0;font-size:100%;font:inherit;vertical-align:baseline}article,aside,details,figcaption,figure,footer,header,menu,nav,section{display:block}ol,ul{list-style:none}blockquote,q{quotes:none}blockquote:after,blockquote:before,q:after,q:before{content:"";content:none}table{border-collapse:collapse;border-spacing:0}fieldset{border:none;margin:0;padding:0}button,input,select,textarea{-webkit-appearance:none;-moz-appearance:none;appearance:none;border:0;border-radius:0;font:inherit;margin:0}button{background-color:transparent;padding:0}body,html{font-family:var(--wp--preset--font-family--inter);-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}html{scroll-padding-top:var(--wp--custom--siteheader-height)!important}body{overflow-x:hidden}a img{display:block}img{height:auto;max-width:100%}svg{display:block}.container{margin-left:auto;margin-right:auto;width:calc(min(100%,var(--wp--style--global--wide-size) + var(--wp--custom--site-edge)*2) - var(--wp--custom--site-edge)*2)}.screen-reader-only{border:0;clip:rect(0,0,0,0);height:1px;margin:-1px;padding:0;width:1px}.screen-reader-only,.skip-link{overflow:hidden;position:absolute}.skip-link{margin-left:auto;margin-right:auto;background-color:var(--wp--preset--color--white);color:inherit;left:0;opacity:0;padding:.625rem;right:0;text-align:center;text-decoration:none;top:0;transform:translateY(-100%);width:-moz-max-content;width:max-content;z-index:-1}.skip-link:focus{opacity:1;transform:translateY(0);z-index:2147483647}.site-content{padding-top:var(--wp--custom--siteheader-height)}@media(min-width:48rem){.site-content{padding-top:var(--wp--custom--siteheader-height)}}.site-header-hamburger-menu[aria-hidden=true]{display:none}.site-header-membership-nav{align-self:stretch;display:flex;position:relative}.site-header--expanded .site-header-membership-nav,.site-header:not(.site-header--member-logged-in) .site-header-membership-nav{display:none}.site-header{position:fixed;width:100%;z-index:7}.site-header--expanded{height:100%}.site-header--no-js{opacity:0}.site-header.headroom{transition:transform .2s linear;will-change:transform}.site-header.headroom--pinned{transform:translateY(0)}.site-header.headroom--unpinned{height:auto;transform:translateY(-100%)}.site-header-container{align-items:center;background-color:var(--wp--preset--color--white);border-bottom:var(--wp--custom--border-gray);display:flex;gap:1rem;height:var(--wp--custom--siteheader-height);justify-content:space-between;padding:0 1rem}.site-header-container a{text-decoration:none}.site-header-container a:active,.site-header-container a:focus,.site-header-container a:hover{text-decoration:underline;text-decoration-color:inherit;text-decoration-thickness:1px;text-underline-offset:2.5px}@media(min-width:37.5rem){.site-header-container{padding:0 1.5rem}}@media(min-width:48rem){.site-header-container{padding:0 0 0 1rem}}@media(min-width:64rem){.site-header-container{gap:2.25rem}}@media(min-width:80rem){.site-header-container{gap:3rem}}.site-header--member-logged-in .site-header-container{padding:0 0 0 1rem}@media(min-width:37.5rem){.site-header--member-logged-in .site-header-container{padding:0 0 0 1.5rem}}.site-header--expanded .site-header-container{background-color:var(--wp--preset--color--cacm-darker-blue)}@media(max-width:47.9375rem){.site-header-logo,.site-header-search{margin-left:auto}}.site-header-member-login-link{font-weight:var(--wp--custom--font-weight-bold)}.site-header-member-login-link[aria-hidden=true]{visibility:hidden}@media(max-width:47.9375rem){.site-header-member-login-link{display:none}}.site-header--member-logged-in .site-header-member-login-link{display:none}.site-header-magazine-menu,.site-header-topics-menu{position:relative}.site-header-magazine-menu-toggle,.site-header-topics-menu-toggle{font-size:.9375rem;font-weight:var(--wp--custom--font-weight-regular);line-height:1.21;align-items:center;cursor:pointer;display:flex;gap:.3333333333rem}@media(min-width:80rem){.site-header-magazine-menu-toggle,.site-header-topics-menu-toggle{font-size:1rem;font-weight:var(--wp--custom--font-weight-regular);line-height:1.21;gap:.65625rem}}.site-header-magazine-menu-toggle[aria-hidden=true],.site-header-topics-menu-toggle[aria-hidden=true]{visibility:hidden}.site-header-magazine-menu-toggle[aria-expanded=true]>svg,.site-header-topics-menu-toggle[aria-expanded=true]>svg{transform:rotate(180deg)}.site-header-magazine-menu-toggle:focus,.site-header-magazine-menu-toggle:hover,.site-header-topics-menu-toggle:focus,.site-header-topics-menu-toggle:hover{text-decoration:underline}.site-header-magazine-menu-expanded,.site-header-topics-menu-expanded{background-color:var(--wp--preset--color--white);border-radius:.3125rem;box-shadow:0 .125rem .25rem -.125rem rgba(24,39,75,.12),0 .25rem .25rem -.125rem rgba(24,39,75,.08);display:flex;gap:1.875rem;justify-content:space-between;padding:1.75rem 1.875rem 1.5rem;position:absolute;right:0;text-align:left;top:2.28125rem;white-space:nowrap;z-index:4}.site-header-magazine-menu-expanded[aria-hidden=true],.site-header-topics-menu-expanded[aria-hidden=true]{display:none}@media(max-width:47.9375rem){.site-header-magazine-menu,.site-header-topics-menu{display:none}}.site-header:not(.site-header--member-logged-in) .site-header-topics-menu-expanded{left:0;right:auto}</style><style class="wp-asset-manager cacm-article-critical" type="text/css">.article-header{left:50%;margin-left:-50vw;margin-right:-50vw;position:relative;right:50%;width:100vw;background-color:var(--cacm--article-header--background-color);border-bottom:1px solid var(--cacm--article-header--border-color);color:var(--cacm--article-header--text-color);margin-bottom:var(--wp--custom--gap)}@media(min-width:48rem){.article-header{grid-area:header;margin-bottom:1.5rem}}.article-header__inner{--wp--custom--vertical-block-rhythm:0.5rem;padding:2rem 0 0}@media(min-width:48rem){.article-header__inner{--wp--custom--vertical-block-rhythm:0.625rem;display:grid;gap:0 var(--cacm--article--gap);grid-template-columns:auto 1fr;padding:var(--cacm--article--gap) 0}}@media(min-width:64rem){.article-header__inner{grid-template-columns:var(--cacm--article--sidebarleft--width) 1fr}}.article-header__section{margin-bottom:var(--wp--custom--vertical-block-rhythm);display:inline-block}.article-header__section:last-child{margin-bottom:0}.article-header__section a{text-decoration:none}.article-header__section a:active,.article-header__section a:focus,.article-header__section a:hover{text-decoration:underline;text-decoration-color:inherit;text-decoration-thickness:1px;text-underline-offset:2.5px}@media(max-width:47.9375rem){.article-header__section{margin-right:.625rem}}@media(min-width:48rem){.article-header__section{grid-column:1/1;text-align:right}}.article-header__section>a{font-size:.875rem;font-weight:700;line-height:1.2142857143;background-color:var(--cacm--article-header--button--background-color);color:var(--cacm--article-header--button--text-color);display:inline-block;padding:.3125rem .625rem;text-transform:uppercase}@media(min-width:48rem){.article-header__figure,.article-header__meta,.article-header__share,.article-header__subtitle,.article-header__title,.article-header__topic-and-issue-section{grid-column:2/2}}.article-header__topic-and-issue-section{--wp--custom--vertical-block-rhythm:0.5rem;margin-bottom:var(--wp--custom--vertical-block-rhythm);font-size:.9375rem;line-height:1.5333333333;font-family:var(--wp--preset--font-family--inter);display:flex;flex-direction:column}.article-header__topic-and-issue-section:last-child{margin-bottom:0}@media(min-width:48rem){.article-header__topic-and-issue-section{--wp--custom--vertical-block-rhythm:1.25rem;align-items:center;flex-direction:row;gap:2rem}}.article-header__issue-section{color:var(--cacm--article-header--text-color)}.article-header__title{margin-bottom:var(--wp--custom--vertical-block-rhythm);font-family:var(--wp--preset--font-family--work-sans);font-size:var(--wp--preset--font-size--work-md);line-height:32.2px;font-weight:var(--wp--custom--font-weight-extrabold)}.article-header__title:last-child{margin-bottom:0}@media(min-width:48rem){.article-header__title{font-size:var(--wp--preset--font-size--work-xxxl);line-height:50.4px;font-weight:var(--wp--custom--font-weight-extrabold)}}@media(min-width:64rem){.article-header__title{font-size:var(--wp--preset--font-size--work-xxl);line-height:44.28px;font-weight:var(--wp--custom--font-weight-extrabold)}}.article-header__subtitle{font-family:var(--wp--preset--font-family--work-sans);font-size:var(--wp--preset--font-size--work-xxs);line-height:22.5px;font-weight:var(--wp--custom--font-weight-bold);font-size:1.3125rem;line-height:1.2380952381;letter-spacing:-.08px;font-weight:var(--wp--custom--font-weight-medium);letter-spacing:-.03125rem;margin-bottom:.125rem}.article-header__subtitle:last-child{margin-bottom:0}.article-header__subtitle a{word-break:break-word}.article-header__subtitle b,.article-header__subtitle strong{font-weight:var(--wp--custom--font-weight-bold)}.article-header__subtitle em,.article-header__subtitle i{font-style:italic}.article-header__subtitle del,.article-header__subtitle strike{text-decoration:line-through}.article-header__subtitle sub,.article-header__subtitle sup{font-size:75%;line-height:0;position:relative}.article-header__subtitle sub{bottom:-.25em}.article-header__subtitle sup{top:-.5em}.article-header__subtitle .monospace,.article-header__subtitle p code{font:var(--wp--custom--font-weight-regular) 90%/1.6 Courier,monospace}@media(min-width:48rem){.article-header__subtitle{--wp--custom--vertical-block-rhythm:1.25rem;font-family:var(--wp--preset--font-family--work-sans);font-size:var(--wp--preset--font-size--work-xs);line-height:25.2px;font-weight:var(--wp--custom--font-weight-bold);font-size:1.5625rem;line-height:1.2;letter-spacing:-.1px;font-weight:var(--wp--custom--font-weight-medium);letter-spacing:-.03125rem;margin:.5rem 0 .625rem}.article-header__subtitle:last-child{margin-bottom:0}}.article-header__meta{margin-bottom:var(--wp--custom--vertical-block-rhythm);font-size:.9375rem;line-height:1.5333333333;font-family:var(--wp--preset--font-family--inter);display:flex;flex-direction:column}.article-header__meta:last-child{margin-bottom:0}.article-header__meta>*{margin-bottom:var(--wp--custom--vertical-block-rhythm)}.article-header__meta>:last-child{margin-bottom:0}.article-header__byline{margin-top:.625rem}.article-header__byline>a{border-bottom:1px dotted var(--cacm--article-header--byline--text-color);color:var(--cacm--article-header--byline--text-color);text-decoration:none}@media(max-width:47.9375rem){.article-header__figure{left:50%;margin-left:-50vw;margin-right:-50vw;position:relative;right:50%;width:100vw}}@media(min-width:48rem){.article-header__figure{display:flex;flex-direction:column}}.article-header__figure .image-wrapper{margin-bottom:var(--wp--custom--vertical-block-rhythm)}.article-header__figure .image-wrapper:last-child{margin-bottom:0}@media(min-width:64rem){.article-header__figure .image-wrapper{grid-column:1/1}}.article-header__figure .image-wrapper>img{-o-object-fit:cover;object-fit:cover}.article-header__figure .video-wrapper{height:100%;overflow:hidden;position:relative;width:100%;padding-bottom:56.25%}.article-header__figure .video-wrapper>iframe{height:100%;left:0;-o-object-fit:contain;object-fit:contain;position:absolute;top:0;width:100%}.article-header__figure .video-wrapper>:not(iframe){display:none}.article-header__figure figcaption{font-size:.9375rem;line-height:1.4666666667;font-family:var(--wp--preset--font-family--inter);color:var(--cacm--article-header--caption--text-color)}@media(max-width:47.9375rem){.article-header__figure figcaption{margin:0 var(--wp--custom--site-edge)}}@media(min-width:64rem){.article-header__figure figcaption{grid-column:2/2;margin:0}}.article-header__figure figcaption>p.article-header--credit{font-style:italic}</style><link rel="preload" href="https://cacm.acm.org/wp-content/themes/cacm/client/src/fonts/inter-v12-latin-regular.woff2" class="wp-asset-manager cacm-font-inter-regular-woff2" as="font" media="all" type="font/woff2" crossorigin /><link rel="preload" href="https://cacm.acm.org/wp-content/themes/cacm/client/src/fonts/inter-v12-latin-700.woff2" class="wp-asset-manager cacm-font-inter-700-woff2" as="font" media="all" type="font/woff2" crossorigin /><link rel="preload" href="https://cacm.acm.org/wp-content/themes/cacm/client/src/fonts/work-sans-bold.woff2?ver=1.0.0" class="wp-asset-manager cacm-font-work-sans-700-woff2" as="style" media="all" type="font/woff2" /><link rel="preload" href="https://cacm.acm.org/wp-content/themes/cacm/client/src/fonts/work-sans-extrabold.woff2?ver=1.0.0" class="wp-asset-manager cacm-font-work-sans-800-woff2" as="style" media="all" type="font/woff2" /><script type="text/javascript"> /* <![CDATA[ */ window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/cacm.acm.org\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.7.2"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); /* ]]> */ </script> <style id='wp-emoji-styles-inline-css' type='text/css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='wp-block-library-css' href='https://cacm.acm.org/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2' type='text/css' media='all' /> <style id='wp-parsely-recommendations-style-inline-css' type='text/css'> .parsely-recommendations-list-title{font-size:1.2em}.parsely-recommendations-list{list-style:none;padding:unset}.parsely-recommendations-cardbody{overflow:hidden;padding:.8em;text-overflow:ellipsis;white-space:nowrap}.parsely-recommendations-cardmedia{padding:.8em .8em 0} </style> <link rel='stylesheet' id='mediaelement-css' href='https://cacm.acm.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17' type='text/css' media='all' /> <link rel='stylesheet' id='wp-mediaelement-css' href='https://cacm.acm.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.7.2' type='text/css' media='all' /> <style id='jetpack-sharing-buttons-style-inline-css' type='text/css'> .jetpack-sharing-buttons__services-list{display:flex;flex-direction:row;flex-wrap:wrap;gap:0;list-style-type:none;margin:5px;padding:0}.jetpack-sharing-buttons__services-list.has-small-icon-size{font-size:12px}.jetpack-sharing-buttons__services-list.has-normal-icon-size{font-size:16px}.jetpack-sharing-buttons__services-list.has-large-icon-size{font-size:24px}.jetpack-sharing-buttons__services-list.has-huge-icon-size{font-size:36px}@media print{.jetpack-sharing-buttons__services-list{display:none!important}}.editor-styles-wrapper .wp-block-jetpack-sharing-buttons{gap:0;padding-inline-start:0}ul.jetpack-sharing-buttons__services-list.has-background{padding:1.25em 2.375em} </style> <style id='elasticpress-facet-style-inline-css' type='text/css'> .widget_ep-facet input[type=search],.wp-block-elasticpress-facet input[type=search]{margin-bottom:1rem}.widget_ep-facet .searchable .inner,.wp-block-elasticpress-facet .searchable .inner{max-height:20em;overflow:scroll}.widget_ep-facet .term.hide,.wp-block-elasticpress-facet .term.hide{display:none}.widget_ep-facet .empty-term,.wp-block-elasticpress-facet .empty-term{opacity:.5;position:relative}.widget_ep-facet .empty-term:after,.wp-block-elasticpress-facet .empty-term:after{bottom:0;content:" ";display:block;left:0;position:absolute;right:0;top:0;width:100%;z-index:2}.widget_ep-facet .level-1,.wp-block-elasticpress-facet .level-1{padding-left:20px}.widget_ep-facet .level-2,.wp-block-elasticpress-facet .level-2{padding-left:40px}.widget_ep-facet .level-3,.wp-block-elasticpress-facet .level-3{padding-left:60px}.widget_ep-facet .level-4,.wp-block-elasticpress-facet .level-4{padding-left:5pc}.widget_ep-facet .level-5,.wp-block-elasticpress-facet .level-5{padding-left:75pt}.widget_ep-facet input[disabled],.wp-block-elasticpress-facet input[disabled]{cursor:pointer;opacity:1}.widget_ep-facet .term a,.wp-block-elasticpress-facet .term a{-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-ms-flexbox;display:flex;position:relative}.widget_ep-facet .term a:hover .ep-checkbox,.wp-block-elasticpress-facet .term a:hover .ep-checkbox{background-color:#ccc}.ep-checkbox{-webkit-box-align:center;-ms-flex-align:center;-ms-flex-negative:0;-webkit-box-pack:center;-ms-flex-pack:center;align-items:center;background-color:#eee;display:-webkit-box;display:-ms-flexbox;display:flex;flex-shrink:0;height:1em;justify-content:center;margin-right:.25em;width:1em}.ep-checkbox:after{border:solid #fff;border-width:0 .125em .125em 0;content:"";display:none;height:.5em;-webkit-transform:rotate(45deg);transform:rotate(45deg);width:.25em}.ep-checkbox.checked{background-color:#5e5e5e}.ep-checkbox.checked:after{display:block} </style> <link rel='stylesheet' id='elasticpress-related-posts-block-css' href='https://cacm.acm.org/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?ver=4.2.2' type='text/css' media='all' /> <style id='global-styles-inline-css' type='text/css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--cacm-blue: #337AB5;--wp--preset--color--cacm-link-blue: #015FAC;--wp--preset--color--cacm-dark-blue: #1E4A88;--wp--preset--color--cacm-darker-blue: #29303C;--wp--preset--color--cacm-light-blue: #B6DEFF;--wp--preset--color--cacm-peach: #F7ACA5;--wp--preset--color--cacm-beige: #F5F2DC;--wp--preset--color--cacm-brown: #8C6A54;--wp--preset--color--cacm-green: #5F7D05;--wp--preset--color--cacm-light-green: #EFF7F1;--wp--preset--color--cacm-black: #141414;--wp--preset--color--cacm-gray-100: #FBFCFC;--wp--preset--color--cacm-gray-200: #F8F9FA;--wp--preset--color--cacm-gray-300: #EBEDEF;--wp--preset--color--cacm-gray-500: #A9ACB1;--wp--preset--color--cacm-gray-600: #5A6875;--wp--preset--color--cacm-gray-700: #3D4550;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--gradient--primary-gradient: linear-gradient(90deg, #80C2EF 0%, #337AB5 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--font-size--work-xxxs: 16px;--wp--preset--font-size--work-xxs: 18px;--wp--preset--font-size--work-xs: 21px;--wp--preset--font-size--work-sm: 25px;--wp--preset--font-size--work-md: 28px;--wp--preset--font-size--work-lg: 33px;--wp--preset--font-size--work-xl: 37px;--wp--preset--font-size--work-xxl: 41px;--wp--preset--font-size--work-xxxl: 48px;--wp--preset--font-size--inter-xxxs: 15px;--wp--preset--font-size--inter-xxs: 18px;--wp--preset--font-size--inter-xs: 21px;--wp--preset--font-size--inter-sm: 24px;--wp--preset--font-size--inter-md: 28px;--wp--preset--font-size--inter-lg: 32px;--wp--preset--font-size--inter-xl: 36px;--wp--preset--font-size--inter-xxl: 41px;--wp--preset--font-size--inter-xxxl: 47px;--wp--preset--font-family--inter: 'Inter', helvetica, arial, sans-serif;--wp--preset--font-family--work-sans: 'Work Sans', helvetica, arial, sans-serif;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);--wp--custom--adminbar-height: 0px;--wp--custom--siteheader-height: 72px;--wp--custom--site-edge: 20px;--wp--custom--gap: 40px;--wp--custom--gap-half: calc(var(--wp--custom--gap) / 2);--wp--custom--section-background-color: transparent;--wp--custom--placeholder-background-color: var(--wp--preset--color--cacm-gray-200);--wp--custom--vertical-block-rhythm: 40px;--wp--custom--border-gray: 1px solid var(--wp--preset--color--cacm-gray-300);--wp--custom--font-weight-regular: 400;--wp--custom--font-weight-medium: 500;--wp--custom--font-weight-bold: 700;--wp--custom--font-weight-extrabold: 900;}.wp-block-heading{--wp--preset--font-size--work-xxs: 18px;--wp--preset--font-size--work-xs: 21px;--wp--preset--font-size--work-sm: 25px;--wp--preset--font-size--work-md: 28px;--wp--preset--font-size--work-lg: 33px;--wp--preset--font-size--work-xl: 41px;}:root { --wp--style--global--content-size: 1280px;--wp--style--global--wide-size: 1280px; }:where(body) { margin: 0; }.wp-site-blocks > .alignleft { float: left; margin-right: 2em; }.wp-site-blocks > .alignright { float: right; margin-left: 2em; }.wp-site-blocks > .aligncenter { justify-content: center; margin-left: auto; margin-right: auto; }:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}.is-layout-flow > .alignleft{float: left;margin-inline-start: 0;margin-inline-end: 2em;}.is-layout-flow > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}.is-layout-flow > .aligncenter{margin-left: auto !important;margin-right: auto !important;}.is-layout-constrained > .alignleft{float: left;margin-inline-start: 0;margin-inline-end: 2em;}.is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}.is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;}.is-layout-constrained > :where(:not(.alignleft):not(.alignright):not(.alignfull)){max-width: var(--wp--style--global--content-size);margin-left: auto !important;margin-right: auto !important;}.is-layout-constrained > .alignwide{max-width: var(--wp--style--global--wide-size);}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}body{padding-top: 0px;padding-right: 0px;padding-bottom: 0px;padding-left: 0px;}a:where(:not(.wp-element-button)){text-decoration: underline;}:root :where(.wp-element-button, .wp-block-button__link){background-color: #32373c;border-width: 0;color: #fff;font-family: inherit;font-size: inherit;line-height: inherit;padding: calc(0.667em + 2px) calc(1.333em + 2px);text-decoration: none;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-cacm-blue-color{color: var(--wp--preset--color--cacm-blue) !important;}.has-cacm-link-blue-color{color: var(--wp--preset--color--cacm-link-blue) !important;}.has-cacm-dark-blue-color{color: var(--wp--preset--color--cacm-dark-blue) !important;}.has-cacm-darker-blue-color{color: var(--wp--preset--color--cacm-darker-blue) !important;}.has-cacm-light-blue-color{color: var(--wp--preset--color--cacm-light-blue) !important;}.has-cacm-peach-color{color: var(--wp--preset--color--cacm-peach) !important;}.has-cacm-beige-color{color: var(--wp--preset--color--cacm-beige) !important;}.has-cacm-brown-color{color: var(--wp--preset--color--cacm-brown) !important;}.has-cacm-green-color{color: var(--wp--preset--color--cacm-green) !important;}.has-cacm-light-green-color{color: var(--wp--preset--color--cacm-light-green) !important;}.has-cacm-black-color{color: var(--wp--preset--color--cacm-black) !important;}.has-cacm-gray-100-color{color: var(--wp--preset--color--cacm-gray-100) !important;}.has-cacm-gray-200-color{color: var(--wp--preset--color--cacm-gray-200) !important;}.has-cacm-gray-300-color{color: var(--wp--preset--color--cacm-gray-300) !important;}.has-cacm-gray-500-color{color: var(--wp--preset--color--cacm-gray-500) !important;}.has-cacm-gray-600-color{color: var(--wp--preset--color--cacm-gray-600) !important;}.has-cacm-gray-700-color{color: var(--wp--preset--color--cacm-gray-700) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-cacm-blue-background-color{background-color: var(--wp--preset--color--cacm-blue) !important;}.has-cacm-link-blue-background-color{background-color: var(--wp--preset--color--cacm-link-blue) !important;}.has-cacm-dark-blue-background-color{background-color: var(--wp--preset--color--cacm-dark-blue) !important;}.has-cacm-darker-blue-background-color{background-color: var(--wp--preset--color--cacm-darker-blue) !important;}.has-cacm-light-blue-background-color{background-color: var(--wp--preset--color--cacm-light-blue) !important;}.has-cacm-peach-background-color{background-color: var(--wp--preset--color--cacm-peach) !important;}.has-cacm-beige-background-color{background-color: var(--wp--preset--color--cacm-beige) !important;}.has-cacm-brown-background-color{background-color: var(--wp--preset--color--cacm-brown) !important;}.has-cacm-green-background-color{background-color: var(--wp--preset--color--cacm-green) !important;}.has-cacm-light-green-background-color{background-color: var(--wp--preset--color--cacm-light-green) !important;}.has-cacm-black-background-color{background-color: var(--wp--preset--color--cacm-black) !important;}.has-cacm-gray-100-background-color{background-color: var(--wp--preset--color--cacm-gray-100) !important;}.has-cacm-gray-200-background-color{background-color: var(--wp--preset--color--cacm-gray-200) !important;}.has-cacm-gray-300-background-color{background-color: var(--wp--preset--color--cacm-gray-300) !important;}.has-cacm-gray-500-background-color{background-color: var(--wp--preset--color--cacm-gray-500) !important;}.has-cacm-gray-600-background-color{background-color: var(--wp--preset--color--cacm-gray-600) !important;}.has-cacm-gray-700-background-color{background-color: var(--wp--preset--color--cacm-gray-700) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-cacm-blue-border-color{border-color: var(--wp--preset--color--cacm-blue) !important;}.has-cacm-link-blue-border-color{border-color: var(--wp--preset--color--cacm-link-blue) !important;}.has-cacm-dark-blue-border-color{border-color: var(--wp--preset--color--cacm-dark-blue) !important;}.has-cacm-darker-blue-border-color{border-color: var(--wp--preset--color--cacm-darker-blue) !important;}.has-cacm-light-blue-border-color{border-color: var(--wp--preset--color--cacm-light-blue) !important;}.has-cacm-peach-border-color{border-color: var(--wp--preset--color--cacm-peach) !important;}.has-cacm-beige-border-color{border-color: var(--wp--preset--color--cacm-beige) !important;}.has-cacm-brown-border-color{border-color: var(--wp--preset--color--cacm-brown) !important;}.has-cacm-green-border-color{border-color: var(--wp--preset--color--cacm-green) !important;}.has-cacm-light-green-border-color{border-color: var(--wp--preset--color--cacm-light-green) !important;}.has-cacm-black-border-color{border-color: var(--wp--preset--color--cacm-black) !important;}.has-cacm-gray-100-border-color{border-color: var(--wp--preset--color--cacm-gray-100) !important;}.has-cacm-gray-200-border-color{border-color: var(--wp--preset--color--cacm-gray-200) !important;}.has-cacm-gray-300-border-color{border-color: var(--wp--preset--color--cacm-gray-300) !important;}.has-cacm-gray-500-border-color{border-color: var(--wp--preset--color--cacm-gray-500) !important;}.has-cacm-gray-600-border-color{border-color: var(--wp--preset--color--cacm-gray-600) !important;}.has-cacm-gray-700-border-color{border-color: var(--wp--preset--color--cacm-gray-700) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-primary-gradient-gradient-background{background: var(--wp--preset--gradient--primary-gradient) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}.has-work-xxxs-font-size{font-size: var(--wp--preset--font-size--work-xxxs) !important;}.has-work-xxs-font-size{font-size: var(--wp--preset--font-size--work-xxs) !important;}.has-work-xs-font-size{font-size: var(--wp--preset--font-size--work-xs) !important;}.has-work-sm-font-size{font-size: var(--wp--preset--font-size--work-sm) !important;}.has-work-md-font-size{font-size: var(--wp--preset--font-size--work-md) !important;}.has-work-lg-font-size{font-size: var(--wp--preset--font-size--work-lg) !important;}.has-work-xl-font-size{font-size: var(--wp--preset--font-size--work-xl) !important;}.has-work-xxl-font-size{font-size: var(--wp--preset--font-size--work-xxl) !important;}.has-work-xxxl-font-size{font-size: var(--wp--preset--font-size--work-xxxl) !important;}.has-inter-xxxs-font-size{font-size: var(--wp--preset--font-size--inter-xxxs) !important;}.has-inter-xxs-font-size{font-size: var(--wp--preset--font-size--inter-xxs) !important;}.has-inter-xs-font-size{font-size: var(--wp--preset--font-size--inter-xs) !important;}.has-inter-sm-font-size{font-size: var(--wp--preset--font-size--inter-sm) !important;}.has-inter-md-font-size{font-size: var(--wp--preset--font-size--inter-md) !important;}.has-inter-lg-font-size{font-size: var(--wp--preset--font-size--inter-lg) !important;}.has-inter-xl-font-size{font-size: var(--wp--preset--font-size--inter-xl) !important;}.has-inter-xxl-font-size{font-size: var(--wp--preset--font-size--inter-xxl) !important;}.has-inter-xxxl-font-size{font-size: var(--wp--preset--font-size--inter-xxxl) !important;}.has-inter-font-family{font-family: var(--wp--preset--font-family--inter) !important;}.has-work-sans-font-family{font-family: var(--wp--preset--font-family--work-sans) !important;}.wp-block-heading.has-work-xxs-font-size{font-size: var(--wp--preset--font-size--work-xxs) !important;}.wp-block-heading.has-work-xs-font-size{font-size: var(--wp--preset--font-size--work-xs) !important;}.wp-block-heading.has-work-sm-font-size{font-size: var(--wp--preset--font-size--work-sm) !important;}.wp-block-heading.has-work-md-font-size{font-size: var(--wp--preset--font-size--work-md) !important;}.wp-block-heading.has-work-lg-font-size{font-size: var(--wp--preset--font-size--work-lg) !important;}.wp-block-heading.has-work-xl-font-size{font-size: var(--wp--preset--font-size--work-xl) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='qm-object-cache-style-css' href='https://cacm.acm.org/wp-content/mu-plugins/qm-plugins/qm-object-cache/css/style.css?ver=0.2' type='text/css' media='all' /> <link rel='stylesheet' id='cacm-global-css' href='https://cacm.acm.org/wp-content/themes/cacm/client/build/css/global.min.css?ver=2e69cf06aaa18696d381' type='text/css' media='all' /> <link rel='stylesheet' id='cacm-article-css' href='https://cacm.acm.org/wp-content/themes/cacm/client/build/css/article.min.css?ver=34500f5fcb3e83888a6c' type='text/css' media='all' /> <link rel="https://api.w.org/" href="https://cacm.acm.org/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://cacm.acm.org/wp-json/wp/v2/digital-library/762197" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://cacm.acm.org/xmlrpc.php?rsd" /> <meta name="generator" content="WordPress 6.7.2" /> <link rel="canonical" href="https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/" /> <link rel='shortlink' href='https://cacm.acm.org/?p=762197' /> <link rel="alternate" title="oEmbed (JSON)" type="application/json+oembed" href="https://cacm.acm.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fcacm.acm.org%2Fpractice%2Fconfidential-computing-or-cryptographic-computing%2F" /> <link rel="alternate" title="oEmbed (XML)" type="text/xml+oembed" href="https://cacm.acm.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fcacm.acm.org%2Fpractice%2Fconfidential-computing-or-cryptographic-computing%2F&format=xml" /> <style> .getty.aligncenter { text-align: center; } .getty.alignleft { float: none; margin-right: 0; } .getty.alignleft > div { float: left; margin-right: 5px; } .getty.alignright { float: none; margin-left: 0; } .getty.alignright > div { float: right; margin-left: 5px; } </style> <style>img#wpstats{display:none}</style> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"NewsArticle","headline":"Confidential Computing or Cryptographic Computing?","url":"http:\/\/cacm.acm.org\/practice\/confidential-computing-or-cryptographic-computing\/","mainEntityOfPage":{"@type":"WebPage","@id":"http:\/\/cacm.acm.org\/practice\/confidential-computing-or-cryptographic-computing\/"},"thumbnailUrl":"https:\/\/cacm.acm.org\/wp-content\/uploads\/2024\/11\/110424.PR_.Confidential-Computing-S.jpg?w=150&h=150&crop=1","image":{"@type":"ImageObject","url":"https:\/\/cacm.acm.org\/wp-content\/uploads\/2024\/11\/110424.PR_.Confidential-Computing-S.jpg"},"articleSection":"Security and Privacy","author":[{"@type":"Person","name":"David Roman"}],"creator":["David Roman"],"publisher":{"@type":"Organization","name":"Communications of the ACM","logo":""},"keywords":[],"dateCreated":"2024-11-04T21:18:44Z","datePublished":"2024-11-04T21:18:44Z","dateModified":"2024-11-22T19:11:31Z"}</script><link rel="icon" href="https://cacm.acm.org/wp-content/uploads/2023/11/cropped-cropped-cacm_favicon-1.png?w=32" sizes="32x32" /> <link rel="icon" href="https://cacm.acm.org/wp-content/uploads/2023/11/cropped-cropped-cacm_favicon-1.png?w=192" sizes="192x192" /> <link rel="apple-touch-icon" href="https://cacm.acm.org/wp-content/uploads/2023/11/cropped-cropped-cacm_favicon-1.png?w=180" /> <meta name="msapplication-TileImage" content="https://cacm.acm.org/wp-content/uploads/2023/11/cropped-cropped-cacm_favicon-1.png?w=270" /> </head> <body class="digital-library-template-default single single-digital-library postid-762197"> <svg xmlns="http://www.w3.org/2000/svg" focusable="false" height="0" role="none" style="left:-9999px;overflow:hidden;position:absolute" viewBox="0 0 0 0" width="0"><symbol id="am-symbol-icon-arrow-left" viewBox="0 0 18 12"><path clip-rule="evenodd" d="M18 6a.643.643 0 0 1-.643.643H2.196l4.046 4.044a.644.644 0 0 1-.91.91L.188 6.456a.643.643 0 0 1 0-.91L5.33.402a.644.644 0 1 1 .91.91L2.197 5.358h15.161A.643.643 0 0 1 18 6Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-arrow-right" viewBox="0 0 14 9"><path clip-rule="evenodd" d="M0 4.5A.5.5 0 0 1 .5 4h11.793L9.146.854a.5.5 0 1 1 .708-.708l4 4a.5.5 0 0 1 0 .708l-4 4a.5.5 0 1 1-.708-.708L12.293 5H.5a.5.5 0 0 1-.5-.5Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-comment" viewBox="0 0 19 20"><path clip-rule="evenodd" d="M1.781 1.542a.693.693 0 0 0-.693.693v11.876a.693.693 0 0 0 .693.693h2.375c.273 0 .494.221.494.494v2.574l3.96-2.97a.494.494 0 0 1 .296-.098h8.313a.693.693 0 0 0 .693-.694V2.236a.693.693 0 0 0-.693-.693H1.78ZM.592 1.046a1.681 1.681 0 0 1 1.19-.492h15.437A1.681 1.681 0 0 1 18.9 2.235v11.876a1.681 1.681 0 0 1-1.681 1.681H9.07l-4.618 3.464a.494.494 0 0 1-.79-.396v-3.068H1.78A1.682 1.682 0 0 1 .1 14.111V2.235c0-.446.177-.873.492-1.189Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-digital-library" viewBox="43 0 40 40"><g clip-path="url(#a)"> <path d="m95.468 15.585-1.58 1.579c-.262.263-.584.41-.964.41h-6.813V4.707h6.813c.38 0 .702.146.965.409l1.579 1.579c.263.263.41.585.41.965v6.959c0 .38-.118.702-.41.965zm-1.9-7.544c0-.088-.03-.205-.118-.263l-.76-.76c-.088-.088-.146-.117-.263-.117H88.42v8.45h4.006c.117 0 .205-.03.263-.117l.76-.76a.357.357 0 0 0 .117-.264V8.04zm5.877 9.532v-2.047h2.309V6.754h-2.31V4.708h6.93v2.046h-2.31v8.772h2.31v2.047h-6.93zm19.853 0-.292-1.637-1.228 1.228c-.263.263-.585.41-.965.41h-3.918c-.38 0-.702-.147-.965-.41l-1.579-1.58a1.326 1.326 0 0 1-.409-.964V7.66c0-.38.146-.7.409-.964l1.579-1.579c.263-.263.585-.41.965-.41h5c.38 0 .701.147.965.41l1.666 1.667-1.549 1.55-1.316-1.316c-.088-.088-.146-.117-.263-.117h-4.006c-.117 0-.205.029-.263.117l-.761.76a.36.36 0 0 0-.117.263v6.199c0 .088.03.204.117.263l.761.76c.087.088.146.117.263.117h3.041c.117 0 .204-.03.263-.117l1.754-1.754c.088-.088.117-.146.117-.263v-.995h-3.187V10.06h5.497v4.97l.497 2.573h-2.076v-.029zm5.38 0v-2.047h2.31V6.754h-2.31V4.708h6.93v2.046h-2.31v8.772h2.31v2.047h-6.93zM140.029 6.9v10.644h-2.31V6.9h-3.713V4.708h9.737V6.9h-3.714zm14.299 10.673-1.229-3.216h-5.117l-1.228 3.216h-2.31l4.767-12.865h2.748l4.708 12.865h-2.339zm-3.772-10.38-1.784 5.088h3.567l-1.783-5.088zM160 17.573V4.708h2.31V15.35h6.316v2.193H160v.03zM86.111 35.41V22.543h2.31v10.643h6.316v2.193H86.11v.03zm11.813 0v-2.047h2.31V24.59h-2.31v-2.047h6.93v2.047h-2.31v8.772h2.31v2.046h-6.93zm20.497-1.638-1.257 1.257a1.28 1.28 0 0 1-.936.38h-7.164V22.544h7.164c.38 0 .673.146.936.38l1.257 1.257c.263.263.409.585.409.965v1.755c0 .38-.146.701-.409.965l-1.111 1.11 1.111 1.112c.263.263.409.584.409.965v1.783c0 .322-.146.673-.409.936zm-1.901-8.216c0-.117-.029-.205-.116-.264l-.439-.438c-.088-.088-.146-.117-.263-.117h-4.328v3.129h3.86c.088 0 .205-.03.263-.117l.877-.878c.088-.087.117-.146.117-.263v-1.052h.029zm0 5.789c0-.117-.029-.205-.116-.263l-.936-.936c-.088-.088-.146-.117-.263-.117h-3.831v3.158h4.328c.087 0 .204-.03.263-.117l.439-.438c.087-.088.116-.147.116-.264v-1.023zm14.65 4.065-3.802-4.884a.402.402 0 0 0-.321-.175h-1.404v5.058h-2.31V22.544h7.164c.38 0 .673.146.936.38l1.257 1.257c.263.263.409.585.409.965v2.544c0 .38-.146.702-.409.965l-1.257 1.257c-.263.263-.556.38-.936.38h-.468l3.977 5.059h-2.836v.058zm-.381-9.854c0-.117-.029-.205-.116-.264l-.439-.438c-.088-.088-.146-.117-.263-.117h-4.328v3.392h4.328c.117 0 .204-.03.263-.117l.439-.41c.087-.087.116-.146.116-.263v-1.783zm15.117 9.854-1.228-3.217h-5.117l-1.228 3.216h-2.31l4.766-12.865h2.749l4.708 12.865h-2.34zm-3.772-10.38-1.783 5.087h3.538l-1.755-5.088zm17.106 10.38-3.801-4.884a.405.405 0 0 0-.322-.175h-1.404v5.058h-2.309V22.544h7.163c.38 0 .673.146.936.38l1.257 1.257c.263.263.41.585.41.965v2.544c0 .38-.147.702-.41.965l-1.257 1.257c-.263.263-.556.38-.936.38h-.468l3.977 5.059h-2.836v.058zm-.41-9.854c0-.117-.029-.205-.117-.264l-.438-.438c-.088-.088-.146-.117-.263-.117h-4.328v3.392h4.328c.117 0 .204-.03.263-.117l.438-.41c.088-.087.117-.146.117-.263v-1.783zm11.696 4.152v5.672h-2.31v-5.672l-4.356-7.164h2.514l3.012 5 2.982-5h2.486l-4.328 7.164zM12.193 26.199 7.485 13.363H4.737L0 26.199h2.31l1.199-3.216h5.117l1.199 3.216h2.368zm-4.327-5.263h-3.54l1.784-5.088 1.755 5.088zm15.818 3.187-1.55-1.55-1.315 1.316c-.088.088-.146.117-.263.117h-3.188c-.116 0-.204-.03-.263-.117l-.76-.76a.357.357 0 0 1-.117-.264v-6.17c0-.087.03-.204.117-.262l.76-.76c.088-.088.146-.117.263-.117h3.188c.116 0 .204.029.263.117l1.316 1.315 1.55-1.55-1.668-1.666a1.326 1.326 0 0 0-.964-.41H16.87c-.38 0-.701.147-.965.41l-1.579 1.579a1.326 1.326 0 0 0-.409.965v6.959c0 .38.146.702.41.965l1.578 1.579c.264.263.585.41.965.41h4.182c.38 0 .701-.147.964-.41l1.667-1.696zm15.79 2.076V13.363h-3.538l-3.041 9.941-3.041-9.941h-3.538v12.836h2.251V15.994L31.696 26.2h2.398l3.128-10.205V26.2h2.252zM58.246 3.421l-5.351-1.403-1.404 5.35 3.86-1.052 2.895-2.895zm-4.474 4.532-7.72 2.106 1.17 4.385 6.55-6.49zm26.17 6.988 1.432-5.467-5.35-1.375 1.081 4.065 2.837 2.777zm-33.1 10.205-1.433 5.38 5.351 1.375-1.052-3.89-2.866-2.865zM73.333 2.66 68.89 3.89l6.579 6.579-2.135-7.807zm-.409 29.416 7.836-2.134-1.228-4.474-6.608 6.608zM68.45 36.55l5.468 1.433 1.404-5.351-4.065 1.081-2.807 2.837zm-15 .79 4.386-1.17-6.462-6.492 2.076 7.661zm26.2-13.656L83.332 20 71.637 8.304l-4.561-4.561L63.333 0l-6.52 6.52-9.708 9.708L43.333 20l6.58 6.579 9.707 9.707L63.333 40l6.492-6.491 9.824-9.825zm-16.434-.643c0 .35-.117.672-.38.906l-1.491 1.492c-.263.263-.556.38-.906.38h-6.462V13.626h6.462c.35 0 .672.117.906.38l1.491 1.491c.263.263.38.556.38.907v6.637zm3.597-9.415h2.193v10.117H75v2.076h-8.187V13.626z"></path> <path d="M60.205 15.819a.37.37 0 0 0-.264-.117h-3.8v8.04h3.8c.117 0 .176-.029.264-.116l.701-.702c.059-.088.117-.175.117-.263v-5.877a.357.357 0 0 0-.117-.264l-.701-.701z"></path> </g><defs> <clipPath id="a"> <path d="M0 0h174.854v40H0z"></path> </clipPath> </defs></symbol><symbol id="am-symbol-icon-pdf-download" viewBox="0 0 19 20"><path clip-rule="evenodd" d="M1.781 1.542a.693.693 0 0 0-.693.693v13.063a.693.693 0 0 0 .693.694h4.75a.494.494 0 1 1 0 .988h-4.75A1.682 1.682 0 0 1 .1 15.298V2.235A1.681 1.681 0 0 1 1.78.554h8.415c.446 0 .873.177 1.188.492l2.274 2.274c.315.315.492.743.492 1.188v2.477a.494.494 0 1 1-.988 0V4.508a.694.694 0 0 0-.203-.49m0 0-2.273-2.273a.694.694 0 0 0-.49-.203H1.78m11.875 8.312a4.256 4.256 0 1 0 0 8.512 4.256 4.256 0 0 0 0-8.512Zm-5.244 4.257a5.244 5.244 0 1 1 10.488 0 5.244 5.244 0 0 1-10.488 0Zm5.244-2.87c.273 0 .494.222.494.495v3.557l.938-.938a.494.494 0 0 1 .699.698l-1.782 1.782a.494.494 0 0 1-.698 0l-1.781-1.782a.494.494 0 0 1 .698-.698l.938.938v-3.557c0-.273.221-.495.494-.495Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-print" viewBox="0 0 19 20"><path clip-rule="evenodd" d="M5.344 1.541a.693.693 0 0 0-.694.693v3.069h9.7V2.234a.693.693 0 0 0-.694-.693H5.344Zm9.994 3.762V2.234A1.681 1.681 0 0 0 13.656.553H5.344a1.681 1.681 0 0 0-1.682 1.681v3.069h-1.88A1.682 1.682 0 0 0 .1 6.984v5.938a1.682 1.682 0 0 0 1.681 1.681h1.881v4.257c0 .272.221.494.494.494h10.688a.494.494 0 0 0 .494-.494v-4.256h1.88a1.682 1.682 0 0 0 1.682-1.682V6.984a1.681 1.681 0 0 0-1.681-1.681h-1.881ZM1.78 6.291a.693.693 0 0 0-.693.693v5.938a.694.694 0 0 0 .693.694h1.881v-3.069c0-.273.221-.494.494-.494h10.688c.273 0 .494.221.494.494v3.069h1.88a.694.694 0 0 0 .694-.694V6.984a.693.693 0 0 0-.693-.693H1.78Zm12.569 4.75h-9.7v7.325h9.7V11.04ZM2.475 8.172c0-.273.22-.494.494-.494h1.187a.494.494 0 1 1 0 .988H2.97a.494.494 0 0 1-.494-.494Zm3.562 4.75c0-.273.221-.494.494-.494h5.938a.494.494 0 1 1 0 .988H6.53a.494.494 0 0 1-.494-.494Zm0 2.375c0-.273.221-.494.494-.494h4.157a.494.494 0 1 1 0 .988H6.53a.494.494 0 0 1-.494-.494Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-share" viewBox="0 0 19 18"><path clip-rule="evenodd" d="M14.844 1.73a2.475 2.475 0 1 0 0 4.949 2.475 2.475 0 0 0 0-4.95ZM11.38 4.203a3.463 3.463 0 1 1 .447 1.703L7.531 7.58a3.473 3.473 0 0 1-.087 1.873l4.555 2.278a3.463 3.463 0 1 1-.442.883L7 10.335a3.463 3.463 0 1 1 .171-3.677l4.298-1.671a3.473 3.473 0 0 1-.089-.783Zm1.242 8.407a2.475 2.475 0 1 0 4.441 2.187 2.475 2.475 0 0 0-4.44-2.187ZM4.156 5.886a2.475 2.475 0 1 0 0 4.95 2.475 2.475 0 0 0 0-4.95Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-bookmark" viewBox="0 0 13 19"><path clip-rule="evenodd" d="M12.05.948c-.293-.32-.7-.494-1.114-.494H2.007c-.421 0-.821.175-1.121.494a1.73 1.73 0 0 0-.457 1.186v15.488c0 .198.05.388.142.563.1.167.236.304.408.395a.89.89 0 0 0 .535.122.956.956 0 0 0 .522-.19l2.464-1.84h.007l1.964-1.459 1.958 1.46h.014l2.464 1.839c.15.114.329.182.522.19a.89.89 0 0 0 .535-.122 1.03 1.03 0 0 0 .4-.395c.1-.175.15-.365.15-.563V2.134c0-.449-.164-.874-.464-1.186ZM3.771 16.011 1.5 17.7s-.029.015-.05.022c-.014 0-.029-.007-.043-.015-.021-.008-.028-.023-.043-.038-.007-.015-.007-.03-.007-.053V2.134a.74.74 0 0 1 .186-.494.639.639 0 0 1 .464-.198h1.764v14.57Zm4.465-.691-1.5-1.125a.462.462 0 0 0-.536 0L4.7 15.32V1.442h3.536V15.32Zm3.35 2.378v-.053s-.015.015-.015.023a.089.089 0 0 1-.035.038c-.015 0-.036.015-.05.015-.015-.007-.036-.007-.05-.023l-2.272-1.687V1.442h1.772c.171 0 .335.069.457.198a.747.747 0 0 1 .193.494v15.564Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-bookmarked" viewBox="0 0 17 25"><path clip-rule="evenodd" d="M16.27.65C15.86.23 15.29 0 14.71 0H2.21A2.201 2.201 0 0 0 0 2.21v20.38c0 .26.07.51.2.74.14.22.33.4.57.52.23.13.49.18.75.16.26-.01.51-.1.73-.25l3.45-2.42h.01l1.15-.8 1.6-1.12 1.6 1.12 1.14.8h.02l3.45 2.42c.21.15.46.24.73.25.26.02.52-.03.75-.16.23-.12.43-.3.56-.52.14-.23.21-.48.21-.74V2.21c0-.59-.23-1.15-.65-1.56ZM4.68 20.47 1.5 22.69s-.04.02-.07.03c-.02 0-.04-.01-.06-.02-.03-.01-.04-.03-.06-.05V2.21c0-.24.09-.47.26-.65.17-.17.41-.26.65-.26h2.47v19.17h-.01Zm10.94 2.22v-.07s-.02.02-.02.03a.12.12 0 0 1-.05.05c-.02 0-.05.02-.07.02-.02-.01-.05-.01-.07-.03l-3.18-2.22V1.3h2.48a.9.9 0 0 1 .64.26c.17.18.27.41.27.65v20.48Z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-chevron-down" viewBox="0 0 16 16"><path d="M1.646 4.646a.5.5 0 0 1 .708 0L8 10.293l5.646-5.647a.5.5 0 0 1 .708.708l-6 6a.5.5 0 0 1-.708 0l-6-6a.5.5 0 0 1 0-.708z" fill-rule="evenodd"></path></symbol><symbol id="am-symbol-icon-search" viewBox="0 0 24 24"><path d="m23 21.85-6.145-6.146a8.966 8.966 0 1 0-1.151 1.15L21.849 23 23 21.85ZM2.656 9.98a7.324 7.324 0 1 1 7.324 7.324A7.332 7.332 0 0 1 2.656 9.98Z" fill="#015FAC"></path></symbol><symbol id="am-symbol-cacm-logo-small"><path d="M48.75 24c0 13.255-10.745 24-24 24s-24-10.745-24-24 10.745-24 24-24 24 10.745 24 24Z" fill="#fff"></path><path d="m24.998 9-15 15 15 15 15-15-15-15Z" fill="#027BA3"></path><path d="M34.196 24A9.195 9.195 0 0 1 25 33.196 9.195 9.195 0 0 1 15.804 24 9.195 9.195 0 0 1 25 14.804 9.195 9.195 0 0 1 34.196 24Z" fill="#fff"></path><path d="M33.28 24A8.275 8.275 0 0 1 25 32.275 8.275 8.275 0 0 1 16.72 24c0-4.57 3.705-8.28 8.28-8.28A8.276 8.276 0 0 1 33.28 24Z" fill="#027BA3"></path><path d="M20.18 25.613c-.084.07-.163.133-.23.191a1.641 1.641 0 0 1-.596.292c-.104.025-.25.041-.441.041-.35 0-.642-.116-.875-.354a1.219 1.219 0 0 1-.35-.891c0-.296.058-.534.175-.717.116-.183.287-.325.508-.433.225-.109.492-.184.804-.225.313-.042.646-.075 1.004-.1v-.021c0-.221-.083-.371-.241-.454-.163-.084-.405-.125-.73-.125-.145 0-.316.025-.512.079s-.388.12-.571.204h-.104v-.967c.12-.037.32-.079.596-.125.275-.05.55-.075.829-.075.687 0 1.187.117 1.5.342.312.23.47.575.47 1.046v2.712h-1.241v-.42h.004Zm0-.621v-.825c-.21.02-.38.041-.505.054-.13.017-.258.046-.38.091a.561.561 0 0 0-.253.171.488.488 0 0 0-.088.305c0 .187.05.312.15.383.1.07.246.104.442.104a.802.802 0 0 0 .329-.075c.113-.05.212-.12.304-.208ZM24.154 26.137c-.329 0-.633-.041-.904-.125a1.897 1.897 0 0 1-.712-.383c-.2-.17-.355-.387-.467-.65a2.336 2.336 0 0 1-.167-.925c0-.379.058-.704.183-.97.121-.267.284-.488.492-.659.2-.167.433-.288.7-.367a2.98 2.98 0 0 1 1.504-.046c.221.05.442.134.667.242v1.067h-.158c-.05-.046-.113-.1-.184-.154a1.673 1.673 0 0 0-.237-.159 1.349 1.349 0 0 0-.683-.175c-.317 0-.563.109-.738.33-.175.22-.262.516-.262.891 0 .4.091.696.279.892.187.196.433.296.741.296.155 0 .296-.017.413-.055a1.27 1.27 0 0 0 .517-.28c.058-.049.112-.099.154-.14h.158v1.062l-.246.108a2.925 2.925 0 0 1-.629.175 2.776 2.776 0 0 1-.417.026h-.004ZM30.867 26.033v-1.991c0-.196 0-.363-.013-.496a1.102 1.102 0 0 0-.062-.33.386.386 0 0 0-.167-.187.715.715 0 0 0-.317-.058.665.665 0 0 0-.279.062 1.99 1.99 0 0 0-.304.175v2.83h-1.242v-1.992c0-.192 0-.358-.012-.496a1 1 0 0 0-.067-.333.386.386 0 0 0-.166-.188.707.707 0 0 0-.313-.058c-.1 0-.2.025-.3.07-.096.05-.192.105-.283.167v2.83H26.1v-3.984h1.242v.438c.204-.175.396-.309.575-.405a1.27 1.27 0 0 1 .604-.145c.246 0 .458.058.642.175.183.116.325.287.42.516.238-.22.467-.391.675-.512.213-.121.425-.18.642-.18.183 0 .35.03.496.088.146.058.27.146.37.267.113.129.197.279.25.454.055.175.084.408.084.692v2.596h-1.242l.009-.005Z" fill="#fff"></path></symbol><symbol id="am-symbol-cacm-logo" viewBox="30.79 34.55 548.86 88.05"><path d="M54.75 71.41c-.8.8-1.77 1.2-2.85 1.2H39.52c-1.08 0-2.05-.4-2.85-1.2l-4.68-4.68c-.8-.8-1.2-1.77-1.2-2.85v-20.6c0-1.08.4-2.05 1.2-2.85l4.68-4.68c.8-.8 1.77-1.2 2.85-1.2H51.9c1.08 0 2.05.4 2.85 1.2l4.96 4.96-4.62 4.56-3.88-3.88c-.23-.23-.46-.34-.8-.34H41c-.34 0-.57.11-.8.34l-2.23 2.23c-.23.23-.34.51-.34.8v18.31c0 .29.11.57.34.8l2.23 2.23c.23.23.46.34.8.34h9.41c.34 0 .57-.11.8-.34l3.88-3.88 4.62 4.56-4.96 4.97zm44.5-4.68-4.68 4.68c-.8.8-1.77 1.2-2.85 1.2H76.83c-1.08 0-2.05-.4-2.85-1.2l-4.68-4.68c-.8-.8-1.2-1.77-1.2-2.85v-20.6c0-1.08.4-2.05 1.2-2.85l4.68-4.68c.8-.8 1.77-1.2 2.85-1.2h14.89c1.08 0 2.05.4 2.85 1.2l4.68 4.68c.8.8 1.2 1.77 1.2 2.85v20.6c0 1.08-.4 2.05-1.2 2.85zM93.6 44.42c0-.29-.11-.57-.34-.8l-2.23-2.23c-.23-.23-.46-.34-.8-.34H78.31c-.34 0-.57.11-.8.34l-2.23 2.23c-.23.23-.34.51-.34.8v18.31c0 .29.11.57.34.8l2.23 2.23c.23.23.46.34.8.34h11.92c.34 0 .57-.11.8-.34l2.23-2.23c.23-.23.34-.51.34-.8V44.42zm50.44 28.19V42.37l-9.3 30.24h-7.07l-9.3-30.24v30.24h-6.68V34.55h10.5l9.01 29.5 9.01-29.5h10.5V72.6h-6.67zm52.65 0V42.37l-9.3 30.24h-7.07l-9.3-30.24v30.24h-6.68V34.55h10.5l9.01 29.5 9.01-29.5h10.5V72.6h-6.67zm46.66-5.88-4.68 4.68c-.8.8-1.77 1.2-2.85 1.2h-11.47c-1.08 0-2.05-.4-2.85-1.2l-4.68-4.68c-.8-.8-1.2-1.77-1.2-2.85V34.55h6.85v28.18c0 .29.11.57.34.8l2.23 2.23c.23.23.46.34.8.34h8.5c.34 0 .57-.11.8-.34l2.23-2.23c.23-.23.34-.51.34-.8V34.55h6.85v29.33c-.01 1.08-.41 2.05-1.21 2.85zm32.69 5.88-12.55-29.5v29.5h-6.67V34.55h9.7l12.55 29.5v-29.5h6.67V72.6h-9.7zm20.82 0v-6.05h6.85V40.6h-6.85v-6.05h20.54v6.05h-6.85v25.96h6.85v6.05h-20.54zm53.46-1.2c-.8.8-1.77 1.2-2.85 1.2h-12.38c-1.08 0-2.05-.4-2.85-1.2l-4.68-4.68c-.8-.8-1.2-1.77-1.2-2.85v-20.6c0-1.08.4-2.05 1.2-2.85l4.68-4.68c.8-.8 1.77-1.2 2.85-1.2h12.38c1.08 0 2.05.4 2.85 1.2l4.96 4.96-4.62 4.56-3.88-3.88c-.23-.23-.46-.34-.8-.34h-9.41c-.34 0-.57.11-.8.34l-2.22 2.23c-.23.23-.34.51-.34.8v18.31c0 .29.11.57.34.8l2.22 2.23c.23.23.46.34.8.34h9.41c.34 0 .57-.11.8-.34l3.88-3.88 4.62 4.56-4.96 4.97zm39.47 1.2-3.59-9.53h-15.18l-3.6 9.53h-6.85l14.09-38.05h8.1l13.98 38.05h-6.95zm-11.18-30.7-5.25 15.06h10.5l-5.25-15.06zm35.94-.85v31.55h-6.85V41.06h-11.01v-6.5h28.87v6.5h-11.01zm19.27 31.55v-6.05h6.85V40.6h-6.85v-6.05h20.54v6.05h-6.85v25.96h6.85v6.05h-20.54zm61.89-5.88-4.68 4.68c-.8.8-1.77 1.2-2.85 1.2h-14.89c-1.08 0-2.05-.4-2.85-1.2l-4.68-4.68c-.8-.8-1.2-1.77-1.2-2.85v-20.6c0-1.08.4-2.05 1.2-2.85l4.68-4.68c.8-.8 1.77-1.2 2.85-1.2h14.89c1.08 0 2.05.4 2.85 1.2l4.68 4.68c.8.8 1.2 1.77 1.2 2.85v20.6c0 1.08-.4 2.05-1.2 2.85zm-5.64-22.31c0-.29-.11-.57-.34-.8l-2.22-2.23c-.23-.23-.46-.34-.8-.34h-11.92c-.34 0-.57.11-.8.34l-2.22 2.23c-.23.23-.34.51-.34.8v18.31c0 .29.12.57.34.8l2.22 2.23c.23.23.46.34.8.34h11.92c.34 0 .57-.11.8-.34l2.22-2.23c.23-.23.34-.51.34-.8V44.42zm37.65 28.19-12.55-29.5v29.5h-6.68V34.55h9.7l12.55 29.5v-29.5h6.68V72.6h-9.7zm50.72-5.88-4.68 4.68c-.8.8-1.77 1.2-2.85 1.2h-15.92c-1.08 0-2.05-.4-2.85-1.2l-4.85-4.85 4.56-4.62 3.82 3.82c.23.23.46.34.8.34h12.95c.34 0 .57-.11.8-.34l2.22-2.23c.23-.23.34-.51.34-.8v-3.65c0-.57-.51-1.08-1.08-1.14l-20.48-2.74c-2.23-.29-3.94-2.28-3.94-4.45v-7.47c0-1.08.4-2.05 1.2-2.85l4.68-4.68c.8-.8 1.77-1.2 2.85-1.2h15.92c1.08 0 2.05.4 2.85 1.2l4.85 4.85-4.56 4.62-3.82-3.82c-.23-.23-.46-.34-.8-.34H557.5c-.34 0-.57.11-.8.34l-2.22 2.23c-.23.23-.34.51-.34.8v3.65c0 .57.46 1.08 1.03 1.14l20.54 2.74c2.22.29 3.94 2.28 3.94 4.45v7.47c-.01 1.08-.41 2.05-1.21 2.85zM263.05 90.51l-.88.88c-.15.15-.33.22-.54.22h-2.79a.79.79 0 0 1-.54-.22l-.88-.88a.732.732 0 0 1-.22-.54v-3.86c0-.2.07-.38.22-.54l.88-.88c.15-.15.33-.22.54-.22h2.79c.2 0 .39.07.54.22l.88.88c.15.15.22.33.22.54v3.86c0 .2-.07.39-.22.54zm-1.06-4.19a.22.22 0 0 0-.06-.15l-.42-.42a.204.204 0 0 0-.15-.06h-2.24c-.06 0-.11.02-.15.06l-.42.42a.22.22 0 0 0-.06.15v3.43c0 .05.02.11.06.15l.42.42c.04.04.09.06.15.06h2.24c.06 0 .11-.02.15-.06l.42-.42c.04-.04.06-.1.06-.15v-3.43zm5.41 2.33v2.96h-1.28v-7.13h4.78v1.22h-3.5v1.73h3.5v1.22h-3.5zm12.04-2.96v5.92h-1.28v-5.92h-2.06v-1.22h5.41v1.22h-2.07zm8.45 5.92v-2.96h-2.86v2.96h-1.28v-7.13h1.28v2.95h2.86v-2.95h1.28v7.13h-1.28zm4.43 0v-7.13h4.78v1.22h-3.5v1.73h3.5v1.22h-3.5v1.74h3.5v1.22h-4.78zm30.16 30.99-3.59-9.53h-15.18l-3.59 9.53h-6.85l14.09-38.05h8.1l13.98 38.05h-6.96zM311.3 91.91l-5.25 15.06h10.5l-5.25-15.06zm49.12 29.49c-.8.8-1.77 1.2-2.85 1.2h-12.38c-1.08 0-2.05-.4-2.85-1.2l-4.68-4.68c-.8-.8-1.2-1.77-1.2-2.85v-20.6c0-1.08.4-2.05 1.2-2.85l4.68-4.68c.8-.8 1.77-1.2 2.85-1.2h12.38c1.08 0 2.05.4 2.85 1.2l4.96 4.96-4.62 4.56-3.88-3.88c-.23-.23-.46-.34-.8-.34h-9.41c-.34 0-.57.11-.8.34l-2.22 2.23c-.23.23-.34.51-.34.8v18.31c0 .29.12.57.34.8l2.22 2.23c.23.23.46.34.8.34h9.41c.34 0 .57-.12.8-.34l3.88-3.88 4.62 4.56-4.96 4.97zm47.51 1.2V92.36l-9.3 30.24h-7.07l-9.3-30.24v30.24h-6.68V84.55h10.5l9.01 29.5 9.01-29.5h10.5v38.05h-6.67z"></path></symbol><symbol id="am-symbol-icon-social-facebook"><path d="m22.723 20 .445-2.896h-2.779v-1.879c0-.792.388-1.564 1.633-1.564h1.263v-2.465S22.139 11 21.043 11c-2.289 0-3.784 1.387-3.784 3.898v2.206h-2.544V20h2.544v7h3.13v-7h2.334Z"></path></symbol><symbol id="am-symbol-icon-social-twitter"><path d="M27.613 13.657a7.057 7.057 0 0 1-2.03.557 3.54 3.54 0 0 0 1.555-1.955 7.08 7.08 0 0 1-2.245.857A3.53 3.53 0 0 0 22.313 12c-2.282 0-3.958 2.13-3.442 4.34a10.033 10.033 0 0 1-7.285-3.694 3.54 3.54 0 0 0 1.093 4.72 3.52 3.52 0 0 1-1.6-.442c-.038 1.637 1.135 3.169 2.835 3.51a3.542 3.542 0 0 1-1.596.06 3.538 3.538 0 0 0 3.301 2.454 7.106 7.106 0 0 1-5.232 1.465A10.006 10.006 0 0 0 15.804 26c6.562 0 10.27-5.542 10.046-10.513a7.195 7.195 0 0 0 1.763-1.83Z"></path></symbol><symbol id="am-symbol-icon-social-linkedin"><path d="M14.117 12.74c0 .96-.773 1.738-1.726 1.738a1.732 1.732 0 0 1-1.725-1.739c0-.96.772-1.739 1.725-1.739.953 0 1.726.78 1.726 1.74Zm.013 3.13h-3.478V27h3.479V15.87Zm5.553 0h-3.456V27h3.457v-5.843c0-3.248 4.194-3.514 4.194 0V27h3.47v-7.048c0-5.481-6.207-5.282-7.665-2.583v-1.5Z"></path></symbol><symbol id="am-symbol-icon-social-reddit"><path d="M27.764 21.071v.613c0 3.368-3.879 6.022-8.676 6.022-4.797 0-8.676-2.654-8.676-6.022v-.613c-1.122-.51-1.53-1.735-1.122-2.857.306-.817 1.123-1.327 1.939-1.225.612 0 1.123.204 1.531.612 1.735-1.122 3.776-1.837 5.818-1.837l1.122-5.103c0-.102.102-.204.102-.204.102-.102.205-.102.307-.102l3.572.816c.408-.714 1.327-1.123 2.041-.714.715.408 1.123 1.326.715 2.04-.409.715-1.327 1.124-2.042.715-.51-.204-.816-.714-.816-1.326l-3.164-.715-1.02 4.593c2.245.102 4.286.817 5.715 1.837.816-.816 2.245-.816 3.062 0 .408.408.612.919.612 1.531.306.919-.306 1.633-1.02 1.94Zm-11.942 1.123c.816 0 1.53-.714 1.53-1.53 0-.817-.714-1.532-1.53-1.532-.817 0-1.531.715-1.531 1.531 0 .817.612 1.531 1.53 1.531Zm7.042 1.94c-.204-.205-.408-.205-.51 0-.612.714-2.041.918-3.062.918-1.02 0-2.45-.204-3.062-.919-.204-.204-.408-.204-.51 0-.204.204-.204.409 0 .51 1.02 1.021 3.062 1.123 3.674 1.123.613 0 2.552-.102 3.675-1.122-.102-.102-.102-.306-.205-.51Zm1.225-3.47c0-.817-.714-1.532-1.53-1.532-.817 0-1.532.715-1.532 1.531 0 .817.715 1.531 1.531 1.531.817 0 1.531-.714 1.531-1.53Z"></path></symbol><symbol id="am-symbol-cacm-avatar-blank" viewBox="0 0 40 40"><g> <circle cx="20" cy="20" fill="var(--wp--preset--color--cacm-link-blue)" r="19" stroke="var(--wp--preset--color--cacm-link-blue)" stroke-width="2"></circle> <path clip-rule="evenodd" d="M5 33.23v-.73c0-4.987 9.994-7.5 15-7.5s15 2.513 15 7.5v.73A19.952 19.952 0 0 1 20 40a19.952 19.952 0 0 1-15-6.77ZM20 8.333a7.498 7.498 0 0 0-7.5 7.5c0 4.143 3.356 7.5 7.5 7.5s7.5-3.357 7.5-7.5c0-4.144-3.356-7.5-7.5-7.5Z" fill="var(--wp--preset--color--cacm-gray-200)" fill-rule="evenodd"></path> </g></symbol></svg><div id="page" class="site"> <a class="skip-link" href="#content">Skip to content</a> <div class="site-header-wrapper" data-component="siteHeader"> <header id="masthead" class="site-header site-header--no-js"> <div class="site-header-container"> <button class="site-header-hamburger" aria-label="Main Menu"> <span class="site-header-hamburger-closed"> <svg xmlns="http://www.w3.org/2000/svg" version="1.2" viewBox="0 0 25 25"> <path d="M.2.2h24.6v2.6H.2zm0 11h24.6v2.7H.2zm0 11h24.6v2.6H.2z" style="fill:#1a1a1a"/> </svg> </span> <span class="site-header-hamburger-open"> <svg xmlns="http://www.w3.org/2000/svg" version="1.2" viewBox="0 0 25 25"> <path d="M1.7.9 24 23.8m-23 0L23.3.9" style="fill:none;stroke:#fff;stroke-width:1.3"/> </svg> </span> </button> <a class="site-header-logo" aria-label="Home" href="https://cacm.acm.org"> <svg aria-hidden="true" focusable="false" width="548" height="88" fill="#000"><use href="#am-symbol-cacm-logo"></use></svg> <svg aria-hidden="true" focusable="false" width="548" height="88" fill="#FFF"><use href="#am-symbol-cacm-logo"></use></svg> </a> <div class="site-header-topics-menu"> <button class="site-header-topics-menu-toggle"> Explore Topics <svg xmlns="http://www.w3.org/2000/svg" width="14" height="8" fill="none"> <path stroke="#1A1A1A" stroke-width="1.5" d="m1.5 1.5 5.5 5 5.5-5"/> </svg> </button> <nav role="navigation" aria-label="Topics Menu" class="site-header-topics-menu-expanded" aria-hidden="true"> <ul class="site-header-topics-menu-list"> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/architecture-and-hardware/"> Architecture and Hardware </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/artificial-intelligence-machine-learning/"> Artificial Intelligence and Machine Learning </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/computer-history/"> Computer History </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/computing-applications/"> Computing Applications </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/computing-profession/"> Computing Profession </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/data-and-information/"> Data and Information </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/education/"> Education </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/hci/"> HCI </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/philosophy-of-computing/"> Philosophy of Computing </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/security-and-privacy/"> Security and Privacy </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/society/"> Society </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/software-engineering-and-programming-languages/"> Software Engineering and Programming Languages </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/systems-and-networking/"> Systems and Networking </a> </li> <li class="site-header-topics-menu-list-item"> <a href="https://cacm.acm.org/category/theory/"> Theory </a> </li> </ul> </nav> </div> <div class="site-header-magazine-menu"> <button class="site-header-magazine-menu-toggle"> Latest Issue <svg xmlns="http://www.w3.org/2000/svg" width="14" height="8" fill="none"> <path stroke="#1A1A1A" stroke-width="1.5" d="m1.5 1.5 5.5 5 5.5-5"/> </svg> </button> <nav role="navigation" aria-label="Magazine Menu" class="site-header-magazine-menu-expanded" aria-hidden="true"> <a href="https://cacm.acm.org/issue/february-2025/"> <figure class="site-header-magazine-menu-expanded-image"> <div class="image-wrapper"><img width="1000" height="1338" src="https://cacm.acm.org/wp-content/uploads/2025/01/February.2025-Cover-1000x1338-1.jpg?w=1000" class="attachment-original size-original" alt="February 2025 cover" loading="lazy" decoding="async" srcset="https://cacm.acm.org/wp-content/uploads/2025/01/February.2025-Cover-1000x1338-1.jpg 1000w, https://cacm.acm.org/wp-content/uploads/2025/01/February.2025-Cover-1000x1338-1.jpg?resize=224,300 224w, https://cacm.acm.org/wp-content/uploads/2025/01/February.2025-Cover-1000x1338-1.jpg?resize=768,1028 768w, https://cacm.acm.org/wp-content/uploads/2025/01/February.2025-Cover-1000x1338-1.jpg?resize=765,1024 765w" sizes="auto, (max-width: 1000px) 100vw, 1000px" /></div> </figure> </a> <div class="site-header-magazine-menu-expanded-text"> <div class="site-header-magazine-menu-expanded-current"> <h2 class="site-header-magazine-menu-expanded-heading"> Latest Issue </h2> <a href="https://cacm.acm.org/issue/february-2025/" class="site-header-magazine-menu-expanded-issue"><b>February 2025</b>, Vol. 68 No. 2</a> </div> <div class="site-header-magazine-menu-expanded-previous"> <h2 class="site-header-magazine-menu-expanded-heading"> Previous Issue </h2> <a href="https://cacm.acm.org/issue/january-2025/" class="site-header-magazine-menu-expanded-issue"><b>January 2025</b>, Vol. 68 No. 1</a> </div> <a href="https://cacm.acm.org/issues" class="site-header-magazine-menu-expanded-link"> Explore the archive <svg xmlns="http://www.w3.org/2000/svg" width="12" height="10" fill="none" aria-hidden="true" tabindex="-1"> <path fill="#000" d="m7 0-.715.697 3.79 3.803H0v1h10.075l-3.79 3.787L7 10l5-5-5-5Z"/> </svg> </a> </div> </nav> </div> <a href="https://cacm.acm.org/?s=" aria-label="Search" class="site-header-search"> <span class="site-header-search-text"> Search </span> <svg aria-hidden="true" focusable="false" width="24" height="24" class="site-header-search-icon"><use href="#am-symbol-icon-search"></use></svg></a> <nav class="site-header-membership-nav"> <button class="site-header-membership-nav__button"> <span class="site-header-membership-nav__button-text">Open Membership Navigation</span> <span class="site-header-membership-nav__button-icon"> <svg aria-hidden="true" focusable="false" width="40" height="40" tabindex="-1"><use href="#am-symbol-cacm-avatar-blank"></use></svg> </span> </button> <div class="site-header-membership-nav__menu-container" aria-hidden="true"> <ul class="site-header-membership-nav__menu"> <li class="site-header-membership-nav__menu-item"> <a href="https://cacm.acm.org/account/settings">Settings</a> </li> <li class="site-header-membership-nav__menu-item"> <a href="https://cacm.acm.org/logout/">Sign Out</a> </li> </ul> </div> </nav> <a class="site-header-member-login-link" href="https://cacm.acm.org/wp-login.php?saml_sso">Sign In</a> <a href="https://cacm.acm.org/join-acm" class="site-header-cta-membership"> <div class="site-header-cta-membership-container"> <div class="site-header-cta-membership-text"> Join ACM <svg xmlns="http://www.w3.org/2000/svg" width="12" height="10" fill="none" aria-hidden="true" tabindex="-1"> <path fill="#000" d="m7 0-.715.697 3.79 3.803H0v1h10.075l-3.79 3.787L7 10l5-5-5-5Z"/> </svg> </div> <div class="site-header-cta-membership-logo"> <svg aria-hidden="true" focusable="false" width="48" height="48"><use href="#am-symbol-cacm-logo-small"></use></svg> </div> </div> </a> </div> <nav role="navigation" aria-label="Main Menu" class="site-header-hamburger-menu" aria-hidden="true"> <!-- Search bar --> <form role="search" action="https://cacm.acm.org" method="get" class="site-header-hamburger-menu-search"> <label for="site-navigation-expanded-search"> <span class="site-header-hamburger-menu-search-icon"> <svg xmlns="http://www.w3.org/2000/svg" width="21" height="21" fill="none"> <path fill="#4C4C4C" d="m21 19.902-5.866-5.867a8.558 8.558 0 1 0-1.099 1.099L19.902 21 21 19.902ZM1.581 8.572a6.99 6.99 0 1 1 6.99 6.99 6.999 6.999 0 0 1-6.99-6.99Z"/> </svg> </span> <input type="text" name="s" id="site-navigation-expanded-search" class="site-header-hamburger-menu-search-input" placeholder="Search" value="" /> </label> </form> <!-- Topics menu --> <div class="site-header-hamburger-menu-topics site-header-hamburger-menu-topics--expanded"> <h2 class="site-header-hamburger-menu-heading"> Topics <span class="site-header-hamburger-menu-accordion-icon"> <svg aria-hidden="true" focusable="false" width="16" height="16"><use href="#am-symbol-icon-chevron-down"></use></svg> </span> </h2> <ul class="site-header-hamburger-menu-topics-menu"> <li> <a href="https://cacm.acm.org/category/architecture-and-hardware/"> Architecture and Hardware </a> </li> <li> <a href="https://cacm.acm.org/category/artificial-intelligence-machine-learning/"> Artificial Intelligence and Machine Learning </a> </li> <li> <a href="https://cacm.acm.org/category/computer-history/"> Computer History </a> </li> <li> <a href="https://cacm.acm.org/category/computing-applications/"> Computing Applications </a> </li> <li> <a href="https://cacm.acm.org/category/computing-profession/"> Computing Profession </a> </li> <li> <a href="https://cacm.acm.org/category/data-and-information/"> Data and Information </a> </li> <li> <a href="https://cacm.acm.org/category/education/"> Education </a> </li> <li> <a href="https://cacm.acm.org/category/hci/"> HCI </a> </li> <li> <a href="https://cacm.acm.org/category/philosophy-of-computing/"> Philosophy of Computing </a> </li> <li> <a href="https://cacm.acm.org/category/security-and-privacy/"> Security and Privacy </a> </li> <li> <a href="https://cacm.acm.org/category/society/"> Society </a> </li> <li> <a href="https://cacm.acm.org/category/software-engineering-and-programming-languages/"> Software Engineering and Programming Languages </a> </li> <li> <a href="https://cacm.acm.org/category/systems-and-networking/"> Systems and Networking </a> </li> <li> <a href="https://cacm.acm.org/category/theory/"> Theory </a> </li> </ul> </div> <!-- Sections menu --> <div class="site-header-hamburger-menu-sections"> <h2 class="site-header-hamburger-menu-heading"> Sections <span class="site-header-hamburger-menu-accordion-icon"> <svg aria-hidden="true" focusable="false" width="16" height="16"><use href="#am-symbol-icon-chevron-down"></use></svg> </span> </h2> <ul class="site-header-hamburger-menu-sections-menu"> <li> <a href="https://cacm.acm.org/section/research/"> Research and Advances </a> </li> <li> <a href="https://cacm.acm.org/section/opinion/"> Opinion </a> </li> <li> <a href="https://cacm.acm.org/section/practice/"> Practice </a> </li> <li> <a href="https://cacm.acm.org/section/news/"> News </a> </li> <li> <a href="https://cacm.acm.org/section/careers/"> Careers </a> </li> </ul> </div> <!-- Magazine menu --> <div class="site-header-hamburger-menu-magazine"> <h2 class="site-header-hamburger-menu-heading"> Magazine <span class="site-header-hamburger-menu-accordion-icon"> <svg aria-hidden="true" focusable="false" width="16" height="16"><use href="#am-symbol-icon-chevron-down"></use></svg> </span> </h2> <ul id="menu-magazine-header" class="site-header-hamburger-menu-magazine-menu"><li id="menu-item-217988" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-217988"><a href="/issue/latest/" id="menu-link-1">Latest Issue</a></li> <li id="menu-item-217989" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-217989"><a href="/issues/" id="menu-link-2">Magazine Archive</a></li> <li id="menu-item-224644" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224644"><a href="https://cacm.acm.org/editorial-staff-board/" id="menu-link-3">Editorial Staff and Board</a></li> <li id="menu-item-751386" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-751386"><a href="https://cacm.acm.org/author-guidelines#CACMsubmission" id="menu-link-4">Submit an Article</a></li> <li id="menu-item-224585" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224585"><a href="https://cacm.acm.org/feeds-2/" id="menu-link-5">Alerts & Feeds</a></li> <li id="menu-item-224645" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224645"><a href="https://cacm.acm.org/author-guidelines/" id="menu-link-6">Author Guidelines</a></li> </ul> </div> <div class="site-header-hamburger-menu-membership"> <span class="site-header-hamburger-menu-membership-logo"> <svg aria-hidden="true" focusable="false" width="49" height="48"><use href="#am-symbol-cacm-logo-small"></use></svg> </span> <h2 class="site-header-hamburger-menu-heading site-header-hamburger-menu-membership-heading"> CACM Web Account </h2> <p class="site-header-hamburger-menu-membership-text">Membership in ACM includes a subscription to Communications of the ACM (CACM), the computing industry's most trusted source for staying connected to the world of advanced computing.</p> <div class="site-header-hamburger-menu-membership-buttons"> <a href="https://cacm.acm.org/wp-login.php?saml_sso" class="site-header-hamburger-menu-membership-buttons-log-in"> Sign In </a> <a href="https://accounts.acm.org/" class="site-header-hamburger-menu-membership-buttons-sign-up"> Sign Up </a> </div> </div> <!-- Communications menu --> <div class="site-header-hamburger-menu-communications"> <h2 class="site-header-hamburger-menu-heading"> Communications of the ACM <span class="site-header-hamburger-menu-accordion-icon"> <svg aria-hidden="true" focusable="false" width="16" height="16"><use href="#am-symbol-icon-chevron-down"></use></svg> </span> </h2> <ul id="menu-communications-header" class="site-header-hamburger-menu-communications-menu"><li id="menu-item-224641" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224641"><a href="https://cacm.acm.org/about-us/" id="menu-link-7">About Us</a></li> <li id="menu-item-224663" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224663"><a href="https://cacm.acm.org/faq/" id="menu-link-8">Frequently Asked Questions</a></li> <li id="menu-item-224640" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224640"><a href="https://cacm.acm.org/contact-us/" id="menu-link-9">Contact Us</a></li> </ul> </div> <div class="site-header-hamburger-menu-social"> <h2 class="site-header-hamburger-menu-heading"> Follow Us </h2> <ul class="site-header-hamburger-menu-social-menu"> <li> <a href="https://twitter.com/cacmmag"> <span class="screen-reader-only">CACM on Twitter</span> <svg xmlns="http://www.w3.org/2000/svg" width="38" height="38" fill="none"> <path fill="#1DA1F2" d="M27.613 13.657a7.057 7.057 0 0 1-2.03.557 3.54 3.54 0 0 0 1.555-1.955 7.08 7.08 0 0 1-2.245.857A3.53 3.53 0 0 0 22.313 12c-2.282 0-3.958 2.13-3.442 4.34a10.033 10.033 0 0 1-7.285-3.694 3.54 3.54 0 0 0 1.093 4.72 3.52 3.52 0 0 1-1.6-.442c-.038 1.637 1.135 3.169 2.835 3.51a3.542 3.542 0 0 1-1.596.06 3.538 3.538 0 0 0 3.301 2.454 7.106 7.106 0 0 1-5.232 1.465A10.006 10.006 0 0 0 15.804 26c6.562 0 10.27-5.542 10.046-10.513a7.195 7.195 0 0 0 1.763-1.83Z"/> <path fill="#000" d="M27.613 13.657a7.057 7.057 0 0 1-2.03.557 3.54 3.54 0 0 0 1.555-1.955 7.08 7.08 0 0 1-2.245.857A3.53 3.53 0 0 0 22.313 12c-2.282 0-3.958 2.13-3.442 4.34a10.033 10.033 0 0 1-7.285-3.694 3.54 3.54 0 0 0 1.093 4.72 3.52 3.52 0 0 1-1.6-.442c-.038 1.637 1.135 3.169 2.835 3.51a3.542 3.542 0 0 1-1.596.06 3.538 3.538 0 0 0 3.301 2.454 7.106 7.106 0 0 1-5.232 1.465A10.006 10.006 0 0 0 15.804 26c6.562 0 10.27-5.542 10.046-10.513a7.195 7.195 0 0 0 1.763-1.83Z"/> <rect width="37" height="37" x=".5" y=".5" stroke="#D8D8D8" rx="18.5"/> </svg> </a> </li> <li> <a href="https://www.reddit.com/user/TheOfficialACM"> <span class="screen-reader-only">CACM on Reddit</span> <svg xmlns="http://www.w3.org/2000/svg" width="38" height="38" fill="none"> <path fill="#FF4500" d="M27.764 21.071v.613c0 3.368-3.879 6.022-8.676 6.022-4.797 0-8.676-2.654-8.676-6.022v-.613c-1.122-.51-1.53-1.735-1.122-2.857.306-.817 1.123-1.327 1.939-1.225.612 0 1.123.204 1.531.612 1.735-1.122 3.776-1.837 5.818-1.837l1.122-5.103c0-.102.102-.204.102-.204.102-.102.205-.102.307-.102l3.572.816c.408-.714 1.327-1.123 2.041-.714.715.408 1.123 1.326.715 2.04-.409.715-1.327 1.124-2.042.715-.51-.204-.816-.714-.816-1.326l-3.164-.715-1.02 4.593c2.245.102 4.286.817 5.715 1.837.816-.816 2.245-.816 3.062 0 .408.408.612.919.612 1.531.306.919-.306 1.633-1.02 1.94Zm-11.942 1.123c.816 0 1.53-.714 1.53-1.53 0-.817-.714-1.532-1.53-1.532-.817 0-1.531.715-1.531 1.531 0 .817.612 1.531 1.53 1.531Zm7.042 1.94c-.204-.205-.408-.205-.51 0-.612.714-2.041.918-3.062.918-1.02 0-2.45-.204-3.062-.919-.204-.204-.408-.204-.51 0-.204.204-.204.409 0 .51 1.02 1.021 3.062 1.123 3.674 1.123.613 0 2.552-.102 3.675-1.122-.102-.102-.102-.306-.205-.51Zm1.225-3.47c0-.817-.714-1.532-1.53-1.532-.817 0-1.532.715-1.532 1.531 0 .817.715 1.531 1.531 1.531.817 0 1.531-.714 1.531-1.53Z"/> <path fill="#000" d="M27.764 21.071v.613c0 3.368-3.879 6.022-8.676 6.022-4.797 0-8.676-2.654-8.676-6.022v-.613c-1.122-.51-1.53-1.735-1.122-2.857.306-.817 1.123-1.327 1.939-1.225.612 0 1.123.204 1.531.612 1.735-1.122 3.776-1.837 5.818-1.837l1.122-5.103c0-.102.102-.204.102-.204.102-.102.205-.102.307-.102l3.572.816c.408-.714 1.327-1.123 2.041-.714.715.408 1.123 1.326.715 2.04-.409.715-1.327 1.124-2.042.715-.51-.204-.816-.714-.816-1.326l-3.164-.715-1.02 4.593c2.245.102 4.286.817 5.715 1.837.816-.816 2.245-.816 3.062 0 .408.408.612.919.612 1.531.306.919-.306 1.633-1.02 1.94Zm-11.942 1.123c.816 0 1.53-.714 1.53-1.53 0-.817-.714-1.532-1.53-1.532-.817 0-1.531.715-1.531 1.531 0 .817.612 1.531 1.53 1.531Zm7.042 1.94c-.204-.205-.408-.205-.51 0-.612.714-2.041.918-3.062.918-1.02 0-2.45-.204-3.062-.919-.204-.204-.408-.204-.51 0-.204.204-.204.409 0 .51 1.02 1.021 3.062 1.123 3.674 1.123.613 0 2.552-.102 3.675-1.122-.102-.102-.102-.306-.205-.51Zm1.225-3.47c0-.817-.714-1.532-1.53-1.532-.817 0-1.532.715-1.532 1.531 0 .817.715 1.531 1.531 1.531.817 0 1.531-.714 1.531-1.53Z"/> <rect width="37" height="37" x=".5" y=".5" stroke="#D8D8D8" rx="18.5"/> </svg> </a> </li> <li> <a href="https://www.linkedin.com/groups/36836/"> <span class="screen-reader-only">CACM on LinkedIn</span> <svg xmlns="http://www.w3.org/2000/svg" width="38" height="38" fill="none"> <path fill="#000" d="M14.117 12.74c0 .96-.773 1.738-1.726 1.738a1.732 1.732 0 0 1-1.725-1.739c0-.96.772-1.739 1.725-1.739.953 0 1.726.78 1.726 1.74Zm.013 3.13h-3.478V27h3.479V15.87Zm5.553 0h-3.456V27h3.457v-5.843c0-3.248 4.194-3.514 4.194 0V27h3.47v-7.048c0-5.481-6.207-5.282-7.665-2.583v-1.5Z"/> <rect width="37" height="37" x=".5" y=".5" stroke="#D8D8D8" rx="18.5"/> </svg> </a> </li> </ul> </div> </nav> </header> </div> <div id="content" class="site-content container"> <div id="primary" class="content-area"> <main id="main" class="site-main"> <article id="post-762197" class="post-762197 digital-library type-digital-library status-publish has-post-thumbnail hentry category-security-and-privacy category-systems-and-networking issue-december-2024 section-practice"> <header class="article-header article-header--default"> <div class="article-header__inner container"> <div class="article-header__section"><a href="https://cacm.acm.org/section/practice/">Practice</a></div> <div class="article-header__topic-and-issue-section"> <span class="article-header__topic"> <a href="https://cacm.acm.org/category/security-and-privacy/">Security and Privacy</a> </span> <span class="article-header__issue-section"> </span> </div> <h1 class="article-header__title">Confidential Computing or Cryptographic Computing?</h1> <div class="article-header__subtitle"><p>Trade-offs between secure computation via cryptography and hardware enclaves.</p> </div> <div class="article-header__meta"> <div class="article-header__byline"> By <a href="https://cacm.acm.org/author/raluca-ada-popa/" title="Posts by Raluca Ada Popa" class="author url fn" rel="author">Raluca Ada Popa</a> </div> <div class="article-header__posted-on"> <span class="posted-on">Posted <time datetime="2024-11-04T16:18:44-05:00">Nov 4 2024</time></span> </div> </div> <figure class="article-header__figure"> <div class="image-wrapper image-wrapper--widescreen"><img width="1024" height="576" src="https://cacm.acm.org/wp-content/uploads/2024/11/110424.PR_.Confidential-Computing-S.jpg" class="attachment-full size-full" alt="Trosky Castle, Czech Republic" loading="eager" decoding="async" srcset="https://cacm.acm.org/wp-content/uploads/2024/11/110424.PR_.Confidential-Computing-S.jpg 2400w, https://cacm.acm.org/wp-content/uploads/2024/11/110424.PR_.Confidential-Computing-S.jpg?resize=300,169 300w, https://cacm.acm.org/wp-content/uploads/2024/11/110424.PR_.Confidential-Computing-S.jpg?resize=768,432 768w, https://cacm.acm.org/wp-content/uploads/2024/11/110424.PR_.Confidential-Computing-S.jpg?resize=1024,576 1024w, https://cacm.acm.org/wp-content/uploads/2024/11/110424.PR_.Confidential-Computing-S.jpg?resize=1536,864 1536w, https://cacm.acm.org/wp-content/uploads/2024/11/110424.PR_.Confidential-Computing-S.jpg?resize=2048,1152 2048w" sizes="(max-width: 1024px) 100vw, 1024px" /></div> </figure> <div class="article-header__share"> <ul class="share"> <li class="share-link" data-component="share"> <a href="#" class="share-toggle"> <svg aria-hidden="true" focusable="false" width="19" height="18" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-share"></use></svg> <span class="share-link-text"> Share </span> </a> <ul class="share-menu" aria-hidden="true"> <li> <a href="https://twitter.com/intent/tweet?url=https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/&text=Confidential%20Computing%20or%20Cryptographic%20Computing?" target="_blank"> Twitter </a> </li> <li> <a href="http://www.reddit.com/submit?url=https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/&title=Confidential%20Computing%20or%20Cryptographic%20Computing?" target="_blank"> Reddit </a> </li> <li> <a href="https://news.ycombinator.com/submitlink?u=https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/&t=Confidential%20Computing%20or%20Cryptographic%20Computing?" target="_blank"> Hacker News </a> </li> </ul> </li> <li class="share-link share-link-pdf"> <a href="https://dl.acm.org/doi/pdf/10.1145/3677616" target="_blank"> <svg aria-hidden="true" focusable="false" width="19" height="20" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-pdf-download"></use></svg> <span class="share-link-text"> Download PDF </span> </a> </li> <li class="share-link share-link-print" data-component="print"> <a href="#" class="print"> <svg aria-hidden="true" focusable="false" width="19" height="20" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-print"></use></svg> <span class="share-link-text"> Print </span> </a> </li> <li class="share-link share-link-discussion" data-component="share"> <a class="share-link-comments" href="#comments"> <svg aria-hidden="true" focusable="false" width="19" height="20" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-comment"></use></svg> <span class="share-link-text">Join the Discussion</span> </a> </li> <li class="share-link share-link-dl"> <a href="https://dl.acm.org/doi/10.1145/3677616"> <svg aria-hidden="true" focusable="false" width="21" height="21" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-digital-library"></use></svg> <span class="share-link-text"> View in the ACM Digital Library </span> <svg aria-hidden="true" focusable="false" width="14" height="9" fill="var(--cacm--symbol--fill)" class="icon-dl"><use href="#am-symbol-icon-arrow-right"></use></svg> </a> </li> </ul> </div> </div> </header> <section class="article-table-of-contents" data-component="articleToc"> <ol class="article-table-of-contents__list"> <ul> <li><a href="#sec2">Cryptographic Computation</a></li> <li><a href="#sec3">Hardware Enclaves</a></li> <li><a href="#sec7">Real-world Use Cases</a></li> <li><a href="#sec9">Confidential Computing Use Cases</a></li> <li><a href="#sec10">Combining the Two Approaches</a></li> <li><a href="#sec11">Conclusions and How to Learn More</a></li> <li><a href="#references">References</a></li> </ul> </ol> </section> <div class="article-contents"> <div class="article-content entry-content"> <article><div class="body" lang="en"><section id="sec1" class="sec"><p id="p-1">Increasingly stringent privacy regulations—for example, the European Union’s General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) in the U.S.—and sophisticated attacks leading to massive breaches have increased the demand for protecting data in use, or <i>encryption in use</i>. The encryption-in-use paradigm is important for security because it protects data during processing; in contrast, <i>encryption at rest</i> protects data only when it is in storage and <i>encryption in transit</i> protects data only when it is being communicated over the network. In both cases, however, the data is exposed during computation—namely, while it is being <i>used/processed</i> at the servers. It is during that processing window when many data breaches happen, either at the hands of hackers or insider attackers.</p><p id="p-2">Another advantage of encryption in use is that it allows different parties to collaborate by putting their data together for the purpose of learning insights from their aggregate data—without actually sharing their data with each other. This is because the parties share <i>encrypted</i> data with each other, so no party can see the data of any other party in decrypted form. The parties can still run useful functions on the data and release only the computation results. For example, medical organizations can train a disease-treatment model on their aggregate patient data without seeing each other’s data. Another example is within a financial institution, such as a bank, where data analysts can build models across different branches or teams that would otherwise not be allowed to share data with each other.</p><p id="p-3">Today there are two prominent approaches to secure computation:</p><ul class="list" data-jats-list-type="bullet"><li class="list-item"><p id="p-4">A purely cryptographic approach (using homomorphic encryption and/or secure multi-party computation).</p></li><li class="list-item"><p id="p-5">A hardware security approach (using hardware enclaves sometimes combined with cryptographic mechanisms), also known as <i>confidential computing</i>.</p></li></ul><p id="p-6">There is a complex trade-off between these two approaches in terms of security guarantees, performance, and deployment. Comparisons between the two for ease of use, security, and performance are shown in Tables <a class="xref xref-table" href="#T1" data-jats-rid="T1" data-jats-ref-type="table">1</a>, <a class="xref xref-table" href="#T2" data-jats-rid="T2" data-jats-ref-type="table">2</a>, and <a class="xref xref-table" href="#T3" data-jats-rid="T3" data-jats-ref-type="table">3</a>. For simple computations, both approaches tend to be efficient, so the choice between these two would likely be based on security and deployment considerations. However, for complex workloads, such as advanced machine-learning (ML) training (for example, transformers) and rich SQL analytics, the purely cryptographic approach is too inefficient for many real-world deployments. In these cases, the hardware security approach is the practical choice.</p></section><iframe title="YouTube video player" src="https://www.youtube.com/embed/3GPD40lWVoI?si=ZaL8Wzi89UEghqdq" width="560" height="315" frameborder="0" allowfullscreen="allowfullscreen"></iframe><section id="sec2" class="sec"><h2 class="heading">Cryptographic Computation</h2><p id="p-7">There are two main ways to compute on encrypted data using cryptographic mechanisms: <i>homomorphic encryption</i> and <i>secure multi-party computation</i>.</p><p id="p-8">Homomorphic encryption permits evaluating a function on encrypted input. For example, with <a class="ext-link" href="https://crypto.stanford.edu/craig/craig-thesis.pdf" data-jats-ext-link-type="uri">fully homomorphic encryption</a>,<a class="reference-link xref xref-bibr" href="#B9" data-jats-ref-type="bibr" data-jats-rid="B9"><sup>9</sup></a> a user can send to a cloud <code class="monospace">Encrypt(x)</code> for some input <code class="monospace">x</code>, and a cloud can compute <code class="monospace">Encrypt(f(x))</code> using a public evaluation key for any function <code class="monospace">f</code>.</p><p id="p-9"><a class="ext-link" href="https://ieeexplore.ieee.org/document/4568207" data-jats-ext-link-type="uri">Secure multi-party computation</a><a class="reference-link xref xref-bibr" href="#B23" data-jats-ref-type="bibr" data-jats-rid="B23"><sup>23</sup></a> is often more efficient than homomorphic encryption and can protect against a malicious attacker, but it has a different setup, shown in Figure <a class="xref xref-fig" href="#F1" data-jats-ref-type="fig" data-jats-rid="F1">1</a>. In secure multi-party computation (MPC), <code class="monospace">n</code> parties having private inputs <code class="monospace">x_1, ..., x_n</code>, compute a function <code class="monospace">f(x_1, ..., x_n)</code> without sharing their inputs with each other. This is a cryptographic protocol at the end of which the parties learn the function result, but in the process no party learns the input of the other party beyond what can be inferred from the function result.</p><figure id="F1" class="fig" data-jats-position="float"><div class="image-container"> <a data-fslightbox="https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png" data-type="image" data-caption="" href="https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png"> <img decoding="async" class="alignnone wp-image-762442" src="https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png?w=1024" alt="An illustrated diagram shows three clouds in a triangular form housing data of different kinds, representing confidential computing." width="839" height="521" srcset="https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png 3547w, https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png?resize=300,186 300w, https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png?resize=768,477 768w, https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png?resize=1024,636 1024w, https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png?resize=1536,954 1536w, https://cacm.acm.org/wp-content/uploads/2024/11/Figure1.png?resize=2048,1273 2048w" sizes="(max-width: 839px) 100vw, 839px" /> </a> </div><figcaption><span class="caption-label">Figure 1. </span> <span class="title">Illustration of secure multi-party computation for 3 parties. Each party essentially has a cryptographic key that only that party can access. Parties exchange encrypted data (often over multiple iterations), and compute locally on cryptographic data from other parties and their local data.</span><div class="figcaption-footer"> </div></figcaption></figure><p id="p-10">There are many different threat models for computation in MPC, resulting in different performance overheads. A natural threat model is to assume that all but one of the participating parties are malicious, so each party need only trust itself. This natural threat model, however, comes with implementations that have high overheads because the attacker is quite powerful. To improve performance, people often compromise in the threat model by assuming that a majority of the parties act honestly (and only a minority are malicious).</p><p id="p-11">Also, since the performance overheads often increase with the number of parties, another compromise in some MPC models is to outsource the computation to <code class="monospace">m < n</code> servers in different trust domains. For example, some works propose outsourcing the secure computation to two mutually distrustful servers. This latter model tends to be weaker than threat models, where a party needs to trust only itself. Therefore, in the rest of this article, we only consider maliciously secure n-party MPC. This also makes the comparison to secure computation via hardware enclaves more consistent, because this second approach, which is discussed next, aims to protect against all parties being malicious.</p></section><section id="sec3" class="sec"><h2 class="heading">Hardware Enclaves</h2><p id="p-12">Figure <a class="xref xref-fig" href="#F2" data-jats-ref-type="fig" data-jats-rid="F2">2</a> shows a simplified view of one processor. The light blue area denotes the inside of the enclave. The Memory Encryption Engine (MEE) is a special hardware unit that contains cryptographic keys and, by using them, it encrypts the data leaving the processor, so the memory bus and memory receive encrypted data. Inside the processor, the MEE decrypts the data so the core can compute on data at regular processor speeds.</p><figure id="F2" class="fig" data-jats-position="float"><div class="image-container"> <a data-fslightbox="https://cacm.acm.org/wp-content/uploads/2024/10/3677616_fig02.jpg" data-type="image" data-caption="Figure 2. Simplified illustration of memory encryption in a hardware enclave." href="https://cacm.acm.org/wp-content/uploads/2024/10/3677616_fig02.jpg"> <img decoding="async" class="graphic" title="Figure 2. Simplified illustration of memory encryption in a hardware enclave." src="https://cacm.acm.org/wp-content/uploads/2024/10/3677616_fig02.jpg" alt="Simplified illustration of memory encryption in a hardware enclave." width="982" height="260" data-image-id="F2" data-image-type="figure" /> </a> </div><figcaption><span class="caption-label">Figure 2. </span> <span class="title">Simplified illustration of memory encryption in a hardware enclave.</span><div class="figcaption-footer"> </div></figcaption></figure><p id="p-13">Trusted execution environments such as hardware enclaves aim to protect an application’s code and data from all other software in the system. The MEE ensures that even an administrator of a machine with full privileges examining the data in memory sees encrypted data (Figure <a class="xref xref-fig" href="#F2" data-jats-ref-type="fig" data-jats-rid="F2">2</a>). When encrypted data returns from main memory into the processor, the MEE decrypts the data and the CPU computes on decrypted data. This is what enables the high performance of enclaves compared with the purely cryptographic computation: The CPU performs computation on raw data as in regular processing.</p><p id="p-14">At the same time, from the perspective of any software or user accessing the machine, the data looks encrypted at any point in time: The data going into the processor and coming out is always encrypted, giving the illusion that the processor is computing on the encrypted data. Hardware enclaves also provide a useful feature called <a class="ext-link" href="https://queue.acm.org/detail.cfm?id=3623460" data-jats-ext-link-type="uri">remote attestation</a>,<a class="reference-link xref xref-bibr" href="#B5" data-jats-ref-type="bibr" data-jats-rid="B5"><sup>5</sup></a> with which remote clients can verify code and data loaded in an enclave and establish a secure connection with the enclave, which they can use to exchange keys.</p><p id="p-15">A number of enclave services are available today on public clouds such as Intel Software Guard Extensions (SGX) in Azure, Amazon Nitro Enclaves in Amazon Web Services (although this enclave is mostly software-based and does not provide memory encryption), <a class="ext-link" href="https://queue.acm.org/detail.cfm?id=3623392" data-jats-ext-link-type="uri">Secure Encrypted Virtualization (SEV) from AMD</a><a class="reference-link xref xref-bibr" href="#B12" data-jats-ref-type="bibr" data-jats-rid="B12"><sup>12</sup></a> in Google Cloud, and others. Nvidia recently added <a class="ext-link" href="https://queue.acm.org/detail.cfm?id=3623391" data-jats-ext-link-type="uri">enclave support in its H100 GPU</a>.<a class="reference-link xref xref-bibr" href="#B6" data-jats-ref-type="bibr" data-jats-rid="B6"><sup>6</sup></a></p><section id="sec4" class="inline-headings-section"><p data-jats-content-type="inline-heading"><strong>Ease-of-use comparison.</strong> With a purely cryptographic approach, there is no need for specialized hardware and special hardware assumptions. At the same time, in a setting like MPC, the parties must be deployed in different trust domains for the security guarantees of MPC to hold. In the threat models discussed earlier, participating organizations have to run the cryptographic protocol on site or in their private clouds, which is often a setup, management, and/or cost burden compared with running the whole computation on a cloud. This can be a deal-breaker for some organizations.</p><figure id="T1" class="table-wrap" data-jats-position="float"><div class="caption"><strong><span class="caption-label">Table 1. </span>Ease-of-use comparison.</strong></div><div class="table-container"><table class="table table-bordered table-condensed table-hover" data-jats-frame="hsides" data-jats-rules="groups" data-jats-border="1"><tbody><tr><td style="text-align: left;"><b>Cryptographic Computing (such as FHE and MPC)</b></td><td style="text-align: left;"><b>Enclave/Confidential Computing</b></td></tr><tr><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> Requires cryptographic expertise to design a tailored protocol for increased performance</td><td style="text-align: left;"><b><span class="styled-content" style="color: #417505;">√</span></b> Can run proprietary systems in confidential computing without modification</td></tr><tr><td style="text-align: left;"><b><span class="styled-content" style="color: #417505;">√</span></b> Does not require specialized hardware</td><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> Requires specialized hardware to run on</td></tr><tr><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> Requires a deployment across multiple trust domains</td><td style="text-align: left;"><b><span class="styled-content" style="color: #417505;">√</span></b> Can be deployed in a single trust domain (for example, the Cloud)</td></tr><tr><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> Cannot support proprietary systems</td><td style="text-align: left;"> </td></tr></tbody></table></div></figure><p id="p-17">With homomorphic encryption, in principle, the whole computation can be run in the cloud, but homomorphic encryption does not protect against malicious attackers as MPC and hardware enclaves do. For such protection, you would also have to use heavy cryptographic tools, such as zero-knowledge proofs.</p><p id="p-18">In contrast, hardware enclaves are now available on major cloud providers such as Azure, AWS, and Google Cloud. Running an enclave collaborative computation is as easy as using one of these cloud services. This also means that to use enclaves, you do not need to purchase specialized hardware: The major clouds already provide services based on these machines. Of course, if the participating organizations want, they could each deploy enclaves on their premises or in private clouds and perform the collaborative computation across the organizations in a distributed manner similar to MPC. The rest of this article assumes a cloud-based deployment for hardware enclaves, unless otherwise specified.</p><p id="p-19">With cryptographic computing, cryptographic expertise is often required to run a certain task. Since the cryptographic overhead is high, tailoring the MPC design for a certain task can bring significant savings. At the same time, this requires expertise and time that many users do not have. Hiring cryptography experts for this task is burdensome and expensive. For example, a user cannot simply run a data-analytics or machine-learning pipeline in MPC. Instead, the user has to identify some key algorithms in those libraries to support, employ tailored cryptographic protocols for those, and implement the resulting cryptographic protocols in a system that likely requires significant code changes as compared with an existing analytics/ML pipeline.</p><p id="p-20">In contrast, modern enclaves provide a VM interface, resulting in a <a class="ext-link" href="https://cloud.google.com/confidential-computing/confidential-vm/docs/confidential-vm-overview" data-jats-ext-link-type="uri">Confidential Virtual Machine</a>.<a class="reference-link xref xref-bibr" href="#B10" data-jats-ref-type="bibr" data-jats-rid="B10"><sup>10</sup></a> This means that the user can install proprietary software in these enclaves without modifying this software. Complex codebases are supported in this manner. For example, <a class="ext-link" href="https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes" data-jats-ext-link-type="uri">Confidential Google Kubernetes engine nodes</a><a class="reference-link xref xref-bibr" href="#B11" data-jats-ref-type="bibr" data-jats-rid="B11"><sup>11</sup></a> enable Kubernetes to run in confidential VMs. The first iteration of the enclave, Intel SGX, did not have this flexibility and required modifying and porting a program to run it in the enclave. Since then, it has been recognized that to use this technology for confidential data pipelines, users must remove the friction of porting to the enclave interface. This is how the confidential VM model was born.</p></section><section id="sec5" class="inline-headings-section"><p data-jats-content-type="inline-heading"><strong>Security comparison.</strong> The <i>homomorphic encryption</i> referred to here can compute more complex functions, meaning either <i>fully</i> or <i>leveled</i> homomorphic encryption. Some homomorphic encryption schemes can perform simple functions efficiently (such as addition or low-degree polynomials). As soon as the function becomes more complex, performance degrades significantly.</p><figure id="T2" class="table-wrap" data-jats-position="float"><div class="caption"><strong><span class="caption-label">Table 2 . </span>Security comparison.</strong></div><div class="table-container"><table class="table table-bordered table-condensed table-hover" data-jats-frame="hsides" data-jats-rules="groups" data-jats-border="1"><tbody><tr><td style="text-align: left;"><b>Cryptographic Computing (such as FHE and MPC)</b></td><td style="text-align: left;"><b>Enclave/Confidential Computing</b></td></tr><tr><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> Homomorphic encryption is typically slower than MPC for non-trivial functionalities and does not protect against malicious attackers</td><td style="text-align: left;"><b><span class="styled-content" style="color: #417505;">√</span></b> Enclaves offer a notion of integrity of computation and data, unlike FHE</td></tr><tr><td style="text-align: left;"><b><span class="styled-content" style="color: #417505;">√</span></b> MPC does not suffer from side-channel attacks within the permitted number of compromised parties.</td><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> Enclaves suffer from side-channel attacks. (Leveraging oblivious computation prevents many of these attacks.)</td></tr><tr><td style="text-align: left;"> </td><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> Enclaves have a large, trusted compute base (TCB).</td></tr></tbody></table></div></figure><p id="p-22">Homomorphic encryption is a special form of secure computation, where a cloud can compute a function over encrypted data without interacting with the owner of the encrypted data. It is a cryptographic tool that can be used as part of an MPC protocol. MPC is more generic and encompasses more cryptographic tools; parties running an MPC protocol often interact with each other over multiple rounds, which affords better performance than being restricted to a noninteractive setting.</p><p id="p-23">For general functions, homomorphic encryption is slower than MPC. Also, as discussed, it does not provide malicious security without employing an additional cryptographic tool such as zero-knowledge proofs, which can be computationally expensive.</p><p id="p-24">When an MPC protocol protects against some malicious parties, it also protects against any side-channel attacks at the servers of those parties. In this sense, the threat model for the malicious parties is cleaner than for hardware enclaves’ threat model because it does not matter what attack adversaries mount at their servers; MPC considers any sort of compromise for these parties. For the honest parties, MPC does not protect against side-channel attacks.</p><p id="p-25">In the case of enclaves, attackers can attempt to perform side-channel attacks. A common class of side-channel attack (which encompasses many different types) involves an attacker who observes which memory locations are accessed as well as the order and frequency of these accesses. Even though the data at those memory locations is encrypted, seeing the access pattern can provide confidential information to the attacker. These attacks are called memory-based access-pattern attacks, or simply access-pattern attacks.</p><p id="p-26">There has been significant research on protecting against these access-pattern side-channel attacks using a cryptographic technique called <i>data-oblivious computation</i>. Oblivious computation ensures that the accesses to memory do not reveal any information about the sensitive data being accessed. Intuitively, it transforms the code into a side-channel-free version of the code, similar to how the OpenSSL cryptographic libraries have been hardened.</p><p id="p-27">Oblivious computation protects against a large class of side-channel attacks based on cache-timing-exploiting memory accesses, page faults, branch predictor, memory bus leakage, dirty bit, and others.</p><p id="p-28">Hardware enclaves such as Intel SGX are also prone to other side-channel attacks besides access patterns (for example, speculative-execution-based attacks, attacks to remote attestation), which are not prevented by oblivious computation. Fortunately, when such attacks are discovered, they are typically patched in a short amount of time by cloud providers, such as Azure confidential computing and others. Even if the hardware enclaves would be vulnerable for the time period before the patch, the traditional cloud security layer is designed to prevent attackers from breaking in to mount such a side-channel attack. This additional level of security would not exist on a client-side usage of enclaves.</p><p id="p-29">Subverting this layer as well as being able to set up a side-channel attack in a real system with such protection is typically much harder to do for an attacker because it requires the attacker to succeed at mounting two different and difficult types of attacks. It is not sufficient for the attacker to succeed in attacking only one. At the time of writing this article, there is no evidence of any such dual attack having occurred on state-of-the-art public clouds such as Azure confidential computing. This is why, when using hardware enclaves, you can assume that the cloud provider is a well-intended organization and its security practices are state of the art, as would be expected from major cloud providers today.</p><p id="p-30">Another aspect pertaining to security is the size of the trusted computing base (TCB). The larger the TCB, the larger the attack surface and the more difficult it is to harden the code against exploits. Considering the typical use of enclaves these days—namely, the confidential VM abstraction—the enclave contains an entire virtual machine. This means that the TCB for enclaves is large—many times larger than the one for cryptographic computation. For cryptographic computation, the TCB is typically the client software that encrypts the data, but there might be some extra assumptions on the server system, depending on the threat model.</p></section><section id="sec6" class="inline-headings-section"><p data-jats-content-type="inline-heading"><strong>Performance comparison.</strong> Cryptographic computation is efficient enough for running simple computations, such as summations, counts, or low-degree polynomials. As of the time this article was published, cryptographic computation was still too slow to run complex functions, such as ML training or rich data analytics. Take, for example, training a neural-network model. Recent state-of-the-art work on Microsoft Falcon (2021) estimates that training a moderate-size neural network such as VGG-16 on datasets such as CIFAR-10 could range into years. This work also assumes a threat model with three parties that have an honest majority, so a weaker threat model than the n organizations where n-1 can be malicious.</p><figure id="T3" class="table-wrap" data-jats-position="float"><div class="caption"><strong><span class="caption-label">Table 3. </span>Performance comparison.</strong></div><div class="table-container"><table class="table table-bordered table-condensed table-hover" data-jats-frame="hsides" data-jats-rules="groups" data-jats-border="1"><tbody><tr><td style="text-align: left;"><b>Cryptographic Computing (such as FHE or MPC)</b></td><td style="text-align: left;"><b>Enclave/Confidential Computing</b></td></tr><tr><td style="text-align: left;"><b><i><span class="styled-content" style="color: #d0021b;">x</span></i></b> MPC (and homomorphic encryption) are still very inefficient for complex computation.</td><td style="text-align: left;"><b><span class="styled-content" style="color: #417505;">√</span></b> Enclave computation is much more efficienct, sometimes close to vanilla processor speeds.</td></tr></tbody></table></div></figure><p id="p-32">Now let us take an example with the stronger threat model: our state-of-the-art work on Senate,<a class="reference-link xref xref-bibr" href="#B18" data-jats-ref-type="bibr" data-jats-rid="B18"><sup>18</sup></a> which enables rich SQL data analytics with maliciously secure MPC. Senate improved the performance of existing MPC protocols by up to 145 times. Even with this improvement, Senate can perform analytics only on small databases of tens of thousands of rows and cannot scale to hundreds of thousands or millions of rows because the MPC computation runs out of memory and becomes very slow. We have been making a lot of progress on reducing the memory overheads in our recent work on MAGE<a class="reference-link xref xref-bibr" href="#B13" data-jats-ref-type="bibr" data-jats-rid="B13"><sup>13</sup></a> and in another work, Piranha, on employing GPUs for secure computation learning,<a class="reference-link xref xref-bibr" href="#B22" data-jats-ref-type="bibr" data-jats-rid="B22"><sup>22</sup></a> but the overheads of MPC remain too high for training advanced ML models and for rich SQL data analytics. It could still take years until MPC becomes efficient for these workloads.</p><p id="p-33">Some companies claim to run MPC efficiently for rich SQL queries and ML training. How is that possible? An investigation of a few of them showed that they decrypt a part of the data or keep a part of the query processing in unencrypted form, which exposes that data and the computation to an attacker. This compromise reduces the privacy guarantee.</p><p id="p-34">Hardware enclaves are far more efficient than cryptographic computation because, as explained earlier, deep down in the processor the CPU computes on unencrypted data. At the same time, data coming in and out of the processor is in encrypted form, and any software or entity outside of the enclave that examines the data sees it in encrypted form. This has the effect of computing on encrypted data without the large overheads of MPC or homomorphic encryption. The overheads of such computation depend a lot on the workload, but there have been overheads of, for example, 20%—twice for many workloads.</p><p id="p-35">Adding side-channel protection, such as oblivious computation, can increase the overhead, but overall the performance of secure computation using enclaves still is much better than MPC/homomorphic encryption for many realistic SQL analytics and ML workloads. The amount of overhead from side-channel protection via oblivious computation varies based on the workload—from adding almost no overhead for workloads that are close to being oblivious to 10 times the overhead for some workloads.</p><p id="p-36">The <a class="ext-link" href="https://www.nvidia.com/en-us/data-center/solutions/confidential-computing/" data-jats-ext-link-type="uri">Nvidia GPU enclaves</a><a class="reference-link xref xref-bibr" href="#B16" data-jats-ref-type="bibr" data-jats-rid="B16"><sup>16</sup></a> in the H100 architecture offer significant speed-ups for ML workloads, especially for generative AI. Indeed, there are significant industry efforts around using GPU enclaves to protect prompts during generative AI inference, data during generative AI fine-tuning, and even model weights during training of the foundational model. At the time of writing this article, Azure offers a preview of its GPU Confidential Computing service, and other major clouds have similar efforts under way. Confidential computing promises to bring the benefits of generative AI to confidential data, such as the proprietary data of businesses, to increase their productivity and the private data of users to assist them in various tasks.</p></section></section><section id="sec7" class="sec"><h2 class="heading">Real-world Use Cases</h2><p id="p-37">Because of the need for data protection in use, there has been an increase in use secure-computation use cases, whether it is cryptographic or hardware-enclave based. This section looks at use cases for both types.</p><section id="sec8" class="inline-headings-section"><p data-jats-content-type="inline-heading"><strong>Cryptographic computation.</strong> One of the main resources to track major use cases for secure multi-party computation is the <a class="ext-link" href="https://mpc.cs.berkeley.edu/" data-jats-ext-link-type="uri">MPC Deployments dashboard</a><a class="reference-link xref xref-bibr" href="#B15" data-jats-ref-type="bibr" data-jats-rid="B15"><sup>15</sup></a> hosted by University of California, Berkeley. The community can contribute use cases to this tracker if they have users. A variety of deployed use cases are available for applications such as privacy-preserving advertising, cryptocurrency wallets (Coinbase, Fireblocks, Dfns), private inventory matching (J.P. Morgan), privacy-preserving Covid exposure notifications (Google, Apple), and others.</p><p id="p-39">Most of these use cases are centered around a specific, typically simple computation and use specialized cryptography to achieve efficiency. This is in contrast to supporting a more generic system, on top of which you can build many applications such as a database, data-analytics framework, or ML pipeline—these use cases are more efficiently served by confidential computing.</p><p id="p-40">One prominent use case was collecting Covid exposure notification information from users’ devices in a private way. The organizations involved were Internet Security Research Group (ISRG) and National Institutes of Health (NIH). Apple and Google served as injection servers to obtain encrypted user data, and the ISRG and NIH ran servers that computed aggregates with help from MITRE. The results were shared with public health authorities. The computation in this case checked that the data uploaded from users satisfied some expected format and bounds, and then performed simple aggregates such as summation.</p><p id="p-41">Heading toward a more general system based on MPC, <a class="ext-link" href="https://galois.com/project/jana-private-data-as-a-service/" data-jats-ext-link-type="uri">Jana</a><a class="reference-link xref xref-bibr" href="#B8" data-jats-ref-type="bibr" data-jats-rid="B8"><sup>8</sup></a> is an MPC-secured database developed by Galois Inc. using funding from DARPA over 4½ years and providing privacy-preserving data as a service (PDaaS). Jana’s goal is to protect the privacy of data subjects while allowing parties to query this data. The database is encrypted, and parties perform queries using MPC. Jana also combines differential privacy and searchable encryption with MPC.</p><p id="p-42">The Jana developers detail the <a class="ext-link" href="https://galois.com/blog/2020/10/galois-team-wraps-up-the-jana-project/" data-jats-ext-link-type="uri">challenges</a><a class="reference-link xref xref-bibr" href="#B7" data-jats-ref-type="bibr" data-jats-rid="B7"><sup>7</sup></a> they encountered, such as “Performance of queries evaluated in our linear secret-sharing protocols remained disappointing, with JOIN-intensive and nested queries on realistic data running up to 10,000 times slower than the same queries without privacy protection.” Nevertheless, Jana was used in real-world prototype applications, such as inter-agency data sharing for public policy development, and in a secure computation class at Columbia University.</p></section></section><section id="sec9" class="sec"><h2 class="heading">Confidential Computing Use Cases</h2><p id="p-43">Because of its efficiency, confidential computing has been more widely adopted than cryptographic computation. The major clouds—Azure, AWS, and Google Cloud—offer confidential computing solutions. They provide CPU-based confidential computing, and some are in the process of offering GPU-based confidential computing (for example, Azure has a preview offering for the H100 enclave). A significant number of companies have emerged to enable various types of workloads in confidential computing in these clouds. Among them are Opaque, Fortanix, Anjuna, Husmesh, Antimatter, Edgeless, and Enclaive.</p><p id="p-44">For example, <a class="ext-link" href="http://opaque.co/" data-jats-ext-link-type="uri">Opaque</a><a class="reference-link xref xref-bibr" href="#B17" data-jats-ref-type="bibr" data-jats-rid="B17"><sup>17</sup></a> enables data analytics and ML to run in confidential computing. Using the hardware enclave in a cloud requires significant security expertise. Consider, for example, that a user wants to run a certain data-analytics pipeline—say, from Databricks—in confidential VMs in the cloud. Simply running in confidential VMs is not sufficient for security: The user has to be concerned with correctly setting up the enclaves’ remote attestation process, key distribution and management, a cluster of enclaves that offer scaling out, as well as defining and enforcing end-to-end policies on who can see what part of the data or the computation.</p><p id="p-45">To avoid this work for the user, Opaque provides a software stack running on top of the enclave hardware infrastructure that allows the user to run the workflow frictionlessly without security expertise. Opaque’s software stack takes care of all these technical aspects. This is the result of years of research at UC Berkeley, followed by product development. Specifically, the technology behind Opaque was initially developed in the Berkeley RISELab (Realtime Intelligent Secure Explainable Systems),<a class="reference-link xref xref-bibr" href="#B19" data-jats-ref-type="bibr" data-jats-rid="B19"><sup>19</sup></a> and it has evolved to support ML workloads and a variety of data-analytics pipelines.</p><p id="p-46">Opaque can scale to an arbitrary cluster size and big data, essentially creating one “large cluster enclave” out of individual enclaves. It enables collaboration between organizations or teams in the same organization that cannot share data with each other: These organizations can share encrypted data with each other in Opaque’s workspace and perform data analytics or ML without seeing each other’s dataset. Use cases include financial services (such as cross-team collaboration for identity resolution or cross-organization collaboration for crime detection); high-tech (such as fine-tuning ML from encrypted data sets); a privacy-preserving large language model (LLM) gateway that offers logging, control, and accountability; and generating a verifiable audit report for compliance.</p><p id="p-47">A number of companies have created the <a class="ext-link" href="https://confidentialcomputing.io/" data-jats-ext-link-type="uri">Confidential Computing Consortium</a>,<a class="reference-link xref xref-bibr" href="#B2" data-jats-ref-type="bibr" data-jats-rid="B2"><sup>2</sup></a> an organization meant to catalyze the adoption of confidential computing through a community-led consortium and open collaboration. The consortium lists more than 30 companies that offer confidential computing technology.</p><p id="p-48">Following are a few examples of end use cases. Signal, a popular end-to-end encrypted messaging application, uses hardware enclaves to secure its <a class="ext-link" href="https://signal.org/blog/building-faster-oram/" data-jats-ext-link-type="uri">private contact discovery service</a>.<a class="reference-link xref xref-bibr" href="#B21" data-jats-ref-type="bibr" data-jats-rid="B21"><sup>21</sup></a> Signal built this service using techniques from the research projects <a class="ext-link" href="https://people.eecs.berkeley.edu/~raluca/oblix.pdf" data-jats-ext-link-type="uri">Oblix</a><a class="reference-link xref xref-bibr" href="#B14" data-jats-ref-type="bibr" data-jats-rid="B14"><sup>14</sup></a> and <a class="ext-link" href="https://eprint.iacr.org/2021/1280" data-jats-ext-link-type="uri">Snoopy</a>.<a class="reference-link xref xref-bibr" href="#B4" data-jats-ref-type="bibr" data-jats-rid="B4"><sup>4</sup></a> In this use case, each user has a private list of contacts on their device, and Signal wants to discover which of these contacts are Signal users as well. At the same time, Signal does not want to reveal the list of its users to any user, nor does it want to learn the private contact list of each user. Essentially, this computation is a private set intersection. Signal investigated various cryptographic computation options and concluded that these would not perform fast enough and cheaply enough for its large-scale use case. As a result, it chose to use hardware enclaves in combination with oblivious computation to reduce a large number of side channels, as discussed earlier. Our work on Oblix and Snoopy developed efficient oblivious algorithms for use inside enclaves.</p><p id="p-49">Other adopters include the cryptocurrency MobileCoin, the <a class="ext-link" href="https://www.anjuna.io/press/israels-ministry-of-defense-selects-anjuna-security-software-to-lockdown-sensitive-data-in-public-clouds" data-jats-ext-link-type="uri">Israeli Ministry of Defense</a>,<a class="reference-link xref xref-bibr" href="#B1" data-jats-ref-type="bibr" data-jats-rid="B1"><sup>1</sup></a> Meta, ByteDance (to increase user privacy in TikTok), and many others.</p></section><section id="sec10" class="sec"><h2 class="heading">Combining the Two Approaches</h2><p id="p-50">Given the trade-off between confidential computing via enclaves and secure computation via cryptography, a natural question is whether a solution can be designed that benefits from the best of both worlds. A few solutions have been proposed, but they still inherit the slowdown from MPC.</p><p id="p-51">For example, my students and I have collaborated with Signal with its <a class="ext-link" href="https://github.com/signalapp/SecureValueRecovery2" data-jats-ext-link-type="uri">SecureValueRecovery</a><a class="reference-link xref xref-bibr" href="#B20" data-jats-ref-type="bibr" data-jats-rid="B20"><sup>20</sup></a> system to develop a mechanism that helps Signal users recover secret keys based on a combination of different hardware enclaves on three clouds and secure multi-party computation. The purpose of this combination is to provide a strong security guarantee, stacking the power of the two technologies as defense in depth.</p><p id="p-52">A similar approach is taken by Meta and Fireblocks, a popular cryptocurrency wallet: They both combine hardware enclaves with cryptographic computation for increased security. The resulting system will be at least as slow as the underlying MPC, but these examples are for specialized tasks for which there are efficient MPC techniques.</p></section><section id="sec11" class="sec"><h2 class="heading">Conclusions and How to Learn More</h2><p id="p-53">Secure computation via MPC/homomorphic encryption versus hardware enclaves presents trade-offs involving deployment, security, and performance. Regarding performance, it depends significantly on the target workload. For simple workloads, such as simple summations, low-degree polynomials, or simple ML tasks, both approaches can be ready to use in practice. However, for rich computations, such as complex SQL analytics or training large ML models, only the hardware enclave approach is practical enough at the moment for many real-world deployment scenarios.</p><p id="p-54">Confidential computing is a relatively young sub-field in computer science—but one that is evolving rapidly. To learn more about confidential computing, attend or watch the content from the <a class="ext-link" href="http://confidentialcomputingsummit.com/" data-jats-ext-link-type="uri">Confidential Computing Summit</a>,<a class="reference-link xref xref-bibr" href="#B3" data-jats-ref-type="bibr" data-jats-rid="B3"><sup>3</sup></a> which was held in June of 2024 in San Francisco. This conference is the premier in-person event for confidential computing and has attracted the top technology players in the space, from hardware manufacturers (Intel, ARM, Nvidia) to hyperscalers (Azure, AWS, Google), solution providers (Opaque, Fortanix), and use-case providers (Signal, Anthropic). The conference is hosted by Opaque and co-organized by the Confidential Computing Consortium.</p></section></div><footer class="back"></footer></article> </div> </div> <footer class="article-footer"> <section class="article-references" data-component="accordion" data-slide-to-refs="true"> <a name="references"></a> <button class="accordion-controller" aria-expanded="false"> <span class="article-references__title"> References </span> <span class="accordion-controller-icon"> <svg aria-hidden="true" focusable="false" width="16" height="16" fill="var(--wp--preset--color--cacm-blue)"><use href="#am-symbol-icon-chevron-down"></use></svg> </span> </button> <ul class="article-references__text accordion-content"> <section id="references" class="ref-list-container"> <h2 class="heading">References</h2> <ul id="ref-list1" class="ref-list"> <li class="ref"> <div id="B1" class="citation"><span class="label">1.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Anjuna</span>. <span class="article-title">Confidential computing pioneer Anjuna makes cloud safe enough for even government and defense agencies</span> (<span class="year">2022</span>); <a class="ext-link" href="https://bit.ly/4bCFAF1" data-jats-ext-link-type="uri">https://bit.ly/4bCFAF1</a>.</span></div> </li> <li class="ref"> <div id="B2" class="citation"><span class="label">2.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Confidential Computing Consortium</span>; <a class="ext-link" href="https://confidentialcomputing.io" data-jats-ext-link-type="uri">https://confidentialcomputing.io</a>.</span></div> </li> <li class="ref"> <div id="B3" class="citation"><span class="label">3.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Confidential Computing Summit 2024</span>; <a class="ext-link" href="https://www.confidentialcomputingsummit.com" data-jats-ext-link-type="uri">https://www.confidentialcomputingsummit.com</a>.</span></div> </li> <li class="ref"> <div id="B4" class="citation"><span class="label">4.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Dauterman</span>, <span class="given-names">E. </span></span><span class="etal">et al.</span> </span><span class="article-title">Snoopy: surpassing the scalability bottleneck of oblivious storage</span>. In <span class="source"><em>Proceedings of the ACM SIGOPS 28th Symp. on Operating Systems Principles</em> </span> (<span class="year">2021</span>); <span class="pub-id" data-jats-pub-id-type="doi" data-jats-assigning-authority="crossref">10.1145/3477132.3483562</span>.</span></div> </li> <li class="ref"> <div id="B5" class="citation"><span class="label">5.</span> <span class="mixed-citation" data-jats-publication-type="journal"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Delignat-Lavaud</span>, <span class="given-names">A. </span></span><span class="etal">et al.</span> </span><span class="article-title">Why should I trust your code?</span> <em><span class="source">ACM Queue </span><span class="volume">21</span></em>, <span class="issue">4</span> (<span class="year">2023</span>); <a class="ext-link" href="https://queue.acm.org/detail.cfm?id=3623460" data-jats-ext-link-type="uri">https://queue.acm.org/detail.cfm?id=3623460</a>.</span></div> </li> <li class="ref"> <div id="B6" class="citation"><span class="label">6.</span> <span class="mixed-citation" data-jats-publication-type="journal"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Dhanuskodi</span>, <span class="given-names">G. </span></span><span class="etal">et al.</span> </span><span class="article-title">Creating the first confidential GPUs</span>. <em><span class="source">ACM Queue </span><span class="volume">21</span></em>, <span class="issue">4</span> (<span class="year">2023</span>); <a class="ext-link" href="https://queue.acm.org/detail.cfm?id=3623391" data-jats-ext-link-type="uri">https://queue.acm.org/detail.cfm?id=3623391</a>.</span></div> </li> <li class="ref"> <div id="B7" class="citation"><span class="label">7.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Galois</span>. <span class="article-title">Galois team wraps up the Jana project</span> (<span class="year">2020</span>); <a class="ext-link" href="https://bit.ly/46179a7" data-jats-ext-link-type="uri">https://bit.ly/46179a7</a>.</span></div> </li> <li class="ref"> <div id="B8" class="citation"><span class="label">8.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Galois</span>. <span class="article-title">Jana: Private data as a service</span> (<span class="year">2024</span>); <a class="ext-link" href="https://bit.ly/3LgGMTZ" data-jats-ext-link-type="uri">https://bit.ly/3LgGMTZ</a></span></div> </li> <li class="ref"> <div id="B9" class="citation"><span class="label">9.</span> <span class="mixed-citation" data-jats-publication-type="book"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Gentry</span>, <span class="given-names">C.</span></span> </span><span class="chapter-title">A fully homomorphic encryption scheme</span>. <span class="source">Ph.D. dissertation</span>, <span class="publisher-name">Stanford University</span> (<span class="year">2009</span>); <a class="ext-link" href="https://crypto.stanford.edu/craig/craig-thesis.pdf" data-jats-ext-link-type="uri">https://crypto.stanford.edu/craig/craig-thesis.pdf</a>.</span></div> </li> <li class="ref"> <div id="B10" class="citation"><span class="label">10.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Google Cloud</span>. <span class="article-title">Confidential VM overview</span>; <a class="ext-link" href="https://bit.ly/3xR0dzz" data-jats-ext-link-type="uri">https://bit.ly/3xR0dzz</a>.</span></div> </li> <li class="ref"> <div id="B11" class="citation"><span class="label">11.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Google Cloud</span>. <span class="article-title">Encrypt workload data in-use with confidential Google Kubernetes engine nodes</span>; <a class="ext-link" href="https://bit.ly/3XXeqpp" data-jats-ext-link-type="uri">https://bit.ly/3XXeqpp</a>.</span></div> </li> <li class="ref"> <div id="B12" class="citation"><span class="label">12.</span> <span class="mixed-citation" data-jats-publication-type="journal"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Kaplan</span>, <span class="given-names">D.</span></span> </span><span class="article-title">Hardware VM isolation in the cloud</span>. <em><span class="source">ACM Queue </span><span class="volume">21</span></em>, <span class="issue">4</span> (<span class="year">2023</span>); <a class="ext-link" href="https://queue.acm.org/detail.cfm?id=3623392" data-jats-ext-link-type="uri">https://queue.acm.org/detail.cfm?id=3623392</a>.</span></div> </li> <li class="ref"> <div id="B13" class="citation"><span class="label">13.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Kumar</span>, <span class="given-names">S.</span></span>, <span class="string-name"><span class="surname">Culler</span>, <span class="given-names">D.E.</span></span>, and <span class="string-name"><span class="surname">Popa</span>, <span class="given-names">R.A.</span></span> </span><span class="article-title">MAGE: nearly zero-cost virtual memory for secure computation</span>. In <span class="source"><em>Proceedings of the Usenix Symp. on Operating Systems Design and Implementation</em></span>; <a class="ext-link" href="https://bit.ly/45Wk78Z" data-jats-ext-link-type="uri">https://bit.ly/45Wk78Z</a>.</span></div> </li> <li class="ref"> <div id="B14" class="citation"><span class="label">14.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Mishra</span>, <span class="given-names">P. </span></span><span class="etal">et al.</span> </span><span class="article-title">Oblix: an efficient oblivious search index</span>. In <span class="source"><em>Proceedings of the IEEE Symp. on Security and Privacy</em> </span> (<span class="year">2018</span>), <span class="fpage">279</span>–<span class="lpage">297</span>; <a class="ext-link" href="https://people.eecs.berkeley.edu/~raluca/oblix.pdf" data-jats-ext-link-type="uri">https://people.eecs.berkeley.edu/~raluca/oblix.pdf</a>.</span></div> </li> <li class="ref"> <div id="B15" class="citation"><span class="label">15.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">MPC Deployments</span>; <a class="ext-link" href="https://mpc.cs.berkeley.edu" data-jats-ext-link-type="uri">https://mpc.cs.berkeley.edu</a>.</span></div> </li> <li class="ref"> <div id="B16" class="citation"><span class="label">16.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Nvidia Confidential Computing</span>; <a class="ext-link" href="https://bit.ly/3xFdDyI" data-jats-ext-link-type="uri">https://bit.ly/3xFdDyI</a>.</span></div> </li> <li class="ref"> <div id="B17" class="citation"><span class="label">17.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Opaque</span>; <a class="ext-link" href="https://opaque.co" data-jats-ext-link-type="uri">https://opaque.co</a>.</span></div> </li> <li class="ref"> <div id="B18" class="citation"><span class="label">18.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Poddar</span>, <span class="given-names">R. </span></span><span class="etal">et al.</span> </span><span class="article-title">Senate: A maliciously secure MPC platform for collaborative analytics</span>. In <span class="source"><em>Proceedings of the 30th Usenix Security Symp</em></span>. (<span class="year">2021</span>); <a class="ext-link" href="https://bit.ly/4cUrkIL" data-jats-ext-link-type="uri">https://bit.ly/4cUrkIL</a>.</span></div> </li> <li class="ref"> <div id="B19" class="citation"><span class="label">19.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">RISELab</span>; <a class="ext-link" href="https://rise.cs.berkeley.edu" data-jats-ext-link-type="uri">https://rise.cs.berkeley.edu</a>.</span></div> </li> <li class="ref"> <div id="B20" class="citation"><span class="label">20.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">SecureValueRecovery2</span>. <span class="article-title">Github</span>; <a class="ext-link" href="https://bit.ly/3VX4ERw" data-jats-ext-link-type="uri">https://bit.ly/3VX4ERw</a>.</span></div> </li> <li class="ref"> <div id="B21" class="citation"><span class="label">21.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="collab">Signal</span>; <a class="ext-link" href="https://signal.org/blog/building-faster-oram/" data-jats-ext-link-type="uri">https://signal.org/blog/building-faster-oram/</a>.</span></div> </li> <li class="ref"> <div id="B22" class="citation"><span class="label">22.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Watson</span>, <span class="given-names">J.-L.</span></span>, <span class="string-name"><span class="surname">Wagh</span>, <span class="given-names">S.</span></span>, and <span class="string-name"><span class="surname">Popa</span>, <span class="given-names">R.A.</span></span> </span><span class="article-title">Piranha: A GPU platform for secure computation</span>. In <span class="source"><em>Proceedings of the 31st Usenix Security Symp</em></span>. (<span class="year">2022</span>); <a class="ext-link" href="https://www.usenix.org/system/files/sec22-watson.pdf" data-jats-ext-link-type="uri">https://www.usenix.org/system/files/sec22-watson.pdf</a>.</span></div> </li> <li class="ref"> <div id="B23" class="citation"><span class="label">23.</span> <span class="mixed-citation" data-jats-publication-type="web"><span class="person-group" data-jats-person-group-type="author"><span class="string-name"><span class="surname">Yao</span>, <span class="given-names">A.C.-C.</span></span> </span><span class="article-title">How to generate and exchange secrets</span>. In <span class="source"><em>Proceedings of the 27th Annual Symp. on Foundations of Computer Science</em> </span> (<span class="year">1986</span>), <span class="fpage">162</span>–<span class="lpage">167</span>; <a class="ext-link" href="https://ieeexplore.ieee.org/document/4568207" data-jats-ext-link-type="uri">https://ieeexplore.ieee.org/document/4568207</a>.</span></div> </li> </ul> </section> </ul> </section> <section id="authors" class="article-authors" data-component="accordion"> <button class="accordion-controller" aria-expanded="false"> <span class="article-authors__title"> About the Authors </span> <span class="accordion-controller-icon"> <svg aria-hidden="true" focusable="false" width="16" height="16" fill="var(--wp--preset--color--cacm-blue)"><use href="#am-symbol-icon-chevron-down"></use></svg> </span> </button> <div class="article-authors__info accordion-content"> <div class="article-authors__info-text"> <section id="sec12" class="biography"> <p id="p-1"><b>Raluca Ada Popa</b> is the Robert E. and Beverly A. Brooks associate professor of computer science at University of California, Berkeley, working in computer security, systems, and applied cryptography. She is also a co-founder of Opaque Systems, a confidential computing company.</p> </section> </div> </div> </section> <ul class="share"> <li class="share-link" data-component="share"> <a href="#" class="share-toggle"> <svg aria-hidden="true" focusable="false" width="19" height="18" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-share"></use></svg> <span class="share-link-text"> Share </span> </a> <ul class="share-menu" aria-hidden="true"> <li> <a href="https://twitter.com/intent/tweet?url=https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/&text=Confidential%20Computing%20or%20Cryptographic%20Computing?" target="_blank"> Twitter </a> </li> <li> <a href="http://www.reddit.com/submit?url=https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/&title=Confidential%20Computing%20or%20Cryptographic%20Computing?" target="_blank"> Reddit </a> </li> <li> <a href="https://news.ycombinator.com/submitlink?u=https://cacm.acm.org/practice/confidential-computing-or-cryptographic-computing/&t=Confidential%20Computing%20or%20Cryptographic%20Computing?" target="_blank"> Hacker News </a> </li> </ul> </li> <li class="share-link share-link-pdf"> <a href="https://dl.acm.org/doi/pdf/10.1145/3677616" target="_blank"> <svg aria-hidden="true" focusable="false" width="19" height="20" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-pdf-download"></use></svg> <span class="share-link-text"> Download PDF </span> </a> </li> <li class="share-link share-link-print" data-component="print"> <a href="#" class="print"> <svg aria-hidden="true" focusable="false" width="19" height="20" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-print"></use></svg> <span class="share-link-text"> Print </span> </a> </li> <li class="share-link share-link-discussion" data-component="share"> <a class="share-link-comments" href="#comments"> <svg aria-hidden="true" focusable="false" width="19" height="20" fill="var(--cacm--symbol--fill)"><use href="#am-symbol-icon-comment"></use></svg> <span class="share-link-text">Join the Discussion</span> </a> </li> </ul> </footer> <div class="article-authors-digital-library"> <section class="article-submission"> <div class="article-submission__cta"> <div class="article-submission__cta-container"> <p class="article-submission__cta-title"> Submit an Article to CACM </p> <p class="article-submission__cta-text"> CACM welcomes unsolicited <a href="https://cacm.acm.org/author-guidelines/#CACMsubmission">submissions</a> on topics of relevance and value to the computing community. </p> </div> </div> </section> <section class="article-digital-library"> <div class="article-digital-library__article-info"> <p class="article-digital-library__intro-text"> You Just Read </p> <h4 class="article-digital-library__title"> Confidential Computing or Cryptographic Computing? </h4> <a class="article-digital-library__link" href="https://dl.acm.org/doi/10.1145/3677616"> <svg aria-hidden="true" focusable="false" width="21" height="21" fill="var(--wp--preset--color--cacm-black)"><use href="#am-symbol-icon-digital-library"></use></svg> View in the ACM Digital Library <svg aria-hidden="true" focusable="false" width="14" height="9" fill="var(--wp--preset--color--cacm-black)" class="icon-dl"><use href="#am-symbol-icon-arrow-right"></use></svg> </a> </div> <div class="article-digital-library__copyright-info"> <p><img src="http://i.creativecommons.org/l/by/4.0/88x31.png" /></p> <p>This work is licensed under a <a href="http://creativecommons.org/licenses/by/4.0/" rel="license">Creative Commons Attribution International 4.0 License</a>.</p> </div> </section> </div> <div class="article-sidebar"> <section class="article-doi"> <h3 class="article-doi__heading">DOI</h3> 10.1145/3677616</section> <section class="article-issue"> <div class="article-issue__meta"> <h3 class="article-issue__heading">December 2024 Issue</h3> <p class="article-issue__vol-info">Vol. 67 No. 12</p> <p class="article-issue__page-info">Pages: 44-51</p> </div> <a href="https://cacm.acm.org/issue/december-2024/" class="article-issue__toc-link"> Table of Contents <span class="article-issue__toc-icon-arrow"><svg aria-hidden="true" focusable="false" width="14" height="9" fill="var(--wp--preset--color--cacm-blue)"><use href="#am-symbol-icon-arrow-right"></use></svg></span> </a> </section> <section class="article-related"> <div class="article-related-content"> <h3 class="article-related__heading">Related Reading</h3> <!-- Related reading post list --> <ul> <li class="article-related-item"> <p class="article-related-section"> <a href="https://cacm.acm.org/section/research/">Research and Advances</a> </p> <p class="article-related-title"> <a href="https://cacm.acm.org/research/long-term-confidentiality-of-pki/"> Long-Term Confidentiality of PKI </a> </p> <p class="article-related-topic"> <a href="https://cacm.acm.org/category/architecture-and-hardware/">Architecture and Hardware</a> </p> </li> <li class="article-related-item"> <p class="article-related-section"> <a href="https://cacm.acm.org/section/research/">Research and Advances</a> </p> <p class="article-related-title"> <a href="https://cacm.acm.org/research/perspectives-for-cryptographic-long-term-security/"> Perspectives For Cryptographic Long-Term Security </a> </p> <p class="article-related-topic"> <a href="https://cacm.acm.org/category/computing-applications/">Computing Applications</a> </p> </li> <li class="article-related-item"> <p class="article-related-section"> <a href="https://cacm.acm.org/section/research/">Research and Advances</a> </p> <p class="article-related-title"> <a href="https://cacm.acm.org/research/technical-perspective-a-breakthrough-in-software-obfuscation/"> Technical Perspective: A Breakthrough in Software Obfuscation </a> </p> <p class="article-related-topic"> <a href="https://cacm.acm.org/category/computing-applications/">Computing Applications</a> </p> </li> <li class="article-related-item"> <p class="article-related-section"> <a href="https://cacm.acm.org/section/practice/">Practice</a> </p> <p class="article-related-title"> <a href="https://cacm.acm.org/practice/toward-confidential-cloud-computing/"> Toward Confidential Cloud Computing </a> </p> <p class="article-related-topic"> <a href="https://cacm.acm.org/category/architecture-and-hardware/">Architecture and Hardware</a> </p> </li> </ul> </div> </section> <div class="ad ad-mobile ad--is-loading" data-component="ad" data-platform="mobile" data-show-ad="false"> <div class="cacm-ad-unit"> <p class="ad-label">Advertisement</p> <div class="ad-unit" data-pipeline-id="684700" data-dimension-id="599027"></div> <noscript><a href="https://acm.nui.media/pipeline/684700/0/cc?z=acm"><img src="https://acm.nui.media/pipeline/684700/0/vc?z=acm&dim=599027&kw=&click=&abr=$imginiframe" alt="" ></a></noscript> </div> </div> <div class="ad ad-desktop ad--is-loading" data-component="ad" data-platform="desktop" data-show-ad="false"> <div class="cacm-ad-unit"> <p class="ad-label">Advertisement</p> <div class="ad-unit" data-pipeline-id="684700" data-dimension-id="599027"></div> <noscript><a href="https://acm.nui.media/pipeline/684700/0/cc?z=acm"><img src="https://acm.nui.media/pipeline/684700/0/vc?z=acm&dim=599027&kw=&click=&abr=$imginiframe" alt="" ></a></noscript> </div> </div> </div> <section class="article-comments"> <div class="article-comments__inner container"> <h3 class="article-comments__heading"> Join the Discussion (0) </h3> <section class="cta-join-the-discussion" id="article-discussion"> <div class="cta-join-the-discussion__box"> <h4 class="cta-join-the-discussion__heading">Become a Member or Sign In to Post a Comment</h4> <div class="cta-join-the-discussion__button-group"> <a class="cta-join-the-discussion__button cta-join-the-discussion__button--login" href="https://cacm.acm.org/wp-login.php?saml_sso">Sign In</a> <a class="cta-join-the-discussion__button cta-join-the-discussion__button--signup" href="https://accounts.acm.org/">Sign Up</a> </div> </div> </section> <div id="comments" class="comments-area"> <div id="respond" class="auth-comment-form" data-component="authCommentForm" data-replytocom="0"> <div class="auth-comment-form__contents"> <span class="auth-comment-form__loader"> <svg version="1.1" id="L9" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 100 100" enable-background="new 0 0 0 0" xml:space="preserve"> <path fill="var(--wp--preset--color--cacm-blue)" d="M73,50c0-12.7-10.3-23-23-23S27,37.3,27,50 M30.9,50c0-10.5,8.5-19.1,19.1-19.1S69.1,39.5,69.1,50"> <animateTransform attributeName="transform" attributeType="XML" type="rotate" dur="1s" from="0 50 50" to="360 50 50" repeatCount="indefinite" /> </path> </svg> </span> </div> </div> </div><!-- #comments --> </div> </section> <section class="post-list the-latest" data-layout="grid-three-up" data-component="postList" > <header class="section-header "> <h3 class="section-header__heading" > <a class="section-header__heading-link" href="/?s="> The Latest from CACM </a> </h3> <div class="section-header__readmore"> <a class="section-header__readmore-link" href="/?s=" aria-label=" Explore more from The Latest from CACM "> <span class="section-header__readmore-text">Explore More</span> <span class="section-header__readmore-icon"><svg aria-hidden="true" focusable="false" width="14" height="9"><use href="#am-symbol-icon-arrow-right"></use></svg></span> </a> </div> </header> <div class=""> <div class="post-list__content"><div class="post-list__item"> <article id="post-765298" class="post-list__post post-765298 post type-post status-publish format-standard has-post-thumbnail hentry category-artificial-intelligence-machine-learning category-education section-blogcacm"> <div class="post-list__post-content"> <div class="post-list__post-text"> <div class="post-list__post-eyebrow"> <a href="https://cacm.acm.org/section/blogcacm/">BLOG@CACM</a> <span class="post-list__post-timestamp"><span class="posted-on"> Feb 18 2025</span></span> </div> <p class="post-list__post-heading"> <a href="https://cacm.acm.org/blogcacm/how-science-and-engineering-students-use-genai-tools-throughout-their-academic-journey-a-four-year-analysis/">How Science and Engineering Students Use GenAI Tools Throughout Their Academic Journey: A Four-Year Analysis</a> </p> <div class="post-list__post-meta-group"> <div class="post-list__post-byline"> <a href="https://cacm.acm.org/author/yael-erez/" title="Posts by Yael Erez" class="author url fn" rel="author">Yael Erez</a> and <a href="https://cacm.acm.org/author/orit-hazzan/" title="Posts by Orit Hazzan" class="author url fn" rel="author">Orit Hazzan</a> </div> <span class="post-list__post-topic"><a href="https://cacm.acm.org/category/artificial-intelligence-machine-learning/">Artificial Intelligence and Machine Learning</a></span> </div> </div> <figure class="post-list__post-figure"> <a href="https://cacm.acm.org/blogcacm/how-science-and-engineering-students-use-genai-tools-throughout-their-academic-journey-a-four-year-analysis/" aria-label="How Science and Engineering Students Use GenAI Tools Throughout Their Academic Journey: A Four-Year Analysis" aria-hidden="true" tabindex="-1"> <div class="image-wrapper image-wrapper--widescreen"><img width="1024" height="576" src="https://cacm.acm.org/wp-content/uploads/2025/02/021325.BLOG_.How-Science-Engineering-G.jpg" class="attachment-full size-full" alt="" decoding="async" loading="lazy" srcset="https://cacm.acm.org/wp-content/uploads/2025/02/021325.BLOG_.How-Science-Engineering-G.jpg 2400w, https://cacm.acm.org/wp-content/uploads/2025/02/021325.BLOG_.How-Science-Engineering-G.jpg?resize=300,169 300w, https://cacm.acm.org/wp-content/uploads/2025/02/021325.BLOG_.How-Science-Engineering-G.jpg?resize=768,432 768w, https://cacm.acm.org/wp-content/uploads/2025/02/021325.BLOG_.How-Science-Engineering-G.jpg?resize=1024,576 1024w, https://cacm.acm.org/wp-content/uploads/2025/02/021325.BLOG_.How-Science-Engineering-G.jpg?resize=1536,864 1536w, https://cacm.acm.org/wp-content/uploads/2025/02/021325.BLOG_.How-Science-Engineering-G.jpg?resize=2048,1152 2048w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></div> </a> </figure> </div> </article> </div> <div class="post-list__item"> <article id="post-765221" class="post-list__post post-765221 post type-post status-publish format-standard has-post-thumbnail hentry category-artificial-intelligence-machine-learning category-systems-and-networking section-news"> <div class="post-list__post-content"> <div class="post-list__post-text"> <div class="post-list__post-eyebrow"> <a href="https://cacm.acm.org/section/news/">News</a> <span class="post-list__post-timestamp"><span class="posted-on"> Feb 14 2025</span></span> </div> <p class="post-list__post-heading"> <a href="https://cacm.acm.org/news/ai-upgrades-the-internet-of-things/">AI Upgrades the Internet of Things</a> </p> <div class="post-list__post-meta-group"> <div class="post-list__post-byline"> <a href="https://cacm.acm.org/author/r-colin-johnson/" title="Posts by R. Colin Johnson" class="author url fn" rel="author">R. Colin Johnson</a> </div> <span class="post-list__post-topic"><a href="https://cacm.acm.org/category/artificial-intelligence-machine-learning/">Artificial Intelligence and Machine Learning</a></span> </div> </div> <figure class="post-list__post-figure"> <a href="https://cacm.acm.org/news/ai-upgrades-the-internet-of-things/" aria-label="AI Upgrades the Internet of Things" aria-hidden="true" tabindex="-1"> <div class="image-wrapper image-wrapper--widescreen"><img width="1024" height="576" src="https://cacm.acm.org/wp-content/uploads/2025/02/020725.News_.AI-Upgrades-IoT3-S.jpg" class="attachment-full size-full" alt="digital wave and points of light, illustration" decoding="async" loading="lazy" srcset="https://cacm.acm.org/wp-content/uploads/2025/02/020725.News_.AI-Upgrades-IoT3-S.jpg 2044w, https://cacm.acm.org/wp-content/uploads/2025/02/020725.News_.AI-Upgrades-IoT3-S.jpg?resize=300,169 300w, https://cacm.acm.org/wp-content/uploads/2025/02/020725.News_.AI-Upgrades-IoT3-S.jpg?resize=768,432 768w, https://cacm.acm.org/wp-content/uploads/2025/02/020725.News_.AI-Upgrades-IoT3-S.jpg?resize=1024,576 1024w, https://cacm.acm.org/wp-content/uploads/2025/02/020725.News_.AI-Upgrades-IoT3-S.jpg?resize=1536,864 1536w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></div> </a> </figure> </div> </article> </div> <div class="post-list__item"> <article id="post-764718" class="post-list__post post-764718 post type-post status-publish format-standard has-post-thumbnail hentry category-artificial-intelligence-machine-learning category-computing-profession section-blogcacm"> <div class="post-list__post-content"> <div class="post-list__post-text"> <div class="post-list__post-eyebrow"> <a href="https://cacm.acm.org/section/blogcacm/">BLOG@CACM</a> <span class="post-list__post-timestamp"><span class="posted-on"> Feb 12 2025</span></span> </div> <p class="post-list__post-heading"> <a href="https://cacm.acm.org/blogcacm/the-impact-of-ai-on-hrms/">The Impact of AI on HRMS</a> </p> <div class="post-list__post-meta-group"> <div class="post-list__post-byline"> <a href="https://cacm.acm.org/author/alex-tray/" title="Posts by Alex Tray" class="author url fn" rel="author">Alex Tray</a> </div> <span class="post-list__post-topic"><a href="https://cacm.acm.org/category/artificial-intelligence-machine-learning/">Artificial Intelligence and Machine Learning</a></span> </div> </div> <figure class="post-list__post-figure"> <a href="https://cacm.acm.org/blogcacm/the-impact-of-ai-on-hrms/" aria-label="The Impact of AI on HRMS" aria-hidden="true" tabindex="-1"> <div class="image-wrapper image-wrapper--widescreen"><img width="1024" height="576" src="https://cacm.acm.org/wp-content/uploads/2025/02/021125.BLOG_.Impact-of-AI-HRMS-S.jpg" class="attachment-full size-full" alt="network of human figures in blue circles" decoding="async" loading="lazy" srcset="https://cacm.acm.org/wp-content/uploads/2025/02/021125.BLOG_.Impact-of-AI-HRMS-S.jpg 2400w, https://cacm.acm.org/wp-content/uploads/2025/02/021125.BLOG_.Impact-of-AI-HRMS-S.jpg?resize=300,169 300w, https://cacm.acm.org/wp-content/uploads/2025/02/021125.BLOG_.Impact-of-AI-HRMS-S.jpg?resize=768,432 768w, https://cacm.acm.org/wp-content/uploads/2025/02/021125.BLOG_.Impact-of-AI-HRMS-S.jpg?resize=1024,576 1024w, https://cacm.acm.org/wp-content/uploads/2025/02/021125.BLOG_.Impact-of-AI-HRMS-S.jpg?resize=1536,864 1536w, https://cacm.acm.org/wp-content/uploads/2025/02/021125.BLOG_.Impact-of-AI-HRMS-S.jpg?resize=2048,1152 2048w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></div> </a> </figure> </div> </article> </div> </div> </div> </section> <div class="cta-membership cta-membership--no-js" data-component="ctaMembership"> <section class="cta-become-a-member"> <div class="cta-become-a-member__inner container"> <h3 class="cta-become-a-member__heading"> Shape the Future of Computing </h3> <p class="cta-become-a-member__description"> ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved. </p> <a class="cta-become-a-member__link" href="https://www.acm.org/about-acm/get-involved"> Get Involved </a> </div> </section> <section class="cta-open-access"> <div class="cta-open-access__inner container"> <h3 class="cta-open-access__heading"> Communications of the ACM (CACM) is now a fully Open Access publication. </h3> <p class="cta-open-access__description"> By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer. </p> <a class="cta-open-access__link" href="https://cacm.acm.org/news/cacm-is-becoming-open-access"> Learn More </a> </div> </section> </div> </article><!-- #post-## --> </main> </div> </div><!-- #content --> <footer id="colophon" class="site-footer"> <div class="site-footer__inner container"> <div class="site-footer__columns"> <div class="site-footer__column site-footer__column-branding"> <a class="site-footer__logo" aria-label="Home" href="https://cacm.acm.org"> <svg aria-hidden="true" focusable="false" width="548" height="88" fill="#FFF"><use href="#am-symbol-cacm-logo"></use></svg> </a> <nav class="social-navigation"> <ul class="social-navigation__list"> <li> <a href="https://twitter.com/cacmmag"> <span class="screen-reader-only">CACM on Twitter</span> <svg aria-hidden="true" focusable="false" width="38" height="38" fill="#fff"><use href="#am-symbol-icon-social-twitter"></use></svg> </a> </li> <li> <a href="https://www.reddit.com/user/TheOfficialACM"> <span class="screen-reader-only">CACM on Reddit</span> <svg aria-hidden="true" focusable="false" width="38" height="38" fill="#fff"><use href="#am-symbol-icon-social-reddit"></use></svg> </a> </li> <li> <a href="https://www.linkedin.com/groups/36836/"> <span class="screen-reader-only">CACM on LinkedIn</span> <svg aria-hidden="true" focusable="false" width="38" height="38" fill="#fff"><use href="#am-symbol-icon-social-linkedin"></use></svg> </a> </li> </ul> </nav> </div> <div class="site-footer__column site-footer__column-topics"> <div class="site-footer__topics-menu"> <p class="site-footer__heading"> Topics </p> <ul class="site-footer__topics-menu__list"> <li> <a href="https://cacm.acm.org/category/architecture-and-hardware/"> Architecture and Hardware </a> </li> <li> <a href="https://cacm.acm.org/category/artificial-intelligence-machine-learning/"> Artificial Intelligence and Machine Learning </a> </li> <li> <a href="https://cacm.acm.org/category/computer-history/"> Computer History </a> </li> <li> <a href="https://cacm.acm.org/category/computing-applications/"> Computing Applications </a> </li> <li> <a href="https://cacm.acm.org/category/computing-profession/"> Computing Profession </a> </li> <li> <a href="https://cacm.acm.org/category/data-and-information/"> Data and Information </a> </li> <li> <a href="https://cacm.acm.org/category/education/"> Education </a> </li> <li> <a href="https://cacm.acm.org/category/hci/"> HCI </a> </li> <li> <a href="https://cacm.acm.org/category/philosophy-of-computing/"> Philosophy of Computing </a> </li> <li> <a href="https://cacm.acm.org/category/security-and-privacy/"> Security and Privacy </a> </li> <li> <a href="https://cacm.acm.org/category/society/"> Society </a> </li> <li> <a href="https://cacm.acm.org/category/software-engineering-and-programming-languages/"> Software Engineering and Programming Languages </a> </li> <li> <a href="https://cacm.acm.org/category/systems-and-networking/"> Systems and Networking </a> </li> <li> <a href="https://cacm.acm.org/category/theory/"> Theory </a> </li> </ul> </div> </div> <div class="site-footer__column site-footer__column-about"> <div class="site-footer__menu-magazine"> <p class="site-footer__heading">Magazine</p> <ul id="menu-magazine-footer" class="site-footer__menu-magazine-menu"><li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-217988"><a href="/issue/latest/" id="menu-link-10">Latest Issue</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-217989"><a href="/issues/" id="menu-link-11">Magazine Archive</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224644"><a href="https://cacm.acm.org/editorial-staff-board/" id="menu-link-12">Editorial Staff and Board</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-751386"><a href="https://cacm.acm.org/author-guidelines#CACMsubmission" id="menu-link-13">Submit an Article</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224585"><a href="https://cacm.acm.org/feeds-2/" id="menu-link-14">Alerts & Feeds</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224645"><a href="https://cacm.acm.org/author-guidelines/" id="menu-link-15">Author Guidelines</a></li> </ul> </div> <div class="site-footer__menu-communications"> <p class="site-footer__heading">Communications of the ACM</p> <ul id="menu-communications-footer" class="site-footer-communications-menu"><li id="menu-item-224637" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224637"><a href="https://cacm.acm.org/about-us/" id="menu-link-16">About Us</a></li> <li id="menu-item-224664" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224664"><a href="https://cacm.acm.org/faq/" id="menu-link-17">Frequently Asked Questions</a></li> <li id="menu-item-224638" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224638"><a href="https://cacm.acm.org/contact-us/" id="menu-link-18">Contact Us</a></li> <li id="menu-item-217972" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-217972"><a href="https://www.acm.org/publications/advertising" id="menu-link-19">For Advertisers</a></li> <li id="menu-item-224639" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-224639"><a href="https://cacm.acm.org/join-acm/" id="menu-link-20">Join ACM</a></li> </ul> </div> </div> </div> <div class="site-footer__info"> <div class="site-footer__info__inner"> <p class="site-footer__info-copyright"><small> © 2025 Communications of the ACM. All Rights Reserved. </small></p> <div class="menu-policy-menu-container"><ul id="menu-policy-footer" class="site-footer__info-policy-list"><li id="menu-item-217993" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-217993"><a href="https://www.acm.org/cookie-notice" id="menu-link-21">Cookie Notice</a></li> <li id="menu-item-217994" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-217994"><a href="https://www.acm.org/about-acm/privacy-policy" id="menu-link-22">Privacy Policy</a></li> </ul></div> </div> </div> </div> </footer><!-- #colophon --> </div><!-- #page --> <script type="text/javascript" src="https://cacm.acm.org/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6" id="wp-hooks-js"></script> <script type="text/javascript" src="https://cacm.acm.org/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6" id="wp-i18n-js"></script> <script type="text/javascript" id="wp-i18n-js-after"> /* <![CDATA[ */ wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); /* ]]> */ </script> <script type="text/javascript" id="wp-parsely-loader-js-before"> /* <![CDATA[ */ window.wpParselySiteId = 'acm.org'; /* ]]> */ </script> <script type="text/javascript" src="https://cacm.acm.org/wp-content/mu-plugins/wp-parsely-3.17/build/loader.js?ver=b681bb9905652ac12735" id="wp-parsely-loader-js"></script> <script type="text/javascript" data-parsely-site="acm.org" src="https://cdn.parsely.com/keys/acm.org/p.js?ver=3.17.0" id="parsely-cfg"></script> <script type="text/javascript" src="https://cacm.acm.org/wp-content/themes/cacm/client/build/js/global.bundle.min.js?ver=e97a984b44ccc756957f" id="cacm-global-js"></script> <script type="text/javascript" id="cacm-article-js-extra"> /* <![CDATA[ */ var cacmLocalVars = {"restCommentsUrl":"https:\/\/cacm.acm.org\/wp-json\/wp\/v2\/comments","restCommentFormUrl":"https:\/\/cacm.acm.org\/wp-json\/cacm-plugin\/v1\/comment\/form\/762197"}; /* ]]> */ </script> <script type="text/javascript" src="https://cacm.acm.org/wp-content/themes/cacm/client/build/js/article.bundle.min.js?ver=237e66042b6c917cfd09" id="cacm-article-js"></script> <script type="text/javascript" src="https://cacm.acm.org/wp-includes/js/comment-reply.min.js?ver=6.7.2" id="comment-reply-js" async="async" data-wp-strategy="async"></script> <script type="text/javascript" src="https://stats.wp.com/e-202508.js" id="jetpack-stats-js" data-wp-strategy="defer"></script> <script type="text/javascript" id="jetpack-stats-js-after"> /* <![CDATA[ */ _stq = window._stq || []; _stq.push([ "view", JSON.parse("{\"v\":\"ext\",\"blog\":\"212686646\",\"post\":\"762197\",\"tz\":\"-5\",\"srv\":\"cacm.acm.org\",\"hp\":\"vip\",\"j\":\"1:14.3\"}") ]); _stq.push([ "clickTrackerInit", "212686646", "762197" ]); /* ]]> */ </script> <!-- Mopinion Pastea.se start --><script type="text/javascript">(function(){var id="Sh2m7XRvbVWoA8uJG6g2wIBNDLfpsOxFx1ciwKwo";var js=document.createElement("script");js.setAttribute("type","text/javascript");js.setAttribute("src","//deploy.mopinion.com/js/pastease.js");js.async=true;document.getElementsByTagName("head")[0].appendChild(js);var t=setInterval(function(){try{Pastease.load(id);clearInterval(t)}catch(e){}},50)})();</script> <!-- Mopinion Pastea.se end --> </body> </html>