Announcing Gradient Crypto Processor & the Gradient Network
June 2020 update / Note to readers: to see Gradient’s latest vision and progress, please skip to https://medium.com/gradient-tech/the-gradient-secret-master-plan-4fe75f6bec61 and while you’re at it, subscribe to our in-house blog here !
Just over 8 weeks ago, I introduced Gradient, a company we’ve been building in stealth for the better part of a year, with the audacious goal to create a future in which the authenticity and privacy of data and computation is enabled by construction — by new formally verified hardware and software primitives and a Gradient distributed overlay network.
We’re excited to announce the deployment of the Gradient cryptographically-attested secure processor in the public cloud, enabling the Gradient overlay network. By implementing a version of our hardware on cloud-hosted FPGAs, deploying a Gradient network of 10 or 10,000 nodes can be done in a matter of hours, and can be scaled up or down based on demand to power privacy preserving secure computation, data storage, permissioning, and end-to-end authentication.
The combination of these hardware, software and network components yields a new conceptual framework for sharing of information, ensuring the privacy and integrity of anything from our personal health or financial data, to the authenticity — and provenance — of data generated in billions of IoT and edge devices. Fundamentally, Gradient’s mission comes down to restoring and maintaining user trust in all of the above systems.
In what follows below we introduce new additions to the Gradient team, tour the Gradient processor in some detail, and share a sneak peak at the Gradient network that this hardware powers. If what we’re doing excites you, come join us!
Additions to the Gradient team
To help tackle the audacious interdisciplinary challenges ahead of us, we continue to build out a world class core team in-house, as well as at the advisory level. Our advisors are foundational contributors to both our technology development and corporate governance.
We’re thrilled to welcome Srini, Ed, Gustav and Chuck:
Professor Srinivas (Srini) Devadas, PhD. Professor Devadas is the Webster Professor of Electrical Engineering and Computer Science at the Massachusetts Institute of Technology and has been on the MIT EECS faculty since 1988. His current research interests are in computer security, computer architecture and applied cryptography. He is a Fellow of the ACM and IEEE. Prof. Devadas received the IEEE Computer Society Technical Achievement Award in 2014 for inventing Physical Unclonable Functions and single-chip secure processor architectures, the 2017 IEEE W. Wallace McDowell award and the 2018 IEEE Charles A. Desoer Technical Achievement award for his research in secure hardware. Prof. Devadas is the author of “Programming for the Puzzled” (MIT Press, 2017), a book that builds a bridge between the recreational world of algorithmic puzzles and the pragmatic world of computer programming, teaching readers to program while solving puzzles. He is a MacVicar Faculty Fellow, a Baker and Bose award recipient, considered MIT’s highest teaching honors. Professor Devadas received the Ph.D. degree at the University of California in 1988 and holds a Bachelor’s degree in Electrical Engineering from IIT Madras.
At Gradient, Srini is a key resource as we build and refine our core secure processor architecture and applied cryptography frameworks.
Edward (Ed) Frank, PhD. Ed is a prolific technologist — an inventor, leader, advisor, and a member of the National Academy of Engineering, he previously served as Apple’s VP of Macintosh Hardware Systems Engineering. Prior to Apple, Dr. Frank was corporate VP of R&D at Broadcom, where he co-founded the Wireless LAN business responsible for the mainstream development of the 802.11 chipset. Prior to Broadcom, he was a Distinguished Engineer at Sun Microsystems. Dr. Frank sits on the boards of Analog Devices and Marvell Semiconductor, and is advisor to a number of Bay Area Venture Capital firms. Ed is also a Hertz fellow, and holds a Ph.D. in Computer Science from Carnegie Mellon where he now serves as a life trustee and is a member of the trustee’s executive committee. He holds M.S. and B.S. degrees in Electrical Engineering, both from Stanford.
At Gradient, Ed helps us across the technology spectrum, as he did Apple, Broadcom and others, as we aim to deploy technology with the goal of billions of devices in the field.
Gustav Simonsson. Gustav Simonsson is a developer, engineer, and blockchain researcher with deep experience in the architecture, deployment, security, and performance of distributed systems at scale. Gustav is co-founder of Orchid Labs, a platform focused on providing anonymity-preserving Internet access to people across the globe. Prior to Orchid, he was the first engineer at Dfinity, and member of the Ethereum core development / security team. His work on consensus protocols, core clients, and network security helped launch the Ethereum network in 2015.
At Gradient, Gustav plays a central role in protocol and network development.
Dr. Charles Carignan, MD. Dr. Carignan has more than 25 years of experience in medical device development. He has vast experience as a Clinician, Medical -Technology Executive and Chief Executive Officer. Most recently, he serves as CEO of REX Bionics, a developer of robotic rehabilitation systems designed for people with mobility impairments, and was the CEO of BionX Medical, a developer of the first bionic prosthetic foot, sold to Ottobock. He is a Director of Aegea Medical. Previously he was the Chief Medical Officer at Boston Scientific for the Endosurgery Group and Advanced Bionics. He has extensive experience in product development, clinical trial strategy, product submission strategies involving the U.S. Food and Drug Administration, EU and China. He has served on committees for the US FDA, Centers for Medicare & Medicaid Services, the World Health Organization, the United Nations, and the U.S. Agency for International Development. Dr. Carignan has a Bachelor’s Degree from Yale University a Medical Degree from the College of Physicians and Surgeons of Columbia University, and was trained in General Surgery at Columbia-Presbyterian Medical Center.
At Gradient, Chuck helps us explore and navigate applications of the Gradient network to mission-critical healthcare needs and beyond.
We’re thrilled to have the support of such a team and look forward to sharing more about the board and the broader Gradient team in the weeks to come.
Introducing the Gradient processor
We wanted to be able to anonymously, remotely authenticate a computer anywhere in the world and enforce authenticity and integrity continuously, not just on the device’s hardware, but also on the software it runs, the data it stores, and the information it captures. When we couldn’t find hardware to enable this in an off-the-shelf commercial processor, we built our own.
Gradient’s first processor is a multi-core 64 bit RISC architecture with a Linux operating system (OS), featuring:
(1) Formally verified secure enclaves
Enclaves are powerful security primitives that enable secure signing and computation, even in presence of untrusted software elsewhere on the machine, including the OS. You may alternatively know of enclaves as “Trusted Execution Environments (TEEs)” or “trusted hardware”, but these lack a formal definition. One can explain via intended threat model simply in one sentence:
All computation and memory accesses that occur within an enclave are protected from any attack from malicious software operating anywhere outside the enclave.
The Gradient processor is the first commercial hardware deployment with formally verified secure enclaves robust to side-channel attacks.
These include the most advanced attacks known, including Foreshadow, Spectre, Meltdown and Rowhammer attacks and other vulnerabilities.
(i) Using Enclaves in distributed ledgers
Much has been made of the notion of using enclaves to offload computation in distributed ledger technologies (DLTs) / blockchain projects, but until Gradient, no such enclave has actually been deployed. To make this easy to adopt,
From the developer’s perspective, if you can write software for Intel Software Guard Extensions (SGX), or make use of Apple’s iOS signing mechanisms, you can develop on Gradient.
(ii) Enclave Microarchitecture
We should note that this isn’t about plugging holes in an architecture on a per-attack reactive basis — we refer to these attacks in what follows below by example only. The design philosophy is focused on simplifying and minimizing the trusted computing boundary (TCB) such that it is amenable to formal analysis.
For the CPU engineers, this means we specifically implement per-enclave page tables to protect unauthorized memory accesses like the Foreshadow attack, and ensure data isolation occurs throughout the system cache hierarchy by flushing low level (L1) and translation look-aside buffer (TLB) caches when switching between enclave and other code. We mitigate attacks on the processor’s last level cache (LLC) by partitioning memory slices via a hardware level address lookup translation mechanism. We further protect the control flow from speculation attacks like Spectre. We’d be remiss to not acknowledge the significant work Prof. Devadas and his lab at MIT have contributed to the above efforts over the last two decades.
(2) Device-specific secret key generation
Failure of complex systems is always in the weakest link — Intel’s EPID cryptography stood the test of time with 4 billion devices in the field, until attackers realized they could extract keys from the device using untrusted code. Generating and storing keys securely is essential.
To this end, Gradient’s technology generates strong cryptographic keys without the requirement for the user to place trust in any third party. By leveraging a hardware primitive called a physically unclonable function (PUF) — trust isn’t even required in Gradient proper or our foundry partners.
And this is where things get interesting:
By knowing the lower bound on cost to attack our chips, we can design system- and network-level approaches to keep precious data safe even in face of a sophisticated, well-financed malicious actor. This is an adaptive property, and we’d argue is an example of hardware/software/network co-design at its best.
(3) Hardware and software protected functions for cryptographic anonymous attestation
With strong cryptographic keys unique to each chip, and secure enclaves, Gradient’s first end-user feature becomes possible: We can anonymously attest the authenticity of a Gradient chip, and the code it runs, anywhere in the world.
Instead of merely establishing secure computations, Gradient anonymously establishes and maintains secure nodes. This means distributed ledger implementations operate with minimal overhead relative to native computation, which we believe is the appropriate comparison.
Gradient Processors on AWS and beyond
There is a view in the venture community and the software community that “hardware is hard,” usually an allusion to both cost and time. Yes, silicon is nontrivial to get right, and it isn’t something we take lightly. Trouble is, no chip in the world can do what we’re asking.
To parallelize our efforts, enable iterative pressure testing of logic design pre-fabrication, and decouple hardware from software development, we’ve deployed the Gradient processors described above on cloud hosted FPGA instances, including on Amazon Web Services (AWS). This enables us to explore network-level dynamics and to co-design protocol and processor architectures, meaning that when we ship silicon, we know we’ve put everything to the test in the applications of interest.
To the app developer, Gradient on AWS means prototyping now, not a few months from now, and we’re excited to see how this unfolds!
The Gradient Network
Zooming out a bit, the set of hardware and software primitives we’ve created and described above are really just the foundation. What we’re interested in is how the emergent properties of many of these devices working collectively, in an “overlay network” of sorts, powers a new view of computation, data provenance and the maintenance of privacy for us, the users and owners of information.
A few areas we’re also working on:
(1) Distributed Key Management
To make large-scale networks feasible, the Gradient network introduces a new method of distributed key management for the decentralized world.
While today the developer of software for an Apple, Android or other device must rely upon manufacturers maintaining and protecting a central Certificate Authority — in Gradient’s case, our public keys as a manufacturer, and the keys of any other manufacturer of the Gradient architecture, are maintained in a distributed key infrastructure with audit trails for each manufacturer and design variant. We may further, with other manufacturer’s permission, integrate their keys into this framework.
(2) Dynamic permissions and security at subnetwork and app levels
We’ve observed that one of the pitfalls of many DLT projects is one of governance: change is slow, particularly if parameters are defined top-down. To mitigate this, in the Gradient network, a subnetwork can choose to set these authentication requirements above those of the network defaults, depending on the use case, threat vectors in mind, etc. (Private networks can really set these less stringently).
At the app level, developers can be more or less stringent what certificates or keys to trust, . E.g., today Apple’s secure boot sequence works for Apple’s own OS and for Windows, but not Linux. A network of Gradient devices can choose to accept other OSs. An app developer or user can choose to enforce more stringent rules across the attestation chain.
Join Us
If you’re passionate about the work we’re doing, come join us! Our team is varied, accomplished, and humble. We believe in a future of collaborative data that doesn’t sacrifice privacy or security in our information or our devices. We cannot build this alone — we’re looking for fellow problem solvers who are eager to join our mission. Current job postings are available here. If you don’t see an exact role but want to contribute, send as a note at jobs@gradient.tech
For general informational inquiries, reach us at info@gradient.tech
www.gradient.tech
