topic Thank you for replying. in Intel® Software Guard Extensions (Intel® SGX)

How can I seal/unseal data without compromised by untrusted area

aos — Thu, 02 Nov 2017 13:22:54 GMT

Hello.

I'm now developing application with SGX features, but I have several questions about sealing/unsealing. I hardly understand how to treat those features, so please forgive my poor questions.

1. I would like to seal encryption key in enclave on my application. I (maybe) already succeeded to seal a value returned from ECALL function like this(written on untrusted code):

//ECALL. Pass pointer to std::vector<int> which already initialized and return their average as int with &retval.
int retval; //value to get return value from ECALL function
sgx_status_t status = AVG_IN_ENCLAVE(global_eid, &retval, (void*)dbvec_ptr, pass_test);

//
//omit unnecessary
//

//Sealing part. Here, I seals the value pointed by &retval. (At least I think so)
size_t sealed_size = sizeof(sgx_sealed_data_t) + sizeof(retval);
    uint8_t* sealed_data = (uint8_t*)malloc(sealed_size);

    sgx_status_t ecall_status;
    status = seal(global_eid, &ecall_status,
            (uint8_t*)&retval, sizeof(retval),
            (sgx_sealed_data_t*)sealed_data, sealed_size);

But eventually I'd like to seal value which never exit from enclave. In other words, I think if I return that secret value from enclave to untrusted area like above code, it can be seen by untrusted area. How can I seal such secret values? Is there any ways to call sealing function from ECALL function?

2. After unsealing, the decrypted data is on enclave? When I call the unsealing function like this(written on untrusted code)

int unsealed;
status = unseal(global_eid, &ecall_status,
            (sgx_sealed_data_t*)sealed_data, sealed_size,
            (uint8_t*)&unsealed, sizeof(unsealed));

the decrypted data can be gain by referring to "unsealed", but with this code, I think the decrypted value is on untrusted area. Is there any way to decrypt data on enclave and refer to that value from ECALL function?

Probably I'm writing very poor code and I still need to learn far more about SGX features, so any advice is welcome.

Thank you.

Hi:

you_w_ — Fri, 03 Nov 2017 08:27:25 GMT

Hi:

1. You should provision the key though an secure way to the enclave.

2. If you don't want to expose your key, you can only use the key inside enclave. That means your encrypt implementation should inside enclave;

3. You can write three Ecall functions like this:

//put key into enclave

provision_key(key){

sealed_key = sealed(key);

}

//encrypt data with you key

encrypt(data, sealed_key, encrypted)

{

key = unseal(sealed_key);

encrpyted_data = encrppt(data, key);

}

//decrypt encrypted_data with your key

decrypt(encrypted_data, sealed_key, data)

{

key = unseal(sealed key);

data = decrypt(encrypted_data, key);

}

Hope you can understand,

Regards

you

I'd suggest looking at the

Juan_d_Intel — Fri, 03 Nov 2017 12:34:28 GMT

I'd suggest looking at the SealedData sample code included in the SGX SDK.

It shows how to perform sealing/unsealing operations within an enclave applying difference policies.

The Developer Reference describes what the sample code does.

Thank you for replying.

aos — Mon, 06 Nov 2017 15:03:02 GMT

Thank you for replying.

I didn't notice that I can call another function in enclave from enclave function... Now maybe I can implement those secure sealing/unsealing features. Thanks for noticing me.