Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

About Sealing

ffan01
Beginner
‎12-19-2019 06:43 PM
428 Views

Hi,

Is there any difference between the sgx_aes_ctr_encrypt and sgx_seal_data?

Since they are both used to encrypt the data, and I have tested their performance. They show similar performance.

Is there any suggestion to choose which encrypt function when I need to encrypt data?

 

Thanks!

0 Kudos

Link Copied

1 Reply
Scott_R_Intel
Employee
‎01-03-2020 08:31 AM
428 Views

Hello.

It really depends on the usage.  In simplest terms, the sgx_seal_data function requests via EGETKEY the processor seal key to encrypt the data, which is processor specific.  This means you would only be able to decrypt the data on that exact processor.  The sgx_aes_ctr_encrypt function takes the key to encrypt with as an input parameter, which could be the seal key if you wanted, or some other derived key.  Both functions ultimately encrypt with a 128bit AES key.  Also be aware that sgx_seal_data ultimately uses AES GCM and sgx_aes_ctr_encrypt uses AES CTR (of course, per the name), if that matters to your work.

Regards.

Scott

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.