Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1485 Discussions

Any example of encryption-decryption and remote attestation between the user and the public cloud?

Patiala
Beginner
‎08-10-2023 11:57 AM
742 Views

Dear Concern,

I am working with Intel’s PyTorch-SGX. I basically followed the example shown on Intel’s GitHub page (https://github.com/intel/sgx-pytorch/tree/sgx/enclave_ops) which demonstrates encryption-decryption of a deep learning model between the model owner and the remote cloud. But I did not find any demonstration between the user and the cloud.

My understanding is that before sending to the public cloud, first, the user needs to encrypt the test data to ensure security. The public cloud will decrypt it and send it to PyTorch’s enclave for making predictions. The public cloud will encrypt the prediction result and send it back to the user. The user will need to decrypt the prediction.   

I am not sure how can we do this. Can you please provide me with some examples (or some guidance) for exchange between the user (not the model owner) and the public cloud?

Thank you. 

0 Kudos

Link Copied

2 Replies
Iffa_Intel
Moderator
‎08-16-2023 07:28 PM
676 Views

Hi,

 

Before any sensitive data is sent to the CSP, the user needs to encrypt the data using encryption keys managed by SGX which are then passed to the enclave.

 

The enclave executes the PyTorch computations using the encrypted data which made the data that are sent back to the user from the enclave are encrypted using the same SGX-managed encryption keys.

 

As a result, the user, whose machine has the decryption keys, receives the encrypted outcome and then decrypts the data.

The SGX + PyTorch repo is outdated and is not fully supported, so we recommend using Gramine and PyTorch Curated applications. Some samples are below:

 

 

This video might help to illustrate the process to you as it demonstrates the set-up process for one of Intel® Software Guard Extensions (Intel® SGX) enhanced confidential containers and the PyTorch workload set-up

 

Cordially,

Iffa


Copy link
Iffa_Intel
Moderator
‎08-24-2023 08:07 PM
623 Views

Hi,


Intel will no longer monitor this thread since we have provided a solution. If you need any additional information from Intel, please submit a new question. 


Cordially,

Iffa


0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.