I'm trying to understand this SGX new feature and I have a hard time to understand some core concepts although going through some very long white papers and articles, that goes from very shallow explaining to very deep implementation stuff.
I think I understood this enclave entering and exiting concept,
however I don't understand the high level concept of how is it possible to execute code on local machine and providing all the code and data on the actuall files (so for example: http://ayeks.de/2016/01/Create-and-Execute-an-Intel-SGX-Enclave/)
the enclave_test_save.signed.dll file which is the sgx enclave project and the code and data is suppose to be protected.
How is it logicly possible to provide all the code and the data (i understand they are encrypted) and not providing any key to open those file and still they will be secured?
How this code and data actually being open on a local computer without any 3rd party server to send the needed key to open them?
Does intel have some kind of private key allowing the cpu to open all the the encrypted code & data and so they only the hardware of the cpu to be able to open it?
Is it mean that if someone will get this private key he will be able to open all the encrypted enclaves?
I hope you can help me do some order in the mess of learning,
thank you for your help!
The signed dll enclave file, if designed correctly, should not have any secrets provisioned already. We recommend that once the enclave that has only the code that operates on your confidential information, is loaded and verified, only after that secret should be provisioned into it. Once the secrets are provisioned, enclave can seal them locally for later use. Provisioning of secrets can be done using the remote attestation mechanism supported by Intel using a modified sigma protocol. Please refer to this article and code sample for remote attestation - https://software.intel.com/en-us/articles/intel-software-guard-extensions-remote-attestation-end-to-end-example