Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Beginner
129 Views

How local attestation in SGX make sure code running in the Enclave is secure?

Jump to solution

I am reading the 'Local Attestation' sample code. I know local attestation can build a secure link so that two enclaves can share their secret data. However, if Enclave 2 wants to connect Enclave 1, how can Enclave 1 know the code in Enclave 2 is secure? For example, if the code in Enclave 2 is leaking private information to outside or unsafe space, how can Enclave 1 know it?

0 Kudos

Accepted Solutions
Highlighted
Moderator
100 Views

Re:How local attestation in SGX make sure code run...

Jump to solution

The only thing you can be sure of is that the code was written by a trustworthy party and then you can make assumptions about the code based on that. Your enclave should still do reasonable security checks on the data it interacts with.


Jesus Garcia, Intel Customer Support

View solution in original post

0 Kudos
3 Replies
Highlighted
Moderator
105 Views

Re:How local attestation in SGX make sure code run...

Jump to solution

Hello Julien,


A basic premise of SGX enclaves is that enclaves do not trust the external environment, i.e. any code, including other enclaves, that is running outside of the enclave. Every enclave running on a platform is its own separate and independent DLL file. When local attestation occurs, the enclaves prove to each other that they are trustworthy enclaves that were instantiated on the same platform but the only way they communicate is by sending data to each other. Enclaves do not "connect" to each other; they are always separate and independent. They communicate via messages to each other and cannot see what the other enclave does beyond those messages.


So, if an enclave is doing something it should not do, such as leaking secrets, there is no SGX-native way for another enclave to know. The only way for another enclave to detect this is if it gets this information via other means.


Jesus Garcia, Intel Customer Support
0 Kudos
Highlighted
Beginner
102 Views

Re: Re:How local attestation in SGX make sure code run...

Jump to solution

Thanks!!!

My current understanding is that it is the programmer who should be responsible to make sure the enclave will not leak any private information. I noticed in 'local attestation', each enclave need to check the MRSIGNER of both enclaves, so that it can make sure the code in the enclave is written by a trustworthy party (I know it is just one of the policy). Therefore, if it is written by a trustworthy party, then we should believe the code in the enclave is secure (not leaking private information).

Did I understand it corrently?

Highlighted
Moderator
101 Views

Re:How local attestation in SGX make sure code run...

Jump to solution

The only thing you can be sure of is that the code was written by a trustworthy party and then you can make assumptions about the code based on that. Your enclave should still do reasonable security checks on the data it interacts with.


Jesus Garcia, Intel Customer Support

View solution in original post

0 Kudos