Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Intel SGX - Building a trusted enclave within untrusted OS

roee_l_
Beginner
‎01-17-2016 07:15 AM
1,178 Views
Solved Jump to solution

Hello, I'm currently researching a little about the Intel SGX instructions and I find it difficult to understand how one can actually **build** a trusted enclave within an untrusted operating system. many of the Intel SGX instructions are ring 0 instructions that require kernel privilege. This implies
that the operating system (most likely) must be involved to provide services (Through e.g. system-calls). How can one trust the OS to actually build a trusted enclave for him?

I did find the following paragraph within Intel manual:

After a page has been added to an enclave, software ca
n measure a 256 byte region as determined by the devel-
oper by invoking EEXTEND. Thus to measure an entire
page, system software must execute EEXTEND 16 times.
Each invocation of EEXTEND adds to the cryptographic lo
g information about which region is being measured and
the measurement of the section.
 
I still do not get, as EEXTEND and EADD should be executed with ring 0 privilege, how can an untrusted OS create a secured enclave. I know that I'm pretty much missing something, please enlighten me.
 
 
0 Kudos
1 Solution
Simon_J_Intel
Employee
‎01-17-2016 12:14 PM
1,178 Views
Solved Jump to solution

Section 5 of our whitepaper explains the process for building an enclave. Whilst a Ring0 component executes the instructions, the HW architecture is responsible for the security of the enclave. The measurement created by the HW during this process is inaccessible to the Ring0 component.

At the end of the build process you have an enclave with a measurement and it then uses the attestation process to allow a verifier to determine that the enclave was built as it required and then to deploy a secret to the enclave.

Keys used to keep the secret local are also bound to the measurement of the enclave.

View solution in original post

0 Kudos
Copy link

Link Copied

1 Reply
Simon_J_Intel
Employee
‎01-17-2016 12:14 PM
1,179 Views
Solved Jump to solution

Section 5 of our whitepaper explains the process for building an enclave. Whilst a Ring0 component executes the instructions, the HW architecture is responsible for the security of the enclave. The measurement created by the HW during this process is inaccessible to the Ring0 component.

At the end of the build process you have an enclave with a measurement and it then uses the attestation process to allow a verifier to determine that the enclave was built as it required and then to deploy a secret to the enclave.

Keys used to keep the secret local are also bound to the measurement of the enclave.

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.