Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1448 Discussions

Proper location of destination buffers for sgx_rijndael128GCM_encrypt

DavidCho
Beginner
810 Views

Dear Intel SGX Team,

I have a question about the proper usage of SDK function, sgx_rijndael128GCM_encrypt. In the "Intel SGX Developer Reference Guide", there is a description for the function. It says that "It is recommended that the source and destination data buffers are allocated within the enclave". However, what I wonder is that do we need to allocate the destination buffers within the enclave? I think the destination buffer only contains the encrypted data, so it can be allocated outside the enclave memory.

If we can allocate the destination buffer outside the enclave memory, I can use [user_check] for the function in the EDL file. (When I tested the latency difference between [out] and [user_check], it was not a big deal, but the [user_check] was a little bit better)

So, I wanna know why allocating destination buffer within the enclave is recommended. (I'm not sure but is it related to security issues?)

I really appreciate any comments.

Thank you in advance.

Best regards,

David Cho.

0 Kudos
1 Solution
JesusG_Intel
Moderator
792 Views

Hello David,


It is recommended that the destination be inside the memory space of the enclave in order to not place enclave data into untrusted/unprotected memory space. You are right, the data is encrypted (this is why it's a recommendation rather than a requirement), and you will get better performance using [user check] because with [user check] the compiler does not create the proxy functions to marshal the data across the trust boundaries.


I recommend to read this article for more details on data marshaling: https://software.intel.com/content/www/us/en/develop/articles/intel-software-guard-extensions-tutorial-part-7-refining-the-enclave.html


View solution in original post

3 Replies
JesusG_Intel
Moderator
802 Views

Hello David,


We are looking into your issue. Please stay tuned.


0 Kudos
JesusG_Intel
Moderator
793 Views

Hello David,


It is recommended that the destination be inside the memory space of the enclave in order to not place enclave data into untrusted/unprotected memory space. You are right, the data is encrypted (this is why it's a recommendation rather than a requirement), and you will get better performance using [user check] because with [user check] the compiler does not create the proxy functions to marshal the data across the trust boundaries.


I recommend to read this article for more details on data marshaling: https://software.intel.com/content/www/us/en/develop/articles/intel-software-guard-extensions-tutorial-part-7-refining-the-enclave.html


DavidCho
Beginner
785 Views

Thanks for your kind reply.

It helps me a lot.

Have a good day!

 

Best regards,

David Cho.

0 Kudos
Reply