- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
As far as I understand, the EGETKEY command which is used to get a bunch of different keys uses some sort of hardware key to generate the sub-keys? Is that correct? If yes, are the hardware keys the same for each SGX machine or are they different per-machine?
Thanks!
Adil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Adil,
AFAIK, all keys are device independent, i.e. on different machine(CPU) the same enclave will get different keys using EGETKEY.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
The Intel® SGX Architecture provides the hardware instructions, EREPORT and EGETKEY, to support attestation and sealing. The EREPORT instruction provides an evidence structure that is cryptographically bound to the hardware for consumption by attestation verifiers. EGETKEY provides enclave software with access to the “Report” and “Seal” keys used in the attestation and sealing process. EGETKEY provides access to persistent Sealing Keys that enclave software can use to encrypt and integrity-protect data.
When invoking EGETKEY, the enclave selects criteria, or a policy, for which enclaves may access this sealing key. These policies are useful for controlling the accessibility of sensitive data to future versions of the enclave.
Intel® SGX supports two policies for Seal Keys:
Sealing to the Enclave Identity
Sealing to the Sealing Identity
Please refer the below link for more information
- Introduction to Intel® SGX Sealing - https://software.intel.com/en-us/blogs/2016/05/04/introduction-to-intel-sgx-sealing
- Innovative Technology for CPU Based Attestation and Sealing (4.SEALING) - https://software.intel.com/en-us/articles/innovative-technology-for-cpu-based-attestation-and-sealing
-Surenthar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thanks for the answer. Sorry if my question was unclear but I was wondering if one could get the same SGX seal key per different enclaves running on different SGX machines? I know that EGETKEY uses a hardware key to create its seal key alongwith either enclave information or signer's key. But is that hardware key different per machine or the same which could essentially mean that we can theoretically get the same key if we run the same enclave on different machines.
Thanks!
Adil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Adil,
AFAIK, all keys are device independent, i.e. on different machine(CPU) the same enclave will get different keys using EGETKEY.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Adil,
SGX seal keys are unique to the platform. Two different systems will not derive the same key from the same enclave.
-Surenthar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Okay, that answers my question. Thanks a lot for the replies!
Adil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @selvaraj,
While sgx_create_report, which key is used to generated sgx_msc_t (CMAC value of report data) ?
How QE(Quoting Enclave) Verifies the CMAC value!?
Is that key accessible to both app enclave and QE?
thanks!

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page