Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Questions about Launch Enclave and EINITTOKEN


I have some questions about Launch Enclave and EINITTOKEN.  

I can't find detailed document about LE. So I learned a lot from some posts in this forum, but I still have some questions. Fistly, I know an attacker can tamper an enclave and regenerate the signature. I also know  LE could prevent this situation. Before the enclave initialization, LE will verify if the developer's public key is in the whitelist signed by Intel. 

The problem is coming, can a developer who's public key in the whitelist tampers with any enclave and run it?
In addition, I want to know how the information in EINITTOKEN is generated, such as EINITTOKEN.MRENCLAVE.

Related posts are as follows, hope for your reply.

0 Kudos
0 Replies