Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1426 Discussions

Questions about Launch Enclave and EINITTOKEN

Wang__Jie
Beginner
‎11-21-2019 02:45 AM
206 Views

hi,
I have some questions about Launch Enclave and EINITTOKEN.  

I can't find detailed document about LE. So I learned a lot from some posts in this forum, but I still have some questions. Fistly, I know an attacker can tamper an enclave and regenerate the signature. I also know  LE could prevent this situation. Before the enclave initialization, LE will verify if the developer's public key is in the whitelist signed by Intel. 

The problem is coming, can a developer who's public key in the whitelist tampers with any enclave and run it?
In addition, I want to know how the information in EINITTOKEN is generated, such as EINITTOKEN.MRENCLAVE.

Related posts are as follows, hope for your reply.
https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/703703
https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/798514

0 Kudos

Link Copied

0 Replies
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.