Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Remote Attestation Hybrid

Criston__Anna
New Contributor I
‎08-11-2020 07:55 AM
1,104 Views
Solved Jump to solution
Hi! I was wondering if there is any way of passing data from a not SGX-capable machine to an SGX-capable machine enclave without having the data go through the untrusted memory of the SGX machine.
I've searched around but could not find any projects on that. I know that remote attestation works for 2 SGX-capable machines to pass data from trusted memory to trusted memory. Is there any way to pass data from the untrusted memory of a not SGX-capable machine directly to the trusted memory of an SGX-capable machine (and vice versa)?

Thank you.
0 Kudos
1 Solution
ChrisB_Intel
Moderator
‎08-13-2020 12:52 PM
1,084 Views
Solved Jump to solution

A relying party/remote server (not required at all to be SGX enabled) that attests a remote SGX enabled platform/enclave.  It can then set up a secure channel to pass secrets directly in to the enclave memory. The secret is never in the clear between the relying party and the remote SGX enclave. 


Please take a look at the links below:


https://software.intel.com/content/www/us/en/develop/articles/code-sample-intel-software-guard-extensions-remote-attestation-end-to-end-example.html

https://github.com/intel/sgx-ra-sample



View solution in original post

0 Kudos
Copy link

Link Copied

2 Replies
ChrisB_Intel
Moderator
‎08-13-2020 12:52 PM
1,085 Views
Solved Jump to solution

A relying party/remote server (not required at all to be SGX enabled) that attests a remote SGX enabled platform/enclave.  It can then set up a secure channel to pass secrets directly in to the enclave memory. The secret is never in the clear between the relying party and the remote SGX enclave. 


Please take a look at the links below:


https://software.intel.com/content/www/us/en/develop/articles/code-sample-intel-software-guard-extensions-remote-attestation-end-to-end-example.html

https://github.com/intel/sgx-ra-sample



0 Kudos
Copy link
JesusG_Intel
Moderator
‎08-19-2020 11:15 AM
1,068 Views
Solved Jump to solution

This thread will no longer be monitored since we have provided a solution. If you need any additional information from Intel, please submit a new question.


0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.