Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1448 Discussions

Retain Diffie-Hellman Secret Derived During Remote Attestation

AArya2
New Contributor I
472 Views

How can this be done in a minimally invasive way?

I want to write an enclave that generates a symmetric session key from the DH secret derived during RA to be used for secret provisioning, as is recommended in all SGX references.

I conjecture one has to override some of the callback functions fed to sgx_ra_proc_msg2. Is that true? If so, and if not, how would you recommend I should go about it?

0 Kudos
1 Solution
AArya2
New Contributor I
472 Views

After reading the SDK Developer's Reference a bit, I realized that sgx_ra_init_ex should be used instead of sgx_ra_init.

Using the former function you can provide a callback function that customizes key derivation from the shared DH secret.

View solution in original post

0 Kudos
1 Reply
AArya2
New Contributor I
473 Views

After reading the SDK Developer's Reference a bit, I realized that sgx_ra_init_ex should be used instead of sgx_ra_init.

Using the former function you can provide a callback function that customizes key derivation from the shared DH secret.

0 Kudos
Reply