Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1403 Discussions

SGX Host application multiple enclave

ciraci__nicolo
Beginner
‎01-11-2018 07:33 AM
627 Views

Hi,

can an application have two separate enclaves? Each running their code in separate concurrent threads? Furthermore, can this two enclave share a variable or the only communication way is LocalAttestation/Seal Data?

 

 

0 Kudos

Link Copied

2 Replies
Rodolfo_S_
New Contributor III
‎01-16-2018 02:52 PM
627 Views

Hi,

for the first two questions, the answer is yes. As for the last one, this would go against the purpose of SGX, which is to provide enclaves that are completely isolated from anything else. Therefore, no.

Regards,

Rodolfo

0 Kudos
Copy link
Hoang_N_Intel
Employee
‎01-17-2018 10:54 PM
627 Views

Running multiple enclaves in an application is definitely available but please remember that Enclave resource is limited and there is performance implication.

If you want to share a secret between two enclaves, you need to build a secure channel between them. A common technique is s leverage Diffie Hellman key exchange protocol to build one.

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.