Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

SGX enclaves and sockets

X99
New Contributor I
401 Views

Hi.

Someone told me that it's impossible to create/use sockets from within an enclave.

However, I did not found any resources explaining this limitation. On reflection, it might be because of kernel issues due to the fact that the enclave's code/data is fully encrypted?

Thanks for your enlightenment.

0 Kudos
1 Solution
JesusG_Intel
Moderator
388 Views

Hello X99,

 

Enclaves cannot use sockets because enclaves rely on the untrusted application that loads the enclave to communicate with external components. Enclaves cannot create independent communication channels to outside entities. This would break their security and trust model.

 

Sincerely,

Jesus G.

Intel Customer Support

 

 

View solution in original post

2 Replies
JesusG_Intel
Moderator
389 Views

Hello X99,

 

Enclaves cannot use sockets because enclaves rely on the untrusted application that loads the enclave to communicate with external components. Enclaves cannot create independent communication channels to outside entities. This would break their security and trust model.

 

Sincerely,

Jesus G.

Intel Customer Support

 

 

JesusG_Intel
Moderator
352 Views

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


Reply