Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

SGX enclaves and sockets

X99
New Contributor I
‎06-16-2021 07:18 AM
905 Views
Solved Jump to solution

Hi.

Someone told me that it's impossible to create/use sockets from within an enclave.

However, I did not found any resources explaining this limitation. On reflection, it might be because of kernel issues due to the fact that the enclave's code/data is fully encrypted?

Thanks for your enlightenment.

0 Kudos
1 Solution
JesusG_Intel
Moderator
‎06-16-2021 11:02 AM
892 Views
Solved Jump to solution

Hello X99,

 

Enclaves cannot use sockets because enclaves rely on the untrusted application that loads the enclave to communicate with external components. Enclaves cannot create independent communication channels to outside entities. This would break their security and trust model.

 

Sincerely,

Jesus G.

Intel Customer Support

 

 

View solution in original post

Copy link

Link Copied

2 Replies
JesusG_Intel
Moderator
‎06-16-2021 11:02 AM
893 Views
Solved Jump to solution

Hello X99,

 

Enclaves cannot use sockets because enclaves rely on the untrusted application that loads the enclave to communicate with external components. Enclaves cannot create independent communication channels to outside entities. This would break their security and trust model.

 

Sincerely,

Jesus G.

Intel Customer Support

 

 

Copy link
JesusG_Intel
Moderator
‎06-23-2021 02:22 PM
856 Views
Solved Jump to solution

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.