Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1540 Discussions

Sealing problem

AlvaroPastor
Beginner
‎07-02-2021 02:15 AM
1,741 Views
Solved Jump to solution

Hi,

I would like to ask something about sealing. If you seal your data using MRENCLAVE and as Intel states "anyone can load your enclave", how can you prevent that attacker load your enclave and unseal your data? 

Thanks.

0 Kudos
1 Solution
JesusG_Intel
Moderator
‎07-06-2021 02:14 PM
1,721 Views
Solved Jump to solution

Hello Alvaro,


You are correct. This is why you have to implement a policy for checking a shared secret between the untrusted application and the enclave before the enclave returns the unsealed data.


Enclaves do not trust the application that loads them, that is why those applications are called "unstrusted."


One way to do this is to create a payload structure that includes a secret and the data. When unsealing the payload, the untrusted application has to provide the enclave the secret that was originally sealed with the data. The enclave compares the provided secret to the original secret that it sealed. If they match, the enclave returns the data to the untrusted application.


Refer to http://www.sgx101.com/portfolio/password_wallet/ for an example of how to seal a user's password and the wallet together. Before returning the unsealed data, the enclave checks that the password provided by the untrusted application matches the unsealed password.


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

0 Kudos
Copy link

Link Copied

2 Replies
JesusG_Intel
Moderator
‎07-06-2021 02:14 PM
1,722 Views
Solved Jump to solution

Hello Alvaro,


You are correct. This is why you have to implement a policy for checking a shared secret between the untrusted application and the enclave before the enclave returns the unsealed data.


Enclaves do not trust the application that loads them, that is why those applications are called "unstrusted."


One way to do this is to create a payload structure that includes a secret and the data. When unsealing the payload, the untrusted application has to provide the enclave the secret that was originally sealed with the data. The enclave compares the provided secret to the original secret that it sealed. If they match, the enclave returns the data to the untrusted application.


Refer to http://www.sgx101.com/portfolio/password_wallet/ for an example of how to seal a user's password and the wallet together. Before returning the unsealed data, the enclave checks that the password provided by the untrusted application matches the unsealed password.


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
Copy link
JesusG_Intel
Moderator
‎07-09-2021 02:10 PM
1,705 Views
Solved Jump to solution

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.