Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Security Guarantees of SGX monotonic counter

ucxdz
Beginner
‎12-12-2018 12:50 AM
784 Views

Hi there,

I wanted to know what the security guarantees of SGX monotonic counters are.

Intel's documentation does not really state something about the security, and only explains how the API is supposed to be called.

I searched all of Intel's documentation on the topic and all forum posts, but did not find an answer.

I found a blog post (https://davejingtian.org/2017/11/10/some-notes-on-the-monotonic-counter-in-intel-sgx-and-me/) which goes into details about the process of creating a monotonic counter. Apparently, there are Intel AE messages, an SQlite database, something with Java(?) and the Intel ME involved.

Could someone clarify what exactly is going on, and what an attacker would need to do to break the monotonic counter security or tamper with the counter in non-volatile memory?

Thank you and have a good day!

Lina

0 Kudos

Link Copied

2 Replies
Brenzikofer__Alain
Beginner
‎05-25-2019 09:55 AM
784 Views

No reply from Intel? Seriously?

0 Kudos
Copy link
Dr__Greg
Super User
‎05-31-2019 01:49 AM
785 Views

Good morning, I hope the week has gone well for everyone.

We are certainly not Intel but it is largely self-evident that the security of Intel supplied SGX monotonicity sources is the integrity and security of the Management Engine (ME).  The URL provided by the first poster provides a good summary with respect to discussing how SGX Platform Services (PS) is implemented.

In a nutshell, the strategy is to have platform service enclaves load Intel supplied and signed Java bytecode into the ME.  The supplied code uses facilities in the ME to access platform NVRAM in order to provide a trust root for a monotonicity source either in the form of counters or time.

The security predicate is whatever one chooses to convey to the whole concept of the ME, which is obviously a political hot potato in technical circles.  In a larger context, SGX, as a technology, is partitioning into two camps; servers and endpoint devices.  As the linked article notes, access to the ME and platform services is not available on server platforms, which is currently the highest profile venue for the application of SGX technology.

Given all of this. there would seem to be the need for the SGX development eco-system to have a solid story on reliable sources for monotonicity.

We have previously written about the issue of SGX monotonicity in the past.  Anyone interested can review that conversation via the following URL:

https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/806502

TPM's are well understood and a reasonably 'open' architecture.  Any relevant SGX platform in the future will have access to TPM2 compliant hardware, either in the form of a hardware or firmware implementation.  TPM technology is designed to have a reliable source of monotonic time that is persisted over system resets in NVRAM.  What is needed is a replacement for the existing platform services architecture that uses a TPM rather then an ME based application as the root of trust for a monotonicity implementation.

In the case of Platform Trust Technology (PTT), the TPM implementation is actually a software simulator running on the ME, so once again, the conversation ultimately circles back as to how much trust one wants to confer on the whole concept of an ME architecture and its implementation.

Best wises for a pleasant weekend to everyone.

Dr. Greg

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.