Hi,

Emm_D_ · ‎01-10-2017

Hi,

Is there a way to get the time when running in enclave mode (without a syscall) and be sure that this is not manipulated by a malicious OS? I know about the RDTSC instruction, but the TSC register can be modified from outside the enclave, so this can not be considered secure. To be more specific, I am interested if we can get the time elapsed between two instructions executed in enclave mode.

Thank you

Francisco_C_Intel · ‎01-12-2017

You could use "Platform Service Functions" - "sgx_get_trusted_time"

The resolution is in seconds though...

Ofir_W_ · ‎01-12-2017

Hi,

I noticed that in the reference manual

https://download.01.org/intel-sgx/linux-1.7/docs/Intel_SGX_SDK_Developer_Reference_Linux_1.7_Open_Source.pdf

It says (page 199 on my version)

sgx_get_trusted_time
sgx_get_trusted_time gets trusted time from the AE service.
This API is only available in simulation mode

This is at least the case for Linux.

I

Emm_D_ · ‎01-13-2017

Hi,

Thank you for your replies. sgx_get_trusted_time is the kind of function I was looking for and somehow missed it in the manual, Thanks again.

Fatima_A_ · ‎12-15-2017

As of 2017, in the latest processors, the sgx_get_trusted_time is also supported in harwdare mode through PSE (Platform Service Enclaves) maintained and signed by Intel.

kai__chi · ‎06-18-2020

Hi, As of SGX SDK v2.9.1 the sgx_get_trusted_time got deprecated at some point. Is there any other way to get time inside an enclave? Best, Kai

JesusG_Intel · ‎06-18-2020

Hello Kai,

Please see the last post in this thread.

Regards,

Trusted time from enclave