Hi Lina.

ucxdz · ‎09-25-2018

Hello community,

I hope to get some insights about the encryption scheme used by the SGX Protected Filesystem Library. Unfortunately, no information about the encryption scheme is given at the documentation I found here: https://software.intel.com/en-us/sgx-sdk-dev-reference-intel-protected-file-system-library

I would like to know if an authenticated encryption scheme is used?

Also, I noticed that when I am writing data to untrusted memory using sgx_fwrite, the files are always of sizes that are multiples of 4.096 bytes:

I write 20 bytes with sgx_fwrite --> my file has 4.096 bytes
I write 500 bytes with sgx_fwrite --> my file has 4.096 bytes
I write 10.000 bytes with sgx_fwrite --> my file has 16.384 bytes ( 4 * 4.096)
I write 16.000 bytes with sgx_fwrite --> my file has 24.576 bytes ( 6 * 4.096)

Does this mean that the SGX Protected Filesystem Library is using an encryption scheme with padding / a block size involved? I hope someone with more insights on this could share some information with us.

Thank you in advance for your help and have a good week,

Lina

Scott_R_Intel · ‎09-26-2018

Hi Lina.

The SGX Protected File System uses AES-GCM for it's authenticated encryption algorithm and yes, it is based around 4K blocks or nodes.

FYI, if you didn't already know, the code for the Linux SGX Protected File System library can be found here: https://github.com/intel/linux-sgx/tree/master/sdk/protected_fs

Also, there's a very detailed blog post by Tate Tian about the SGX Protected File System library here: http://www.tatetian.io/2017/01/15/understanding-sgx-protected-file-system/

Regards.

Scott

ucxdz · ‎09-26-2018

Hello Scott,

thanks for your reply.

Thanks for the link to the code and the clarification!

Lina

What is the encryption scheme used by SGX Protected FS?