I hope to get some insights about the encryption scheme used by the SGX Protected Filesystem Library. Unfortunately, no information about the encryption scheme is given at the documentation I found here: https://software.intel.com/en-us/sgx-sdk-dev-reference-intel-protected-file-system-library
I would like to know if an authenticated encryption scheme is used?
Also, I noticed that when I am writing data to untrusted memory using sgx_fwrite, the files are always of sizes that are multiples of 4.096 bytes:
Does this mean that the SGX Protected Filesystem Library is using an encryption scheme with padding / a block size involved? I hope someone with more insights on this could share some information with us.
Thank you in advance for your help and have a good week,
The SGX Protected File System uses AES-GCM for it's authenticated encryption algorithm and yes, it is based around 4K blocks or nodes.
FYI, if you didn't already know, the code for the Linux SGX Protected File System library can be found here: https://github.com/intel/linux-sgx/tree/master/sdk/protected_fs
Also, there's a very detailed blog post by Tate Tian about the SGX Protected File System library here: http://www.tatetian.io/2017/01/15/understanding-sgx-protected-file-system/