Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

sgx get trusted time

Amr_A_
Novice
1,812 Views

Hi All,

I would like to know how the core concept behind the API call  "sgx_get_trusted_time".

Is there a deticated hardware for that or what? How does Intel assure that it is a trusted time?

Regards

4 Replies
Anusha_K_Intel
Employee
1,812 Views

Hi,

The trusted time is uses AE service for fetching the time. Before using the trusted time function we need to call sgx_create_pse_session for platform service. This platform service enclave fetches the data related to the function.

sgx_status_t sgx_get_trusted_time(
sgx_time_t* current_time,
sgx_time_source_nonce_t* time_source_nonce
);

current_time contains time in seconds and time_source_nonce con-tains nonce associate with the time. The caller should compare time_source_nonce against the value returned from the previous call of this API if it needs to calculate the time passed between two readings of the Trusted Timer. If the time_source_nonce of the two readings do not match, the dif-ference between the two readings does not necessarily reflect time passed

Amr_A_
Novice
1,812 Views

Hi Anusha,

Thanks for your reply. I would like to know the algorithm behind it?

Does it depend on a trusted hardware? How can they guarantee the trust in such a call?

0 Kudos
Shivananda_H_Intel
1,812 Views

Hi

Trusted Time service depends on specific capability in the chipset on the platform. The recent SGX Linux SW releases do provide SGX Monotonic Counter and Trusted Time service on Ubuntu 16.04, if the chipset on the platform supports it. 

 

Regards

Shivananda

0 Kudos
Amr_A_
Novice
1,812 Views

Hi Shivananda,

Thanks for your reply. So there is hardware support behind it. But I found online that this sgx_get_trusted_time API is only available during the simulation mode. Is that right?

Is there any examples for using it?

Regards

Amr

0 Kudos
Reply