I'm trying to create a key exchange app using intel's sgx technology.
I used this - https://software.intel.com/en-us/node/709011 page as guidance ,I send all the messages as this site shows but I don't know how to get the key!.
In the end of DH key exchange I should have a mutual key for the site and the server but I'm not sure where he is.
In the function sgx_dh_initiator_proc_msg3(as shown in the buttom of the site) there is a key called 'aek', is this the mutual key?
thanks
Asked
Active
Viewed 369 times
0
Yedidya kfir
- 1,419
- 3
- 17
- 32
1 Answers
0
The agreed DH Key is on both Msg2 and Msg3.
The last executed methods on a DH session establishment on SGX are:
sgx_dh_responder_proc_msg2on the responder side, andsgx_dh_initiator_proc_msg3on the initiator side.
Therefore, they extract the Agreed Key from the message they are processing.
The output of these methods is:
- the AEK key:
sgx_key_128bit_t, and - the Peer identity:
sgx_dh_session_enclave_identity_t.
ruizpauker
- 384
- 7
- 19