Stack Overflow
Stack Overflow

Questions tagged [sgx]

Intel SGX is a set of CPU instruction extensions that allows application developers to create applications that retain the confidentiality and integrity of select data and code using Secure Enclaves.

Intel SGX is a set of CPU instruction extensions that allows application developers to create applications that retain the confidentiality and integrity of select data and code using secure Enclaves.

Enclaves are protected areas of execution. Application code can be put into an enclave via special instructions and software made available to developers via the Intel SGX SDK. The SDK and documentation are available at:

Requirements

SGX requires 6th Generation Intel Core Processors (Skylake) or later.

The Windows SDK requires a 64-bit version of Windows 7 or above, and the Microsoft Universal C Runtime.

The Linux SDK requires Ubuntu Desktop-16.04-LTS 64-bit.

175 questions
3
votes
1 answer

Using Intel SGX Remote Attestation in a Client-Server Architecture

Assume the following scenario: we want to implement an open-source password manager that uses a central service that enables the different clients (on different devices) to synchronize their local databases. It doesn't matter if this service is run…
Marc
  • 69
  • 6
3
votes
0 answers

Intel SGX: Creating an attestation report within the enclave

I'm using SCONE Docker image to run my code inside Intel SGX enclave. SCONE handles the creation of enclaves and their eventual destruction, which makes my life as a programmer easier. But if I want to perform a Local or Remote Attestation of my…
Igor
  • 121
  • 1
  • 3
3
votes
3 answers

Azure SGX support

I'm trying to use SGX on Windows Azure as shown in this article Introduction to Azure Confidential Computation. But I think SGX it is no longer supported by Azure. Is there any other way to run SGX applications on cloud rather than Azure?
0x3bfc
  • 2,715
  • 1
  • 16
  • 20
3
votes
1 answer

Intel SGX developer licensing and open-source software

Is it possible to obtaining a licensed developer certificate for signing security-reviewed, community-developed open source SGX software binary in production mode, and publish it on open source repository like apt or rpm? I just asked Intel SGX…
Heting Wang
  • 51
  • 4
3
votes
2 answers

Why in SGX enclave string argument has to be used with [in] attribute

Using OCALL, I want to get a copy of C string that is dynamically created in untrusted memory into my enclave. Thus, I have to use [out, string] attribute. However, I cannot do that because I have to add [in] attribute as well. The problem is that I…
yerzhan7
  • 185
  • 2
  • 14
3
votes
1 answer

How to register custom exception in Intel SGX?

I'm having difficulty to get my custom exception handler to work. This is the Enclave code: #include "Enclave_DivideZero_t.h" #include "sgx_trts_exception.h" #include "sgx_trts.h" #include static char buf[200] = "Handler not called"; int…
ThunderWiring
  • 738
  • 1
  • 7
  • 29
3
votes
2 answers

How to add a device to all docker containers

To make use of SGX enclaves applications have to talk to the SGX driver which is exposed via /dev/isgx on the host. We execute such applications inside of Docker containers mapping /dev/isgx inside with the --device command line option. Is there an…
fzgregor
  • 1,807
  • 14
  • 20
3
votes
0 answers

SGX and TPM interface

I was looking through the documentation of SGX and could not find any description of how to access the contents of a TPM. According to their claims that should although be possible!? Has anyone experience in this?
wasp256
  • 5,943
  • 12
  • 72
  • 119
3
votes
1 answer

Intel SGX HeapMaxSize and EPC page swapping

The .edl files contain a HeapMaxSize entry. The SDK User Guide states that this is because Enclave memory is a limited resource. Maximum heap size is set at enclave creation. But doesn't the SGX specification allow EPC page swapping (EPA,…
Freddy
  • 402
  • 4
  • 8
2
votes
1 answer

How do I always include a Rust dependency when linking?

I am trying to use the Fortanix SGX framework to run libdvdcss in an enclave, but having problems with the linker. I created a simple FFI wrapper around libdvdcss which works fine when executing it normally on Linux (without SGX and with libdvdcss…
Hellstorm
  • 562
  • 4
  • 23
2
votes
1 answer

Comparative Differences between the threat model of substraTEE and Intel SGX

I am trying to understand the comparative differences between the Intel SGX and SubtraTEE SGX infrastructure in designing a threat model for SubstraTEE. Any pointers would be super helpful.
Gokul Alex
  • 441
  • 4
  • 21
2
votes
2 answers

Where is the intel sgx psw and making intel sgx work with ubunut 18.04

I've tried following the intel instructions to install sgx, but it requires the sgx_linux_x64_psw_.bin file, which i cannot find anywhere. I've got the driver installer (sgx_linux_x64_driver_1.35.bin) and the sdk…
Joshua Weiss
  • 31
  • 4
2
votes
2 answers

How to use the result of snprintf and send from server to client in socket programming C++

I have this function which prints the hmac of a string: char *print_bits(unsigned char *bits, size_t len) { int i; char buf[64], *put = buf; for(i = 0; i < len; i++){ put += snprintf(put, 64, "%02x", bits[i]); } return put; } I want to use…
Shegs01
  • 35
  • 5
2
votes
1 answer

How to capture the time duration inside an enclave?

Measuring run time is a significant aspect of perfromance evaluation. Now I want to evaluate the performance of several codes inside the SGX enclave (the trusted execution environment), and I noticed the Intel SGX provides an API called…
tuziYou
  • 33
  • 5
2
votes
1 answer

How does a client share a secret with an Intel SGX enclave instance, without letting the server hosting the enclave knowing it?

I am aware that there are SSL libraries available for SGX. But How to establish a secret between the SGX and the clients without letting the host knows it? Trivial methods fail, like: Have a public-private key pair built-in the SGX, then the client…
ssq stone
  • 21
  • 2
1
2
3
11 12