Stack Overflow
Stack Overflow

Questions tagged [sgx]

Intel SGX is a set of CPU instruction extensions that allows application developers to create applications that retain the confidentiality and integrity of select data and code using Secure Enclaves.

Intel SGX is a set of CPU instruction extensions that allows application developers to create applications that retain the confidentiality and integrity of select data and code using secure Enclaves.

Enclaves are protected areas of execution. Application code can be put into an enclave via special instructions and software made available to developers via the Intel SGX SDK. The SDK and documentation are available at:

Requirements

SGX requires 6th Generation Intel Core Processors (Skylake) or later.

The Windows SDK requires a 64-bit version of Windows 7 or above, and the Microsoft Universal C Runtime.

The Linux SDK requires Ubuntu Desktop-16.04-LTS 64-bit.

175 questions
1
vote
0 answers

What does the large voluntary context switches indicate for sgx enclave?

I try to do a simple benchmark to compare the performance of a piece of python code running inside/outside intel sgx enclave. the code is quick simple (I got from online) import time from resource import getrusage, RUSAGE_SELF def long_function(): …
chen lin
  • 125
  • 7
1
vote
1 answer

Conclave does not start in release mode after passing -PenclaveMode=release

I am trying to start Conclave in release mode, followed instructions as below : // Firstly, built the signing material: ./gradlew prepareForSigning -PenclaveMode=release // Generated a signature from the signing material. The password for the…
Pooja Kamat
  • 21
  • 3
1
vote
1 answer

How can I deploy SGX apps on Kubernetes?

I recently learned that Intel SGX processors are able to encrypt enclaves for persistent storage to disk. After this, I started to write my first SGX apps and now I am wondering if there is any opportunity to deploy them on Kubernetes?
jayare
  • 33
  • 2
1
vote
0 answers

Intel SGX RemoteAttestation: failed to verify Signature of the SP at the client side

Basing of this source, I would like to implement Service Provider (SP) functionality in a Node JS server. However, even though I think I follow the algorithm in the RA Sample, the SGX-enabled client (in my case, isv_app from RemoteAttestation…
kmalarski
  • 92
  • 9
1
vote
2 answers

How to check memory usage of application in sgx enclave

So I have a python script running in sgx enclave using graphene. I need to check values like memory utilization and cpu utilization. How can I check these values of the script running inside enclave?
Jake Hemmington
  • 15
  • 4
1
vote
0 answers

What is the preferred way of CI/CD with Intel SGX applications?

I want to create a CI/CD workflow for an Intel SGX based application hosted on github. The problem with that is most of the publicly available platforms, afaik, such as Travis, Circle do not have sgx enabled machines. Installing Jenkins on a…
FatSnake
  • 51
  • 3
  • 10
1
vote
1 answer

Intel SGX pass ints from Application to Enclave

I am trying to pass two integers to the SGX enclave, combine them and then return the result back to the application. However, nothing seems to happen when compiling the code aside from the enclave getting created. No error given and it seemingly…
user2598754
  • 11
  • 1
1
vote
1 answer

Failed to use the confidential computing VM deployment service in Azure

I created an Azure account which is promised to be able to use all the services in Azure for free for a month. However, I always failed to create a confidential computing VM in the verification phase. The error report I got is: …
tuziYou
  • 33
  • 5
1
vote
1 answer

Why does SGX calling ioctl so many times?

When I analysis sgx process by using strace, ioctl function is called so many times after mmap function like below. 1424  11:18:56 mmap(NULL, 4194304, PROT_NONE, MAP_SHARED, 4, 0) = 0x7f7e6a800000 1424  11:18:56 ioctl(4, _IOC(_IOC_WRITE, 0xa4, 0x00,…
karoha
  • 73
  • 3
1
vote
1 answer

How MRENCLAVE value works in intel SGX remote attestation?

I wonder how MRENCLAVE value works in intel SGX remote attestation. I found that "MRENCLAVE uniquely identifies any particular enclave, so using the Enclave Identity will restrict access to the sealed data only to instances of that enclave. NOTE:…
송제호
  • 45
  • 5
1
vote
1 answer

How to prove that certain data is calculated(or generated) inside Enclave(Intel SGX)?

How to prove that certain data is calculated(or generated) inside Enclave(Intel SGX)? I tried to generate asymmetric key pair inside enclave(private key might be invisible to outside), and then expose public key with evidence(i guess quote or…
송제호
  • 45
  • 5
1
vote
0 answers

How is Intel SGX different from a Sandbox?

What are the differences between a sandbox environment and Intel Software Guard Extensions?
Devharsh Trivedi
  • 561
  • 8
  • 23
1
vote
1 answer

How can we run two functions in different enclaves in parallel?

I'm a beginner of Intel SGX. I was wondering whether SGX supports running two functions in different Enclaves in parallel? E.g., Function A is in Enclaves En_A, and Function B is in Enclaves En_B. Is it possible that an application calls Functions A…
ignorer
  • 327
  • 1
  • 11
1
vote
1 answer

Intel SGX Service Provider

I want to implement in my project the Intel SGX remote attestation mecanisme. this mecanisme requires the Service Provider and a IAS server. My problem is: what is exactly a Service Provider, is it an ordinary server in which we install an API or…
ramzi
  • 21
  • 3
1
vote
0 answers

How could I get the public key generated in the sgx enclave by the function sgx_ecc256_create_key_pair()?

I am new with Intel SGX development and I am developing an application on Intel SGX. I want to create a Public/Private key in my enclave. I used the function sgx_ecc256_create_key_pair as mentioned here How could I get my public key to my…
ramzi
  • 21
  • 3
1 2 3
11 12