Is EdgelessDB the same way with Mysql writes data to disk?

edgelesssys / edgelessdb

EdgelessDB is a MySQL-compatible database for confidential computing. It runs entirely inside a secure enclave and comes with advanced features for collaboration, recovery, and access control.

https://edgeless.systems/products/edgelessdb

GNU General Public License v2.0

170 stars 17 forks source link

Is EdgelessDB the same way with Mysql writes data to disk? #95

Closed CoconuterTATA closed 1 year ago

CoconuterTATA commented 2 years ago

Hi, @thomasten, I am doing some researches about how the database writes data to the disk. So, I wonder if EdgelessDB is the same way with Mysql to write data on disk.If it is not, could you refer me some docs for me to reserach? Thank u for ur time.

thomasten commented 2 years ago

Unfortunately, we don't have architecture docs yet.

Some pointers:

EdgelessDB only allows RocksDB as storage engine.
Writing data to disk is similar to MariaDB or MySQL tables that use RocksDB storage engine.
The difference is that we added authenticated encryption to RocksDB, which better fits the enclave attack model.
You may take a look at the commits of https://github.com/edgelesssys/edgeless-rocksdb that we put on top of the original RocksDB.

CoconuterTATA commented 2 years ago

Hi, @thomasten Thanks for your answering. I checked the commits Encrypt WAL and manifest & Encrypted SST files. I find it takes AES-GCM as the encryption type. Is the encryption not implemented in enclave? And, the difference of edgeless-rocksdb and rocksdb are just encryption to the SST & WAL & manifest? Thank you for your time.

thomasten commented 2 years ago

Yes, the AES-GCM encryption is the only main difference. But it's an important one because the default encryption of RocksDB and MariaDB aren't strong enough for the enclave attack model.

Yes, the AES-GCM encryption runs inside the enclave. In fact, when used with EdgelessDB, all of edgeless-rocksdb runs inside the enclave. EdgelessDB generates a random master key that edgeless-rocksdb uses for deriving keys for the individual files. EdgelessDB uses the SGX seal key to protect the master key.

CoconuterTATA commented 2 years ago

Hi, @thomasten Thank you for replying. I checked the white paper of SGX, the size of the enclave is 128MB. So, I want to know how put the edb(more than 128MB) into the enclave? And I want to know where did call func encrypt and func decrypt in edb? Thank you for your time.

thomasten commented 2 years ago

You can allocate more memory than the enclave page cache (EPC) size. This will result in swapping to normal memory. It's secure, but slow. EPC size had been increased to 256MB on newer CPUs and since Icelake it's 1TB, so even large enclaves are fast on Icelake.

EDB writes the masterkey to an in-enclave environment variable (not accessible from the host): https://github.com/edgelesssys/edgelessdb/blob/a82ac11072f70a0c87e738b9ad7cfda46d91fffc/edb/core/key.go#L125-L131

edgeless-rocksdb uses this key: https://github.com/edgelesssys/edgeless-rocksdb/blob/119163a750a72aebd17b376a487fda3f70dd8c76/file/encrypted_file.cc#L52-L57