Kailai-Wang
commented
3 months ago That will be a great improvement.
Also Rsa3072KeyPair in rust-sdk doesn't seem that stable, sometimes it works with only certain Intel-SDK version (e.g. 2.19, but not 2.21+). In rust SDK 2.0.0 - the ucrypto feature doesn't work reliably either, see https://github.com/apache/incubator-teaclave-sgx-sdk/issues/456
Needs to first be researched in depth
RSA should be deprecated as it should no longer be considered secure
NaCl is scheme enabling asymmetric encryption and authentication at the same time, based on ed25519. We would still need a shared secret among all enclaves operating the same shard, but it could be an ed25519 secret key instead of an RSA one. We may even want to use that shared ed25519 key as a "per shard" account on Integritee Network.
Good docs come with the python lib: https://pynacl.readthedocs.io/en/latest/public/
The rust lib seems unmaintained: https://crates.io/crates/nacl