search

intel / linux-sgx

Intel SGX for Linux*
https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/linux-overview.html
Other
1.33k stars 543 forks source link

Is the following is possible using SGX? #982

Open JamesSmartCell opened 1 year ago

JamesSmartCell commented 1 year ago

Hi @llly, can I ask your advice on using SGX enclaves?

would the following architecture using SGX be possible:

Consider 3 nodes:

  1. Service Node
  2. Enclave Node (has SGX Enclave)
  3. ISV Node with API.

The workflow would be:

  1. The Service node establishes comms with the Enclave node, which proves it is a valid Enclave running the previously provided software (presumably using SGX quote).
  2. The Service node, on establishing that the Enclave is trustworthy sends a task request to the Enclave Node.
  3. As part of the task request, the Enclave node is required to call an API on the ISV node. That ISV node would be provided with software which can perform the same Enclave challenge as the service node to establish that the Enclave node is a trusted SGX Enclave running the correct software and hence a valid 'agent' of the Service node, which would be sufficient trust to process the API request which may be a state change.

My main questions are:

llly commented 1 year ago

It's possible. Service Node can run either Enclave(QVE) or library(QVL) to validate Enclave Node. See QuoteVerificationSample. Basic process could be:

  1. Service Node generates a pair of private and public key and sends the public key to ISV Node.
  2. Service Node validates quote of Enclave Node and establishes an encrypted session. There is an example SampleAttestedTLS.
  3. Service Node sends the private key into Enclave via the encrypted session.
  4. Enclave encrypt or sign payload using the private key.
  5. Enclave Node send encrypted payload or payload with signature to ISV Node with API.
  6. ISV Node decrypt payload or verify signature using the public key from step 1.
  7. If step 6 succeeds, ISV Node now conforms the Enclave Node is a valid 'agent' of the Service node since it has the correct private key.
JamesSmartCell commented 1 year ago

Thankyou @llly. This makes a lot of sense, I will proceed using this approach.