How does a client share a secret with an Intel SGX enclave instance, without letting the server hosting the enclave knowing it?

Question

I am aware that there are SSL libraries available for SGX. But How to establish a secret between the SGX and the clients without letting the host knows it? Trivial methods fail, like:

Have a public-private key pair built-in the SGX, then the client sends the session key to the SGX. The session key is encrypted by the public key of SGX.

This doesn't work because the host can get the private key directly from the compiled SGX enclave executable.

Running an https server in the SGX can neither do the trick, also because there is no authentication nor pre-shared secret between the SGX and clients.

score 1 · Answer 1 · answered Feb 29 '20 at 02:46

1

What you are looking for is called "(remote) attestation". This process is used to verify that your compiled enclave was not tampered with and that the (remote) node is indeed the one you expected it to be.

As part of the attestation step, you can securely exchange information (a session key perhaps) with the enclave.

answered Feb 29 '20 at 02:46

savx2

1,011
2
10
28

Got it. Thank you! – ssq stone Feb 29 '20 at 03:09

How does a client share a secret with an Intel SGX enclave instance, without letting the server hosting the enclave knowing it?

1 Answers1