Stack Overflow
Stack Overflow

Questions tagged [sgx]

Intel SGX is a set of CPU instruction extensions that allows application developers to create applications that retain the confidentiality and integrity of select data and code using Secure Enclaves.

Intel SGX is a set of CPU instruction extensions that allows application developers to create applications that retain the confidentiality and integrity of select data and code using secure Enclaves.

Enclaves are protected areas of execution. Application code can be put into an enclave via special instructions and software made available to developers via the Intel SGX SDK. The SDK and documentation are available at:

Requirements

SGX requires 6th Generation Intel Core Processors (Skylake) or later.

The Windows SDK requires a 64-bit version of Windows 7 or above, and the Microsoft Universal C Runtime.

The Linux SDK requires Ubuntu Desktop-16.04-LTS 64-bit.

175 questions
12
votes
1 answer

Passing C++ struct to enclave from app in Intel SGX

I have a C++ struct like this: struct node { string splitOn; string label; bool isLeaf; …
Kumar Roshan Mehta
  • 3,078
  • 2
  • 27
  • 50
9
votes
1 answer

Intel SGX simulator for Linux

According to this tutorial, it is possible to develop and run SGX applications in a simulator when developing in Windows with Visual Studio. The tutorial does not mention Linux although there is a version of the SDK available for Linux. Is the SGX…
Daniel
  • 2,380
  • 29
  • 44
8
votes
2 answers

Intel SGX Threading and vs TCS

I'm trying to understand the difference between SGX threads enabled by TCS and untrusted threading provided by SDK. If I understand correctly, TCS enables multiple logical processors to enter the same enclave. Each logical processor will have its…
qweruiop
  • 3,156
  • 6
  • 31
  • 55
7
votes
1 answer

SGX Quote attestation with IAS

I was able to use run SGX in hardware mode and retrieve the SigRL successfully from IAS. But I'm struggling when trying to perform the Quote attestation using their REST API. I used the REST API interface description here. I connected successfully…
wasp256
  • 5,943
  • 12
  • 72
  • 119
6
votes
1 answer

What is the difference between trusted computing and confidential computing?

It seems that both trusted computing and confidential computing can protect data in use. Is trusted computing based on TPM and confidential computing based on Intel SGX? Any other difference?
Just a little noob
  • 484
  • 4
  • 18
5
votes
3 answers

Linux SGX enclave with OpenSSL

I saw on the Intel website here that there is an OpenSSL library available for SGX but only on Windows. Does anyone know if there is also such an extension for Linux SGX SDK?
wasp256
  • 5,943
  • 12
  • 72
  • 119
4
votes
1 answer

Is there a clean way to detect at runtime if code is executing inside an SGX enclave?

I'm writing some code that has to be well behaved both inside and outside an SGX enclave. To that end, it would be useful to have some way to determine at runtime whether or not the code is executing inside an enclave or not. Unfortunately, after…
ac101m
  • 41
  • 1
4
votes
0 answers

How to force gRPC cpp program using single thread only

I need to run my client application (written in c++ with gRPC) in an operating system (which only support single thread). However, I noticed that grpc::InsecureChannelCredentials(); is trying to create multiple threads. Here is the output from…
J.Z
  • 411
  • 3
  • 14
4
votes
1 answer

libsgx_capable.so: cannot open shared object file: No such file or directory

I am trying to run the following code in order to enable SGX in my machine (BIOS: software controlled): //enable_device.c #include "stdio.h" #include "sgx_capable.h" #include "sgx_eid.h" #include "sgx_urts.h" #include "sgx_error.h" int main(void)…
Dalton Cézane
  • 3,672
  • 2
  • 35
  • 60
4
votes
1 answer

Side-Channel-Resistant Math Functions for C++

I'm working on an SGX project processing secret data, and at some point, I need to evaluate the natural logarithm of a floating point number. The evaluation process should be side-channel-resistant, meaning its running time and memory access…
Arya Pourtabatabaie
  • 705
  • 2
  • 7
  • 22
4
votes
2 answers

Intel SGX in virtualized environment

Is it possible to create and run Intel SGX enclaves within a virtualised environment such as Virtualbox or Docker?
wasp256
  • 5,943
  • 12
  • 72
  • 119
4
votes
2 answers

SGX - What is the difference between trusted bridge and trusted proxy?

In Intel's SGX developer guide Pointer Handling, it mentions: When a buffer is being copied, the trusted bridge must avoid overwriting enclave memory in an ECALL and the trusted proxy must avoid leaking secrets in an OCALL. What are the trusted…
xtt
  • 857
  • 1
  • 8
  • 24
3
votes
1 answer

DCAP and EPID attestation

There are two different attestation mechanism which can be used for remote and local attestation in intel SGX . Does any one know what are the differences between DCAP and EPID attestation in Intel SGX?
sama
  • 333
  • 2
  • 11
3
votes
0 answers

undefined reference to `fcntl64' when trying make mesapy

I am going to start my work with mesapy, when I want to start helloworld sample, after running command make in the directory I get error undefined reference to `fcntl64' : ~/mesapy/sgx/examples/hello_world$ make MAKE <= ../../sgx_ulibc LINK => …
sama
  • 333
  • 2
  • 11
3
votes
2 answers

How does local attestation in Intel SGX make sure code in the Enclave in safe?

I read through the 'Local Attestation' sample code. I got the idea that local attestation can construct a secure channel for transmitting private data. However, I didn't see anything related to checking the code and make sure the code running in the…
Julien
  • 71
  • 6
1
2 3
11 12