Question

In: Computer Science

SGX Why is the initial program loaded into an SGX enclave unencrypted? What does a client...

SGX

  1. Why is the initial program loaded into an SGX enclave unencrypted?
  2. What does a client program have to verify before passing secrets to an SGX enclave?
  3. What state must be encrypted to protect the contents of an SGX enclave from the operating system or virtual machine monitor?
  4. Suppose code in an SGX enclave is waiting for data to arrive and calls the read() system call. What conditions must it check after the read() call returns to make sure it executes correctly?

Solutions

Expert Solution

Q) why is the inital program loaded into an SGX enclave unencrypetd?

Ans: Intel SGX provides secure enclave in which the code and data are hidden form the outside world including privileged code such as the OS. by default enclave the code prior to initialization can be disassembled and therefor no secret can be embedded in binary this is problem for developers wishing the protect code secrete.

-SGC , a nearly-transparent framework that enables enclave code confidentiality. The key idea is to treat program code as data and dynamically restore secrets after an enclave is initialized. SGX can be integrated into any enclave, providing a mechanism to securely decrypte or deliver the secret code with the assistance of a developer controlled trusted remote party.

-SGX Enclaves. The first step in creating an enclave is to call the instruction ECREATE. This allocates memory inside the Enclave Page Cache (EPC) to hold enclave code and data.

-EPC memory is encrypted by the Memory Encryption Engine (MEE) and decrypted when accessed by enclave code.

-SGX must also calculate the enclave’s measurement, a cryptographic hash that is used for remote attestation. This is done with the EEXTEND instruction. Every time EEXTEND is executed, it measures 256 bytes, and therefore it must be executed 16 times to cover a full page.

-The original vendor of software can ensure that the code that the client is running is identical to the code provided by the vendor. This also defends against any tampering of program code.

Advantages:

- Data Confidentiality.

- Data Confidentiality.

Q2) What does a client program have to verify before passing secrets to an SGX enclave?

Ans: Intel SGX (Software Guard Extension) technology, available in Skylake and later processors, allows to create secure memory regions (enclaves) protected with hardware encryption in the SoC (system on chip).

-The data is in cleartext only inside the processor. It is encrypted in the SoC before leaving to the main memory, and decrypted in SoC upon fetching from the main memory. Paging is done on encrypted data.

-This is a powerful security tool, but it is highly challenging for usage in practical systems. One of the main challenges is a complex trust establishment mechanism required to verify the CPU and the application binary running in the enclave.

-Without verification, the user can not send secrets (such as data encryption keys) to the enclave, because the CPU can be substituted by a fake processor that leaks the secrets to a malicious party, and the application binary could be replaced by malicious code that leaks the data even in a genuine SGX CPU.

-Intel specifies a procedure for such verification, called “remote attestation” and provides example code for using it. Unfortunately, the SGX toolkit doesn’t have an end-to-end mechanism that implements this procedure.

-Instead, the SGX SDK contains a collection of API calls that can be utilized by an expert developer to create such mechanism.

-The remote attestation is followed by sending data encryption keys, or other secret information, to the enclave. We have implemented an easy-to-use mechanism for sending such secrets from clients to enclaves, and opening the secrets inside enclaves  all performed by simple API calls.

The Trust Management Framework has two main components:

  • TruCE server: A standalone process that registers with Intel Attestation Service and assists in the remote attestation of cloud enclaves.
  • TruCE SDK: A toolkit for application development. It has API and libraries for the trusted (enclave) part of the cloud application, the untrusted part of the cloud application, and the off-cloud client code that interacts with the cloud application.

TruCE is a service model that can have different implementations underneath, yet exposes the same interface to applications. Currently, we have two implementations, one based on an Intel prototype sample code, and the other developed by IBM as part of the RestAssured project.

Remote attestation has the following goals:

  1. Verify that the attestation report was indeed created in a genuine Intel SGX hardware.
  2. Verify that the code being executed by the enclave has not been tampered with.
  3. Create a secure channel between an external client and the enclave and pass a secret to the enclave using this secure channel.

Q3) What state must be encrypted to protect the contents of an SGX enclave from the operating system or virtual machine monitor?

Ans: He first step in creating an enclave is to call the instruction ECREATE. This allocates memory inside the Enclave Page Cache (EPC) to hold enclave code and data

-. EPC memory is encrypted by the Memory Encryption Engine (MEE) and decrypted when accessed by enclave code. Enclave contents are added with the EADD instruction, which copies a 4KB page from ordinary memory into an EPC page. However, SGX must also calculate the enclave’s measurement, a cryptographic hash that is used for remote attestation. T

-his is done with the EEXTEND instruction. Every time EEXTEND is executed, it measures 256 bytes, and therefore it must be executed 16 times to cover a full page. The enclave cannot be entered until it has been initialized with the EINIT instruction. However, unless the enclave’s measurement matches the original measurement calculated by the enclave’s creator, the hardware will not initialize it.

-The creator of the enclave provides the measurement inside the SIGSTRUCT data structure, which the creator signs with their private key and provides along with the enclave.

-After remote attestation is complete, a server is assured that the enclave it is talking to matches its declared measurement, and a secure channel has been established between them, allowing the server to provide secrets to the enclave.

Q4) Suppose code in an SGX enclave is waiting for data to arrive and calls the read() system call. What conditions must it check after the read() call returns to make sure it executes correctly?

-As stated earlier, we aim to require as few changes as possible to an SGX application, and our solution was to sanitize all developer functions.

-This requires no input from the developer, as the white list is identical for all SGX applications. However, we do require a developer to call elide_restore in order to restore enclave functions.

-One solution would be to insert a call to elide_restore at the top of all ecalls before the original functions are restored, meaning the first ecall to be called would restore the enclave before continuing.

-In addition, by explicitly having developers call elide_restore, they can handle various errors the enclave might encounter (e.g  a network error)

-Therefore, the only changes a developer must make to the enclave application are adding the library and a single call to elide_restore. However, the library also requires an authentication server to give an attested enclave the data it needs to restore its functions.

-Our framework contains a very small number of public API functions: only one ecall (elide_restore) and two ocalls (elide_server_request and elide_read_file). The ocalls are automatically called by our library, so the required developer effort is minimal.Finally, in our framework, the server stands alone and requires no developer input, but in many applications it may be desirable for the developer to add custom functionality between enclave and server.

-Thus our framework only requires a server with access to the secret data and metadata that the enclave requires.


Related Solutions

Client side program: Develop a client side program which will do the following: The client side...
Client side program: Develop a client side program which will do the following: The client side would accept the customer ID and the amount that customer has spent. The client will then forward the customer ID and the amount spend the server. (Include field validation wherever possible) a. Request connection to the server b. Accept and forward the necessary data to the server c. Receive and display the results from the server d. Close the connection after use
Create a program that stores the information of up to 50 containers loaded on ship. The...
Create a program that stores the information of up to 50 containers loaded on ship. The program should contain a menu to do the following: A or a     to add a container. R or r      to retrieve the information of one container. T or t      to retrieve the information of all containers. W or w   to retrieve the total weight of the loaded containers. X or x      to exit the program Ask the user for the number of containers to...
In java What program would you write to solve the following problems and why does it...
In java What program would you write to solve the following problems and why does it work? Please also comment on other students’ code at least three times. 1) Implement MyArrayStack (constructor, push, pop, peek and isEmpty), and MyLinkedQueue with both next and previous pointers (constructor, enqueuer/offer, dequeuer/poll, peek and isEmpty), and write the following two program to test them. You must use MyArrayList or MyLinkedList for the implementation. 2) For stack testing, write a program to check if a...
In java What program would you write to solve the following problems and why does it...
In java What program would you write to solve the following problems and why does it work? Please also comment on other students’ code at least three times. 1) Write code to partition a linked list around a value x, such that all nodes less than x come before all nodes greater than or equal to x. If x is contained within the list, the values of x only need to be after the elements less than x. The partition...
Training Program: Design a full 12-week periodized training program for the client described in the Client...
Training Program: Design a full 12-week periodized training program for the client described in the Client Profile. Be very specific as you design the training program. This is an opportunity for you to demonstrate your full comprehension of the information and concepts discussed throughout the course. List the types of exercise, duration, sets, reps, rest intervals, and so on. Include the following in your case study submission: A description of your professional responsibilities as discussed in the stages of the...
What java program would you write to solve the following problems and why does it work?...
What java program would you write to solve the following problems and why does it work? Please also comment on other students’ code at least three times. 1) Implement MyArrayStack (constructor, push, pop, peek and isEmpty), and MyLinkedQueue with both next and previous pointers (constructor, enqueuer/offer, dequeuer/poll, peek and isEmpty), and write the following two program to test them. You must use MyArrayList or MyLinkedList for the implementation. 2) For stack testing, write a program to check if a string...
What program would you write to solve the following problems and why does it work? Please...
What program would you write to solve the following problems and why does it work? Please also comment on other students’ code at least three times. 1) Write code to partition a linked list around a value x, such that all nodes less than x come before all nodes greater than or equal to x. If x is contained within the list, the values of x only need to be after the elements less than x. The partition element x...
What java program would you write to solve the following problems and why does it work?...
What java program would you write to solve the following problems and why does it work? Please also comment on other students’ code at least three times. 1) Implement MyArrayList and MyLinkedList using MyList interface and MyAbstractList as defined in Java Collection Framework. 2) For the following problem use your own created MyArrayList or MyLinkedList if needed. Given an array of words and a width maxWidth, format the text such that each line has exactly maxWidth characters and is fully...
1. What does the following program do? 2. What output does the program produce? 3. Examine...
1. What does the following program do? 2. What output does the program produce? 3. Examine the program code carefully. Is the program functioning correctly? 4. If you do not think the program is working correctly, describe why? 5. Include one screenshot of the program's output. C++ PROGRAM: #include <iostream> #include <pthread.h> #include <stdlib.h> int count; void* myFunction(void* arg) { int actual_arg = *((int*) arg);    for(unsigned int i = 0; i < 10; ++i) { count++; std::cout << "Thread...
What is the attorney-client privilege? What are the exceptions to this rule? How does it function...
What is the attorney-client privilege? What are the exceptions to this rule? How does it function in the criminal justice system? Do you think it is honored more often than not by attorneys and the court system? Why or why not? Give examples to support your position.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT