Highest Voted 'intel-sgx' Questions - IT Security Stack Exchange

17

votes

1 answer

What are the functional similarities and differences between TPM and SGX in trusted computing?

I know about the TPM (Trusted Platform Module). In recent years, more researchers start to develop on Intel SGX, which I do not have any experience with. They are both crypto chips, but what are their functional similarities and difference? What…

tpm trusted-computing intel-sgx

asked Dec 19 '17 at 05:00

TJCLK

818
8
23

13

votes

1 answer

How does Meltdown/Spectre impact Intel SGX?

I've been reading about Meltdown and Spectre today, and I'm wondering if they impact Intel SGX enclaves. Now, my understanding of Meltdown is somewhat hazy, but AFAICT it does not impact secure enclaves, because it relies on the kernel being mapped…

intel-sgx spectre meltdown

asked Jan 04 '18 at 05:13

strugee

688
1
6
16

9

votes

1 answer

Do fTPM implementations protect against physical attacks?

I see that there is an increasing number of PCs shipped with firmware based TPM (fTPM), e.g. the Intel NUC. As far as I understand, these solutions practically emulate a TPM chip using the CPUs special instructions (ARM TrustZone or Intel SGX). This…

tpm physical-access x86 intel-sgx

asked Dec 28 '16 at 13:03

KovBal

313
2
8

7

votes

2 answers

Freshness for SGX enclaves

Future Intel processors will support SGX (Software Guard Extensions), which allows running security-critical software on your processor in a way that is isolated from all the other code. The hardware provides secure isolation, so other code can't…

appsec hardware intel-sgx

asked Jul 30 '15 at 19:09

D.W.

98,420
30
267
572

5

votes

1 answer

Could Intel SGX be dangerous under Linux?

Question Background This morning, by accident I have found, that there is basically a backdoor in a dormant state in my Dell laptop: Computrace, which comes from Absolute Software - link to their Web, link to Wikipedia. Actual Question Since I read…

linux intel-sgx

asked Mar 24 '19 at 09:04

LinuxSecurityFreak

1,562
2
18
32

5

votes

1 answer

What are the concerns, or drawbacks, regarding Intel's SGX when it comes to privacy?

I was in a workshop about privacy recently and at some point, a passionate debate started about Intel's Software Guard Extensions (SGX). Although I have a security background (Master in Information Security), I find it very difficult to understand…

privacy intel-sgx

asked May 12 '17 at 08:19

Aventinus

329
4
14

4

votes

1 answer

What Trusted Execution Environment (TEE) solutions exist for mobile devices?

A trusted execution environment (TEE) provides a way for one to deploy tamper-proof programs on a device. The most prominent example of TEEs seem to be Intel SGX for PCs. What I wonder is, if there exists an equivalent solution for mobile devices.…

mobile trusted-computing intel-sgx

asked Jun 15 '20 at 19:46

SpiderRico

177
5

4

votes

0 answers

AMD SEV equivalent of Intel SGX EGETKEY?

An application running under Intel SGX can invoke EGETKEY to obtain an encryption key from the CPU HW. The same key will be obtained each time the application is run. This allows the application to encrypt data with the key (a/k/a seal it to the SGX…

encryption virtualization intel-sgx amd

asked Apr 07 '20 at 23:18

Stephen Warren

246
1
6

4

votes

2 answers

Does Intel or Arm support private key memory?

I know some security processors have an isolated bus where you can store a private key and use it with hardware encryption without the key ever being stored in memory. Some even have key storage inside the SoC on an isolated bus so there's no…

key-management hardware arm intel-sgx

asked Mar 23 '16 at 15:34

Michael Fox

143
5

3

votes

1 answer

How does Intel SGX protect itself from being simulated?

I'm trying to understand how secure Intel SGX actually is. According to Intel: Note that developers cannot rely on a measurement supplied by system software; as noted earlier, software can always be virtualized or otherwise spoofed by suitably…

appsec intel-sgx

asked Nov 18 '17 at 10:02

rustyx

751
6
10

2

votes

1 answer

Storing LUKS master key in SGX enclave

Is it possible to store the master decryption key for accessing a LUKS encrypted volume inside an SGX enclave so that the master key cannot be accessed by any user on the system, even the root user with privileges to make system calls? Currently,…

encryption linux disk-encryption luks intel-sgx

asked Mar 16 '20 at 05:40

Michael Altfield

826
4
19

2

votes

1 answer

Intel SGX - Remote attestation

I am currently reading up on Intel's SGX, especially the remote attestation part. I am having a questions regarding this topic. Let us consider the following protocol: Enclave A and B do remote attestation. Each of them generates an asymmetric key…

man-in-the-middle remote-attestation intel-sgx

asked Jan 13 '18 at 15:26

Donut

141
4

2

votes

1 answer

Putting secrets into enclave

How a client machine could put secrets into the sgx enabled server protecting from man in the middle considering server os as malicious and also I read somewhere on internet that you should not create secrets into enclave rather you should put…

intel-sgx

asked Dec 09 '17 at 04:58

Kumar Roshan Mehta

149
1
13

2

votes

1 answer

Reverse engineering SGX executable

Is it possible to reverse engineer an Intel SGX application executable to get any meaningful text? If so, how is it secure if an adversary says a system admin could see the details of it?

reverse-engineering intel-sgx

asked Dec 08 '17 at 15:56

Kumar Roshan Mehta

149
1
13

2

votes

0 answers

Using SGX for connection establishing

I'm quite new to SGX and still trying to figure out the possibilities it provides. Currently I have two applications (A1, A2) running on a server. Both have their own enclaves created and the two enclaves are communicating over a secure channel…

intel-sgx

asked Nov 17 '16 at 22:05

wasp256

173
1
6

Questions tagged [intel-sgx]