Leveraging Intel SGX to Create a Nondisclosure Cryptographic library
Enforcing integrity and confidentiality of users' application code and data is a challenging mission that any software developer working on an online production grade service is facing. Since cryptology is not a widely understood subject, people on the cutting edge of research and industry are...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Mofrad, Mohammad Hasanzadeh Lee, Adam |
| description | Enforcing integrity and confidentiality of users' application code and data
is a challenging mission that any software developer working on an online
production grade service is facing. Since cryptology is not a widely understood
subject, people on the cutting edge of research and industry are always seeking
for new technologies to naturally expand the security of their programs and
systems. Intel Software Guard Extension (Intel SGX) is an Intel technology for
developers who are looking to protect their software binaries from plausible
attacks using hardware instructions. The Intel SGX puts sensitive code and data
into CPU-hardened protected regions called enclaves. In this project we
leverage the Intel SGX to produce a secure cryptographic library which keeps
the generated keys inside an enclave restricting use and dissemination of
confidential cryptographic keys. Using enclaves to store the keys we maintain a
small Trusted Computing Base (TCB) where we also perform computation on
temporary buffers to and from untrusted application code. As a proof of
concept, we implemented hashes and symmetric encryption algorithms inside the
enclave where we stored hashes, Initialization Vectors (IVs) and random keys
and open sourced the code (https://github.com/hmofrad/CryptoEnclave). |
| doi_str_mv | 10.48550/arxiv.1705.04706 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_1705_04706</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1705_04706</sourcerecordid><originalsourceid>FETCH-LOGICAL-a676-11b9cd54c761ecd3b34faca541acb0ae6ed3ba9b57f6678d585020df0541f1503</originalsourceid><addsrcrecordid>eNotj71OwzAUhb0woMIDMOEXSLgm_knHKkCpFJWBDmzRtX2dWgpJ5ISKvj2hMB3p09E5-hi7E5DLUil4wPQdT7kwoHKQBvQ1e6rpRAnb2Ld818_U8fftB58HXiXCmTjy_dD7OLlumL4SLfg8zkObcDxGx7toE6bzDbsK2E10-58rdnh5PlSvWf223VWbOkNtdCaEXTuvpDNakPOFLWRAh0oKdBaQNC0M11aZoLUpvSoVPIIPsDSCUFCs2P3f7EWjGVP8XM6bX53molP8AGDSRYk</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Leveraging Intel SGX to Create a Nondisclosure Cryptographic library</title><source>arXiv.org</source><creator>Mofrad, Mohammad Hasanzadeh ; Lee, Adam</creator><creatorcontrib>Mofrad, Mohammad Hasanzadeh ; Lee, Adam</creatorcontrib><description>Enforcing integrity and confidentiality of users' application code and data
is a challenging mission that any software developer working on an online
production grade service is facing. Since cryptology is not a widely understood
subject, people on the cutting edge of research and industry are always seeking
for new technologies to naturally expand the security of their programs and
systems. Intel Software Guard Extension (Intel SGX) is an Intel technology for
developers who are looking to protect their software binaries from plausible
attacks using hardware instructions. The Intel SGX puts sensitive code and data
into CPU-hardened protected regions called enclaves. In this project we
leverage the Intel SGX to produce a secure cryptographic library which keeps
the generated keys inside an enclave restricting use and dissemination of
confidential cryptographic keys. Using enclaves to store the keys we maintain a
small Trusted Computing Base (TCB) where we also perform computation on
temporary buffers to and from untrusted application code. As a proof of
concept, we implemented hashes and symmetric encryption algorithms inside the
enclave where we stored hashes, Initialization Vectors (IVs) and random keys
and open sourced the code (https://github.com/hmofrad/CryptoEnclave).</description><identifier>DOI: 10.48550/arxiv.1705.04706</identifier><language>eng</language><subject>Computer Science - Cryptography and Security</subject><creationdate>2017-05</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,881</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/1705.04706$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.1705.04706$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Mofrad, Mohammad Hasanzadeh</creatorcontrib><creatorcontrib>Lee, Adam</creatorcontrib><title>Leveraging Intel SGX to Create a Nondisclosure Cryptographic library</title><description>Enforcing integrity and confidentiality of users' application code and data
is a challenging mission that any software developer working on an online
production grade service is facing. Since cryptology is not a widely understood
subject, people on the cutting edge of research and industry are always seeking
for new technologies to naturally expand the security of their programs and
systems. Intel Software Guard Extension (Intel SGX) is an Intel technology for
developers who are looking to protect their software binaries from plausible
attacks using hardware instructions. The Intel SGX puts sensitive code and data
into CPU-hardened protected regions called enclaves. In this project we
leverage the Intel SGX to produce a secure cryptographic library which keeps
the generated keys inside an enclave restricting use and dissemination of
confidential cryptographic keys. Using enclaves to store the keys we maintain a
small Trusted Computing Base (TCB) where we also perform computation on
temporary buffers to and from untrusted application code. As a proof of
concept, we implemented hashes and symmetric encryption algorithms inside the
enclave where we stored hashes, Initialization Vectors (IVs) and random keys
and open sourced the code (https://github.com/hmofrad/CryptoEnclave).</description><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotj71OwzAUhb0woMIDMOEXSLgm_knHKkCpFJWBDmzRtX2dWgpJ5ISKvj2hMB3p09E5-hi7E5DLUil4wPQdT7kwoHKQBvQ1e6rpRAnb2Ld818_U8fftB58HXiXCmTjy_dD7OLlumL4SLfg8zkObcDxGx7toE6bzDbsK2E10-58rdnh5PlSvWf223VWbOkNtdCaEXTuvpDNakPOFLWRAh0oKdBaQNC0M11aZoLUpvSoVPIIPsDSCUFCs2P3f7EWjGVP8XM6bX53molP8AGDSRYk</recordid><startdate>20170512</startdate><enddate>20170512</enddate><creator>Mofrad, Mohammad Hasanzadeh</creator><creator>Lee, Adam</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20170512</creationdate><title>Leveraging Intel SGX to Create a Nondisclosure Cryptographic library</title><author>Mofrad, Mohammad Hasanzadeh ; Lee, Adam</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a676-11b9cd54c761ecd3b34faca541acb0ae6ed3ba9b57f6678d585020df0541f1503</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Mofrad, Mohammad Hasanzadeh</creatorcontrib><creatorcontrib>Lee, Adam</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mofrad, Mohammad Hasanzadeh</au><au>Lee, Adam</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Leveraging Intel SGX to Create a Nondisclosure Cryptographic library</atitle><date>2017-05-12</date><risdate>2017</risdate><abstract>Enforcing integrity and confidentiality of users' application code and data
is a challenging mission that any software developer working on an online
production grade service is facing. Since cryptology is not a widely understood
subject, people on the cutting edge of research and industry are always seeking
for new technologies to naturally expand the security of their programs and
systems. Intel Software Guard Extension (Intel SGX) is an Intel technology for
developers who are looking to protect their software binaries from plausible
attacks using hardware instructions. The Intel SGX puts sensitive code and data
into CPU-hardened protected regions called enclaves. In this project we
leverage the Intel SGX to produce a secure cryptographic library which keeps
the generated keys inside an enclave restricting use and dissemination of
confidential cryptographic keys. Using enclaves to store the keys we maintain a
small Trusted Computing Base (TCB) where we also perform computation on
temporary buffers to and from untrusted application code. As a proof of
concept, we implemented hashes and symmetric encryption algorithms inside the
enclave where we stored hashes, Initialization Vectors (IVs) and random keys
and open sourced the code (https://github.com/hmofrad/CryptoEnclave).</abstract><doi>10.48550/arxiv.1705.04706</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.1705.04706 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_1705_04706 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security |
| title | Leveraging Intel SGX to Create a Nondisclosure Cryptographic library |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-30T19%3A29%3A43IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Leveraging%20Intel%20SGX%20to%20Create%20a%20Nondisclosure%20Cryptographic%20library&rft.au=Mofrad,%20Mohammad%20Hasanzadeh&rft.date=2017-05-12&rft_id=info:doi/10.48550/arxiv.1705.04706&rft_dat=%3Carxiv_GOX%3E1705_04706%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |