📃
Confidential Computing 101
HomeTechnologyTry CC!
  • Welcome
  • Confidential Computing
    • What is Confidential Computing
    • What problems Confidential Computing solves
      • Bare Metal
      • Docker
      • Kubernetes
      • Knative
    • Why Confidential Computing
    • How Confidential Computing works
      • Memory Encryption
      • Workload Attestation
      • Confidential Boot
      • Sealing / Binding
      • Secret Provisioning
    • Technology Overview
    • Cloud Service Providers
  • Technology in depth
    • Intel SGX
      • Getting Started
        • Bare Metal Server Installation
        • Enclave Development Environment
        • Intel SGX SDK Setup
      • Technology
        • 🎭Features
        • 💂Threat Model
        • 🆚Versions
        • 🟦Concepts
          • 🏦Memory Encryption
          • 👮Local and Remote Attestation
          • 🖼️DCAP-Attestation Framework
          • 🔑Secret Key Provisioning
      • enclaive Development Kit
        • 🏢Architecture
        • 🌪️Workflow
        • 🌍Tutorials
          • Azure DCdsv3, DCsv2, or DCsv3 Setup
          • Redis in cK8s
          • MongoDB in cK8s
          • K8s + HashiCorp Vault on Azure DCsv3
      • Vault Remote Attestation Plug-In
        • 🏃‍♂️Initialization
        • 👮Attestation
        • ⚙️Configuration
    • Intel TDX
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
          • VT
          • TME/MKTME
          • SGX
        • Features
        • Threat Model
        • Concepts
          • Architecture
            • TDX Module
          • Memory Encryption
            • Confidentiality and Integrity
            • Keys and Key Management
          • TD Partitioning
          • DCAP-Attestation
            • Overview
            • Platform Registration
            • Attestation Report
    • AMD SEV
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
        • Threat Model
        • SME Concepts
          • Use Models
        • SEV-SNP Concepts
          • Features
            • Integrity Threats
            • Reverse Map Table
            • Page Validation
            • Page States
            • Virtual Machine Privilege Levels
            • Interrupt/Exception Protection
            • Trusted Platform Information
            • TCB Versioning
            • VM Launch & Attestation
            • VM Migration
            • Side Channels
          • Use Cases
          • Architecture
            • Encrypted Memory
            • Key Management
          • Software Implications
    • ARM CC
      • Technology
        • Introduction
        • Threat Model
        • Design
        • Comparison
    • Attestation Methods
      • Raw Attestation
      • Raw Attestation with Secure-Boot
      • Raw Attestation with a vTPM
        • AMD Secure VM Service Module and vTPMs
      • Raw Attestation with paravirtualized TPM
  • Resources
    • Youtube
    • Github
    • Products
Powered by GitBook
On this page

Was this helpful?

  1. Technology in depth
  2. Intel SGX
  3. Technology
  4. Concepts

Secret Key Provisioning

A secure secret key provisioning protocol is employed when an enclave needs to receive secret keys that cannot be sealed for persistence but instead need to be installed into the enclave. It is important to note that an enclave program resides on the host, and including any secrets such as TLS certificates' private keys or environment variables containing admin passwords directly in the program package or file system is not recommended. Considering the threat model where adversaries have control over the host, it must be assumed that they can access the program and potentially reverse-engineer the secrets.

Suppose the secret keys are encrypted using AES256-bit encryption and loaded into the enclave. The next step is to establish a mechanism to securely provision the decryption keys into the enclave. The provisioning protocol incorporates concepts from secure channel protocols like TLS, combined with remote authentication (RA). The protocol operates between enclave A and a relying party B, following these steps:

  1. Enclave A initiates an RA-TLS channel with the relying party. The enclave sends a certificate containing a remote attestation quote through this channel.

  2. The relying party verifies the remote attestation quote received from enclave A. Upon successful verification, indicating the integrity and authenticity of the enclave, the relying party proceeds with the provisioning process.

  3. Using the secure TLS channel established in Step 1, the relying party securely transfers the provisioned secret keys to enclave A.

It is worth mentioning that variations of the protocol may require performing remote attestation of the relying party as well, ensuring mutual authentication between enclaves.

By employing this secure secret key provisioning protocol, enclaves can receive the necessary decryption keys in a protected manner, mitigating the risks associated with exposing sensitive secrets to potential adversaries who control the host environment.

Last updated 11 months ago

Was this helpful?

🟦
🔑