An software operating below Intel SGX can invoke EGETKEY to acquire an encryption key from the CPU HW. The identical key can be obtained every time the appliance is run. This enables the appliance to encrypt information with the important thing (a/okay/a seal it to the SGX enclave), exit, restart, after which decrypt the information once more. Nevertheless, since nothing exterior that individual SGX enclave can get hold of the important thing, nothing exterior the enclave can entry the information. Thus, securely saving persistent information throughout separate invocations of an SGX enclave is feasible.
Is there any equal to this with AMD’s SEV? I can not discover one:-(
Plainly AMD’s SEV mannequin is somewhat completely different from SGX; fairly than the encrypted VM having the ability to get hold of a persistent key from the HW, some distant/exterior entity would offer any required crypto keys to the VM over a trusted channel after verifying the HW’s attestation that the anticipated code is operating contained in the VM. Nevertheless, I might prefer to create a VM that is self-contained, and may handle its personal information encryption/sealing with out requiring an exterior entity to know/retailer/present the important thing, as is feasible with SGX. Is that this potential?
Notes on rejected potentialities:
- Embedding the important thing into the VM picture won’t clear up the problem; an exterior entity may merely study the VM picture and extract the important thing.
- Storing the important thing in a TPM will not assist; some other software program on the host may make use of the identical key within the TPM, for the reason that TPM would not distinguish between completely different (completely different items of software program) shoppers on the identical system, and so would permit any software program to make use of the important thing, not simply the one VM that “owns” the important thing. Whereas TPM keys can have authorizations (basically passwords) hooked up to them, this might create a round subject; learn how to present the authorization worth solely to the one VM.