Project description

auditee

WORK IN PROGRESS -- DO NOT USE -- DO NOT TRUST

Tool to help with auditing an SGX enclave that has been remotely attested. The idea is as follows:

Given:

a signed enclave binary file (e.g. Enclave.signed.so),
the source code used to build the enclave, and
an attestation report,

an auditor verifies:

whether the signed enclave build can be reproduced, using the source code, and a nix & docker based toolchain to rebuild the enclave binary
Whether the MRENCLAVE and ATTRIBUTES of the provided signed Enclave match that of the rebuilt one
Whether the MRENCLAVE and ATTRIBUTES match the ones from the provided report

Roughly speaking the goal is to establish that the source code was indeed the code used to build the signed enclave that has been successfully (remotely) attested.

Such an audit can help external users gain trust into a system which depends on Intel SGX and remote attestation. Without such an audit, remote attestation is not sufficient because the fact that an MRENCLAVE (enclave hash) matches that of the attestation verification report does not prove to a user of the system that the MRENCLAVE corresponds to a version of source code that they are willing to trust.

MRENCLAVE (enclave hash)

The MRENCLAVE, also known as enclave hash, from three sources must all match. The enclave hash is obtained via a measurment of the enclave code and data when an enclave is initialized. This measurement can also be simulated, and thus a verifier can obtain the MRENCLAVE using a build toolchain, and the SGX signing tool to get the SIGSTRUCT which contains the MRENCLAVE.

Hash extracted from the signed enclave (Enclave.signed.so) that is remotely attestated
Hash in the attestation report, from IAS
Hash extracted from the enclave, which was rebuilt from source code using a nix+docker based toolchain

If (1) and (3) match then the auditor can trust that they are auditing the correct code, and can trust that the report is for the enclave that is under audit, and consequently the successful attesation can be trusted in sofar that the attestation is for source code that has been audited.

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Development Status
- 1 - Planning
Intended Audience
- Developers
License
- OSI Approved :: GNU General Public License v3 (GPLv3)
Operating System
- POSIX
Programming Language
Topic
- Utilities

Release history Release notifications | RSS feed

This version

0.0.1.dev2 pre-release

Feb 18, 2021

0.0.1.dev1 pre-release

Feb 18, 2021

0.0.1.dev0 pre-release

Feb 9, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

auditee-0.0.1.dev2.tar.gz (20.8 kB view hashes)

Uploaded Feb 18, 2021 Source

Hashes for auditee-0.0.1.dev2.tar.gz

Hashes for auditee-0.0.1.dev2.tar.gz
Algorithm	Hash digest
SHA256	`4c35a65917216b13cd57b42ab8d2e61531ee5de3529ce49d2313b6ee1dbf7fa8`
MD5	`ba1357f00e3055f1f14efc88981d62c0`
BLAKE2b-256	`6a61943187c0a0c32c38117d0224c440e6913b35d23dde9d6c3077235d97b739`