⚙️
Morphisms: Confidential Serverless Containers
  • Introduction
  • Preliminaries
    • What is Confidential Computing?
      • Threat Model
      • Intel SGX
        • Threat Model
        • Memory Layout
        • Memory encryption
        • Enclave Lifecycle
        • Entering and Exiting an Enclave
        • Measurement
        • Certificate
        • Key Derivation
        • Attestation
        • Gramine
        • SGX2
        • Secret Key Provisioning
      • AMD SEV-SNP
        • Encrypted CPU Registers
        • Memory encryption
        • Secure Nested Paging
        • Virtual Machine Privilege Levels (VMPL's)
        • Cryptographic Keys
        • Secret Key Provisioning
        • Guest Deployment
    • Serverless (FaaS)
      • Knative
  • Confidential Serverless Containers
    • Introduction
    • Intel SGX
      • Threat Model
      • Remote attestation verification
      • Secure Storage
        • HashiCorp's Vault
      • Architecture
        • Confidential Knative
        • Certificates
        • Session Management
      • Confidential Container Configuration
    • AMD SEV-SNP
      • Threat Model
      • Architecture
        • Network communication
        • KMS
        • Updates
        • Key rotation
      • Design Decision
  • Benchmarks
    • Hardware
    • Results
    • Architecture Comparison
  • Getting Started
    • FAQ
    • Intel SGX
    • AMD SEV-SNP
  • Glossary
    • SGX Glossary
    • AMD SEV-SNP Glossary
Powered by GitBook
On this page
  1. Preliminaries
  2. What is Confidential Computing?
  3. Intel SGX

Threat Model

The threat model in Threat Model also applies to Intel SGX. In this section, the threat model will be extended and made more specific to SGX. An internal threat is able to use a high-resolution microscope to read the data stored in the fuses. Fuses are one-time programmable read-only memories that are large and easily read by this type of attack. Intel stores SGX-specific key material in fuses inside the CPU, but to make it more difficult for an attacker, the key material is encrypted in the fuses. The encryption key used is hard-coded into the circuitry of the CPU and the encryption algorithm is AES-128. Intel SGX does not protect against cache timing attacks, software side-channel attacks using performance counters, and power analysis attacks. Detailed documentation of the SGX hardware implementation is not publicly available at the time of this writing. This makes it difficult to analyze potential side-channel attacks.

PreviousIntel SGXNextMemory Layout

Last updated 1 year ago