Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/donnod/linux-sgx-mage
https://github.com/donnod/linux-sgx-mage
Last synced: 1 day ago
JSON representation
- Host: GitHub
- URL: https://github.com/donnod/linux-sgx-mage
- Owner: donnod
- License: other
- Created: 2019-09-04T08:42:57.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2022-09-07T03:40:15.000Z (almost 2 years ago)
- Last Synced: 2024-02-29T01:34:59.121Z (4 months ago)
- Language: C++
- Size: 23.4 MB
- Stars: 17
- Watchers: 1
- Forks: 6
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: License.txt
Lists
- Awesome-SGX-Open-Source - https://github.com/donnod/linux-sgx-mage
README
# MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties
MAGE is an extension of Intel SGX SDK ([v2.6](https://github.com/intel/linux-sgx/tree/sgx_2.6)) to support mutual attestation for a group of enclaves without trusted third parties.
The extension includes:
### MAGE Library ([sdk/mage](sdk/mage)):
- Reserve a read-only data section, named `.sgx_mage`, to store auxiliary information for mutual attestation.
- Provide APIs for deriving trusted enclaves' measurements from `.sgx_mage`.
### Modified Enclave Loader ([psw/urts/loader](psw/urts/loader.cpp), [psw/urts/parser](psw/urts/parser)):
- Change the order of loading EPC pages, so that the EPC pages in `.sgx_mage` section are loaded after all other EPC pages.
### Modified Signing Tool ([sdk/sign_tool/SignTool](sdk/sign_tool/SignTool)):
- Extract auxiliary information from enclaves.
- Insert auxiliary information into the `.sgx_mage` section of enclaves.
Build Instructions
------------
Follow the original build instructions to build the SDK [linux-sgx_2.6](https://github.com/intel/linux-sgx/tree/sgx_2.6).
Sample Code
------------
Sample Code for three enclaves to mutually derive measurements is provided in [SampleCode/MutualAttestation](SampleCode/MutualAttestation).
Integration with Open-Sourced SGX Application
------------
[OPERA-MAGE: Open Remote Attestation for Intel's Secure Enclaves (MAGE version)](https://github.com/donnod/opera-mage)
Artifact Evaluation
------------
This repo is an prototype implementation of the following paper:
[USENIX Security’22] *MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties* by Guoxing Chen and Yinqian Zhang
The code and instructions for reproducing the results presented in the paper can be found in [sec22ae](https://github.com/donnod/sec22ae).