You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@teaclave.apache.org by xinuo <no...@github.com> on 2020/06/29 01:00:47 UTC
[apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
你好:
1,在使用teaclave项目的过程中,我有一个疑问,我怎么去证明teaclave乃至Intel-SGX是可信环境?
2,从examples里可以看到,teaclave是读取加密文件,但是key以及cmac都是以明文的形式硬编码在脚本里(),同时我使用该key就可以解密数据.怎样去保证链路中的安全呢?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372
Re: [apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
Posted by xinuo <no...@github.com>.
谢谢解答.
不过对于明文的key在脚本(builtin_private_join_and_compute.py)里还存在疑惑:
是不是只能保证这个py文件不被别人窃取,不然,别人得到这些key也是可以通过cli进行解密?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372#issuecomment-650987824
Re: [apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
Posted by yc-huang <no...@github.com>.
@mssun attested TLS用到的TLS的实现是谁提供的,实际是运行在什么环境的,会不会因为这块的实现有漏洞(比如以前open ssl的很多漏洞)从而导致泄密?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372#issuecomment-651477482
Re: [apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
Posted by Mingshen Sun <no...@github.com>.
client/service 以及 service/service 之间使用 RPC 通信。RPC 是基于 attested TLS,简单来说,1) 通过 remote attestation 证明 Teaclave service 运行于可信环境,2) 通过 TLS 保证链路安全。
RPC 的文档有简单的介绍:http://teaclave.apache.org/docs/codebase/rpc/ ,但对于 attested TLS 可能需要一个专门的文档去描述,后续也会加入到文档中。
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372#issuecomment-650948414
Re: [apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
Posted by Mingshen Sun <no...@github.com>.
我们使用了 rustls [1],是 Rust rewrite 的 TLS 库,很大程度上避免了内存安全相关的漏洞,OpenSSL 的 heartbleed 漏洞 [2] 就是由内存安全问题引起的。
- [1] https://github.com/ctz/rustls
- [2] https://heartbleed.com/
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372#issuecomment-651484773
Re: [apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
Posted by xinuo <no...@github.com>.
@qinkunbao
非常感谢解答!
听你这样说,我应该明白了.
我可能被example所"迷惑",是我自己误解了.因为我看到是放在2个用户的key都放在同一个py文件内.
真实的场景应该是
1,用户1,用户2(相当于A1,A2)各自提交自己的payload(通过SDK方式)来创建自己的task
2,最终由平台(B)来runTask.
3,A1,A2各自等待返回的结果.
这也是我的理解,也欢迎各位指正.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372#issuecomment-651199872
Re: [apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
Posted by xinuo <no...@github.com>.
Closed #372.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372#event-3504882516
Re: [apache/incubator-teaclave] 怎么去证明teaclave是可行计算的环境呢? (#372)
Posted by Qinkun Bao <no...@github.com>.
我最近也在看SGX,这是我的理解。如有不对欢迎指出来。
A <---------> B
假设A是Client,B是encalve里面的代码,首先你信任client,因为这是在你本地上的,换言之这是你自己。B是Teaclave,但是你怎么需要保证Teaclave是你相信的那个版本(比如没有篡改。。。。。。),以及它跑在一个可信的环境里面(真的在encalve里面)呢?这就需要Remote Attestation (RA),你可以查阅Intel SGX的相关文档。
但是问题还有,比如你说的key的问题。理论上应该只有A和B知道key,A是你自己的client,你不能通过网络明文传输key是什么。这就需要A和B之间的通信是加密的。这里是通过TLS来保证。在remote attestation的过程中,attestaiton的report有可以包含程序自定义的64 byte数据,RA的过程中放入用于TLS handshake的数据,从而建立一个A和B之间的Attested TLS。
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/372#issuecomment-651182586