SGX Secure Enclaves in Practice - Security and Crypto Review

Explore the practical applications and security implications of Intel's Software Guard Extensions (SGX) technology in this 48-minute Black Hat conference talk. Dive into the first public assessment of SGX based on real hardware and Intel's software development environment. Learn about the implementation details, development process, and potential vulnerabilities of SGX enclaves. Discover how to create secure enclaves, debug SGX software, and analyze the cryptographic schemes used in critical components. Examine the attack surface and assess the real risks for SGX users. Witness demonstrations of cryptographic functionalities leveraging SGX, including secure remote storage and delegation. Gain insights into basic architectures that can deliver powerful crypto functionalities with wide-ranging applications. Access released code and a tool for extracting and verifying enclave metadata to enhance your understanding of SGX technology.

Introduction
SGX
SGX Overview
Cloud Computing
DRM
Reverse Engineer
Trust Computing Base
Security Limitations
Bugs
Setup
Linux SDK
Warning
What you get
SDK
Whats in the SDK
Debugging
Developer Key
Partitioning
Limitations
Sealing
Remote attestation
Disclaimer
Crypto
Crypto SDK
Where does it come from
Linux Source Code
AES
Randomness
Be careful
Canaan CLAV
How secure is it
PIDs
Applications
Encryption Proxy
Metadata
Demo
Conclusion