As we announced last month, wolfSSL now includes a port for Intel® SGX (Software Guard Extensions) with Linux (specifically, Ubuntu 16.04). Using wolfSSL with SGX Linux takes advantage of Intel® SGX technology to separate untrusted and trusted code, isolating the wolfSSL library from potentially malicious applications running on the host machine.
Curious about using wolfSSL’s TLS 1.3 functionality in a secure enclave with SGX? After checking out the example application below, check out wolfSSL’s TLS 1.3 support page. It details building wolfSSL with TLS 1.3, as well as executing the examples specifically with TLS 1.3.
You can try out wolfSSL for Intel® SGX yourself with the port at wolfssl-root/IDE/LINUX-SGX which covers building a static library for linking with other SGX Enclaves.
wolfSSL also has an example Enclave and Application that demonstrate how to use wolfSSL SGX. The sample application covers:
1. wolfCrypt API Testsuite
2. wolfCrypt Benchmarks
3. Simple TLS Client Example with client and server authentication
The example can be found at https://github.com/wolfssl/wolfssl-examples/tree/master/SGX_Linux.
For more information about Intel SGX see the sites below.
https://en.wikipedia.org/wiki/Software_Guard_Extensions
https://software.intel.com/en-us/sgx
https://software.intel.com/sites/default/files/managed/77/98/IntelSGX-infoQ-SolutionBrief.pdf?utm_source=InfoQ&utm_campaign=InfoQSGXGTM&utm_medium=AssetPDF
For more information about wolfSSL TLS 1.3 see the sites below.
https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3_.28draft.29
https://www.wolfssl.com/docs/tls13/
If you have a need for an embedded SSL/TLS library with Intel® SGX contact us today at facts@wolfssl.com.