TEE 101: How Intel SGX works and why we use it at Integritee

Integritee uses a technology known as trusted execution environments (TEEs) to process sensitive data off-chain. But what exactly are TEEs and how do they work? In this post, we will take a look at one of the most common & powerful TEE architectures, which we also use at Integritee: Intel Software Guard Extensions (SGX).

Data in different states pose different cybersecurity challenges. End-to-end encryption can provide protection for data while it is in transit, or while it is being stored. But what about data that is currently in use? This is where TEEs come in.

Before an application can execute code on an encrypted dataset, the information must first be decrypted and loaded into system memory (or RAM) to be processed. This provides a window of opportunity for hackers or other third parties to view, intercept or modify the data while it is being processed in an unencrypted state.

Imagine a scenario for instance where you have uploaded some medical records to a database where all data is stored in encrypted form. Now let's say that your doctor wants to run an application that checks whether a particular drug clashes with any of the existing medications you are currently taking. In order to do this, the application may need admin-level privileges to access the database, decrypt the data and load it into system memory for processing. If this system has been infected with malicious software, however, it may be possible for this rogue application to access the data in an unencrypted state while it is being processed. Intel SGX has been designed to guard against these types of software-based attacks.

SGX is a form of hardware-based encryption that is built-in to many Intel processors released in the last 7 years. It enables system memory to be split into so-called enclaves - private, hardware-encrypted areas within RAM. Enclaves operate a bit like a secret vault where applications can process sensitive data without the risk of it being exposed.

Each enclave is an isolated region within system memory that contains both code and data. Applications that harness this technology can make a call to the TEE using a trusted function - a piece of code created by a software developer that can be executed within an enclave. In the previously mentioned example, for instance, the trusted function might check your medical records within an enclave to detect any potential conflicting medications. The enclave then returns a value to the main application, such as "clash detached" or "no clash detected".

Only trusted functions are allowed to run in the enclave and the memory is otherwise unaddressable, meaning that any other attempt to access enclave data will automatically be rejected by the processor. The important thing to note here is that as encryption is taking place at hardware level, it protects against software-based attacks. In effect, this means that even if a hacker has access to the entire operating system and BIOS of the system on which the TEE is running, confidential data will remain secret.

In addition, remote users can make use of a feature called "remote attestation". This enables them to interface with a TEE from a remote system, while having confidence that the application has not been tampered with and is running on a genuine TEE. However, this feature requires the service to be registered with the Intel Attestation Service.

So what does Integritee bring to the TEE party you might ask? Intergritee democratizes access to the technology by enabling firms to leverage remotely attested TEEs without needing to individually register with the Intel Attestation Service. Blockchain developers and firms can create dapps with Integritee that process potentially sensitive data off-chain in a highly secure way. This can be harnessed for a wide range of use cases ranging from secure oracle services, to faster, more secure digital asset exchanges and much more besides.