Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

get_state should return an encrypted and signed value (TLS into enclave?) #91

Closed
brenzi opened this issue Feb 14, 2020 · 3 comments
Closed

get_state should return an encrypted and signed value (TLS into enclave?) #91

brenzi opened this issue Feb 14, 2020 · 3 comments
Labels
F1-security possible vulnerability

Comments

@brenzi
Copy link
Collaborator

brenzi commented Feb 14, 2020
edited
Loading

the client should be able to verify that what a worker sends him is indeed coming from the enclave.
Moreover, the payload should be encrypted such that the worker doesn't learn anything about the query
@brenzi brenzi added the F1-security possible vulnerability label Feb 14, 2020
@brenzi brenzi changed the title get_state should return a value signed by the enclave get_state should return an encrypted and signed value Feb 14, 2020
@clangenb clangenb mentioned this issue May 25, 2020
Closed
@brenzi
Copy link
Collaborator Author

brenzi commented May 28, 2020
edited
Loading

the enclave doesn't have a key agreement with the user and therefore can't encrypt the response. We should actually have a TLS connection right into the enclave for worker-api which could also cover authentication (if X.509 supports ed25519 signatures???)

@brenzi brenzi changed the title get_state should return an encrypted and signed value get_state should return an encrypted and signed value (TLS into enclave?) May 28, 2020
@haerdib haerdib mentioned this issue Feb 15, 2021
Closed
@haerdib
Copy link
Contributor

haerdib commented Feb 15, 2021

This issue should be fully covered by issue #202.
@brenzi should we keep this issue open either way?

@brenzi
Copy link
Collaborator Author

brenzi commented Feb 15, 2021

We can close this one as it is fully covered.

@brenzi brenzi closed this as completed Feb 15, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
F1-security possible vulnerability
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@brenzi @haerdib