本文探讨了在一个加密池中,如何管理和更新每个Enclave的公共密钥,通过衍生共享密钥并存储于共享密钥日志中。每次Enclave池成员变更时,会生成新的共享密钥版本。同时,各Enclave的私钥用于签署执行在多个Enclave上的代码,验证过程涉及比较不同版本的共享池密钥。
摘要:
The public enclave key of each enclave in an enclave pool may be registered in an enclave pool registry, and the registry updated each time there is an enclave pool membership change. A shared enclave pool key may be derived from the public enclave key of each enclave of the enclave pool. The shared enclave pool key may be stored, in a shared key ledger, as a first version of the shared enclave key, and an updated version of the shared key may be generated and stored as another version each time there is an enclave pool membership change. The output of a cryptlet that executed in multiple enclaves may be signed with the enclave private key of each enclave in which the cryptlet executed. Each enclave signature may be compared against each version of the shared enclave pool key in the shared key ledger.
展开
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
