英特爾SGX和區塊鏈安全：iExec的端到端解決方案_ION:AND

點擊藍字關注我們

英特爾SGX和區塊鏈

iExec端到端解決方案

iExec很榮幸地宣布即將推出首個集成英特爾SGX的端到端解決方案，用于分布式計算的安全技術應用。在2018年10月30日布拉格Devcon4會議上，iExec和英特爾將宣布重大合作新聞。

張磊，iExec安全總監介紹了英特爾SGXEnclave技術，以及如何保證參與區塊鏈網絡的用戶和應用的安全問題，特別是基于區塊鏈的分布式云技術方面。

敬請關注！

正文相關鏈接

IntelSGX:https://software.intel.com/en-us/sgx

Thechallenge:Howcanweguaranteesecurityondecentralizedanddistributednetworks?

Blockchain-basedapplicationsandcomputingarenotownedorcontrolledbyonespecificentitybutratherpoweredbyadistributednetworkofmultiplemachinesor‘nodes’.Thedistributednatureofdecentralizedcloudcomputingnetworkspresentachallengetoguaranteesecurityasanyrootprivilegeusermayeasilyinspectthesensitivedataandtamperwiththeapplicationrunningonthedecentralizedhost.Fortraditionalcentralizedcloudcomputingproviders,itiseasiertoemployexistingsecuritymechanismsprotecttheinvolvedapplication.

Fordecentralizedblockchain-basedclouds,asilicon-basedsecuritysolution,called‘IntelSGX’,istheonlyefficientsolutiontoprotectusersandapplicationsinvolvedinBlockchain-baseddecentralizedcomputing.

IntelSGX(IntelSoftwareGuardExtensions),isasetofCPUinstructioncodesthatenabletheexecutionofselectpiecescodeanddatainprotectedareascalledenclaves.Basically,whileyouhaveanapplicationrunningonahostmachine,SGXenclavesessentiallyactasabubble,isolatingandprotectingtheapplicationfromthehostmachine,inthisway,eventherootprivilegeadministratorofthehostmachineisnotabletopenetratethisbubbletoaccessandtamperwiththeapplication.

Hive Blockchain部署首批由英特爾Blockscale ASIC驅動的比特幣礦機:金色財經報道，加拿大礦企Hive Blockchain周五宣布，已經部署了首批基于英特爾 Blockscale ASIC 驅動的比特幣礦機，這批5800臺機器于2022年底交付并被命名為BuzzMiners，可共同產生638 PH/s至754 PH/s的算力。Hive表示，在加拿大和瑞典的設施中已經安裝了1500多臺采用英特爾技術的機器，它們已經達到了性能目標。Hive最初訂購了13000臺機器，但減少了訂單“以在加密熊市期間有條不紊地擴展業務”。

據報道，Jack Dorsey旗下比特幣公司 Block (SQ)、Argo Blockchain (ARBK)和 Griid Infrastructure 將成為英特爾Blocksale ASIC的首批客戶。[2023/1/14 11:11:15]

AnintroductiontoIntelSGXEnclaves-iExecSecurityR&D,LeiZhang

“WhatmakesIntelSGXcompellingisthatitprovidesahardwaretrustedexecutionenvironment(TEE),allowingbetterprotectionsfordatain-use,at-restandin-transit,built-inCPUinstructionsandplatformenhancementsprovidecryptographicassertionsforthecodethatispermittedtoaccessthedata.Ifthecodeisalteredortampered,thenaccessisdeniedandtheenvironmentdisabled.”

—RickEchevarria,VicepresidentofIntel’sSoftwareandServicesGroup.

1.TheiExecE2ESGXsolution

iExecispioneeringthebuildingofablockchain-enableddecentralizedanddistributedcloudnetwork.Theyhavenowprovidedthefirsteverfullandend-to-endsolutionintegratingSGXfortheblockchain-basedcloud.SomeofourinitialworkwithintelSGXcanbereadinthisblogpostandiscoveredinthisvideopresentation.iExecpresentedthefirstphaseofworkonSGXinMarch2018attheIBMThinkConferenceinLasVegasandco-presentedalongsideIntelinMay2018atConsensusinNewYork..Thisfirstphasefocusedontheprotectionofthesecretsbuiltindecentralizedapplications:althoughtheapplicationsrunsondecentralizednodes,theinvolvedsensitivedatacannotbeinspectedoralteredwithbymaliciousattackersonthenetwork.Howeverthefirststageofworkwasbasedonsomesophisticated(raw)frameworksandthefunctionalityofthesolutionwaslimitedtoonlyprotectnativesecretsoftheapplication,furthermorethesolutioncouldbecomplicatedforappdevelopersandusers,especiallyforthosewhoarenotinthefieldofITandcomputing.

英特爾與中國男子三人籃球超級聯賽舉辦“元宇宙扣籃大賽”:金色財經報道，12月16日，由英特爾與中國男子三人籃球超級聯賽共同舉辦的 “元宇宙扣籃大賽” 正式上演。英特爾元宇宙體育創新應用解決方案為比賽技術支持。在英特爾CPU與GPU強大的算力、先進的AI算法、5G+MEC等技術的支持下，實現了從終端現實畫面采集，到邊緣端進行超低時延的動捕姿態解算，并驅動元宇宙數字運動員進行視頻或VR直轉播，由此異地球員元宇宙中得以實現同場競技。[2022/12/20 21:55:11]

iExechastocontinuedtomakesignificantcontributions,workingdiligentlywithourpartners,topushforwardapowerfulanduser-friendlyend-to-endSGXsolution.Thissolutionisintendedtobeusedasanindustryreferencetoenhancetheoverallsecurityofdecentralizedcloudcomputing.ThisnewSGXsolution,combinedwithBlockchain,allowsforunmatchedleveloftrustforDecentralizedApplications(Dapps)andexecution/dataprocessingondecentralizednodes.TheiExecapproachspecificallyallowsBlockchaintoworkwithSGXinorderto:

ProtecttheDAppandprovidefulldataprotectionthatcannotbeaccessedbytheexecutionhost,especiallyforuser’sinputandoutputdata.

GuaranteetheintegrationoftheDapp/Data,makingsurethecorrectandexpectedDApporDataisrunningonthedecentralizednode.

Provideblockchain-basedvalidationforoff-chaincomputing,verifyingthattheDappiscorrectlyexecutedinanenclaveandisneithertamperednorinterruptedbythedecentralizednode.Asmart-contractsignatureissignedinsidethissecureenclavebeforetheverificationisdonebytheblockchainnetwork.

梁雅莉：英特爾商用客戶端技術結合螞蟻區塊鏈加速中小企業數字化轉型:5月27日，“英特爾X螞蟻區塊鏈普惠科技助力中小發布會直播”在線上進行。英特爾公司市場營銷集團副總裁、中國區行業解決方案總經理梁雅莉以《櫛風沐雨，砥礪前行 科技助力中小企業破繭成蝶》為題進行分享。她指出，希望聯手螞蟻金服助力產業的升級。她指出，英特爾商用客戶端技術結合螞蟻區塊鏈加速中小企業數字化轉型，為中小企業創造商機，為中小企業減負。

據介紹，英特爾為螞蟻金服提供的端點管理助手是一款基于英特爾商用客戶端技術高效的軟件工具。能夠通過云端對授權的采用英特爾CPU的設備進行資產和IT管理，同時對于支持英特爾博銳的設備，可以確保服務商/企業 IT通過主動管理技術提供現代化的管理。通過租賃公司向SMB聽過更輕薄、高性能、最新的、可管理的產品。在其中，英特爾定位于技術的賦能者、生態的賦能者。

梁雅莉指出，基于設備租賃發展出來的設備及服務的模式，有望成為助力中小企業發展的一個新商業模式之一。[2020/5/27]

MakesuretheexecutionandDAppresultisvalid,neithercopied,norfabricatedbymaliciousdecentralizednode.

Protecttheend-to-endprivacyofDAppresult,whichcanneverbeinspectedbyanyoneelsebuttheuser.

Afriendly-userinterface:significantsimplificationforuserstoencrypt/decrypttheinput/outputdataandtriggertheSGXapplicationexecution.

EasyusabilityisakeyelementofUserExperience;withthenewiExecE2ESGXsolution,useronlyneeds3simplestepstorunanE2ESGXapplicationandtoprovideafullprotectionofuser’sinputandoutputdata.

Let’sthinkaboutatypicalSGXapplication,sayforexampleaFinTechapplication.Theapplicationisfedbysomeuserinputdatawhichcontainssomeuser’spersonalandsensitivesecrets(e.g.bankaccountinformation,personalprivacy,etc…),theoutputresultsoftheapplicationalsocontainsomesensitivedataandareonlyintendedtouserwhotriggerstheapplication.Theinputdataandtheoutputresultsneedtobestrictlyprotectedduringthewholeprocedure.Thenon-encryptedsensitivedataneverleavesuserlocalscopeorhigh-securedtrustedexecutionenvironment:SXGenclave.Hereisagenericdescriptionofthe3simplestepsofiExec’sSGXsolution.

動態 | IBM、英特爾等助力UCSD建立區塊鏈研究中心:據ethnews報道，9月26日，加州大學圣地亞哥分校（UCSD）超級計算機中心的大型數據系統中心宣布推出區塊鏈研究中心BlockLAB。根據公告，幫助創建BlockLAB的一些主要合作伙伴包括戴爾，IBM和英特爾。這些技術巨頭的影響力和知識將助力BlockLAB的研究，以及為整個區塊鏈行業做出巨大貢獻。項目負責人James Short表示，這些公司提供了他們正在開發和/或試驗的區塊鏈技術的早期訪問權，還將允許他們訪問正在進行和已完成的研究，并就BlockLAB應進行何種研究提出建議。除了提供研究和技術支持外，戴爾，IBM和英特爾也在為該項目提供財務支持。[2018/10/3]

Step1:Useronlyneedstorunonesimplecommandwhichallowstoautomatically:

Encryptuser’sinputdata

Pushtheencrypteddatatoaremotefilesystem(i.e.theremotefilesystemcanbeanypublicfilesharingserviceandenduserisfreetochoosehis/herpreferredone,pleasenotethatthisserviceisnotprovidedbyiExec)

Updaterelatedsessiondata(i.e.eachuser’striggeringoftheapplicationisasession)toaSGXbasedsecretmanagementservice.Secretmanagementservicecanbedeployedinaflexibleway:itcanbeatuser’sside,orscheduler’sside(i.e.SGXworkpool).

Step2:UsertriggersthetargetapplicationviasimpleclicksfromtheiExecDappstoreandmarketplaceviaauser-friendlyUIinterface.

OncethetargetapplicationistriggeredatremoteSGXdecentralizednode,theapplicationwillfirstlyautomaticallypulltheencrypteduserinputdatafromremotefilesystem(i.e.pushedinstep1);retrievethesecretkeyviasecuredSGXprovisionchannel,whichisthenusedtodecrypttheuserinputdata,thedecryptionisdoneonlyinsidethehigh-securedtrustedenvironment—SGXenclave;thedecrypteddatacanthenbeusedtofeedtheapplicationexecution,assoonastheapplicationresultisavailable,asignatureisprecededbasedontheprivatekeyprotectedinsidetheSGXenclave,whichcannotbeinspectedbytheoutsideworld.TheapplicationresultisfinallyencryptedandthentheiExec’sverificationprocedure(i.e.ProofofContribution)istriggered.EverythingissecurelyhappenedinsidetheIntelSGXenclaveensuredbyIntelhardwareCPUandnosecretisabletorevealedtotheoutsideworld.

英特爾申請利用區塊鏈技術進行基因測序的專利:英特爾的一項新專利申請表明，他們正在研究如何利用加密貨幣挖礦過程中耗費的能源來進行基因測序。2016年6月該專利首次提交給美國專利局和商標局，并在本周四公布了申請中的專利詳情。該專利描述了一種被稱為序列挖掘平臺（SMP）的計算機，該專利申請指出，SMP將使用核堿基測序單元來測定樣品中核堿基的順序，然后通過區塊鏈技術對其驗證，并永久的記錄在區塊鏈上。[2017/12/15]

Thesignatureisfinallytransferredtoon-chainnetworkandverifiedbyon-chainsmartcontractviatheregisteredcorrespondingpublickey.Ifthesignatureverificationpassesandapplicationresult’strustlevelachievesagiventhreshold.Theuserwillbeinformedtodownloadtheencryptedresult.

Thewholeprocedureisdoneautomaticallyinahighsecureway,andthisprocedureistriggeredbyonlysomesimpleclicksfromuserviathefriendlyUIinterface.

Fig.1iExec’sE2ESGXworkflow

Step3:Usercandownloadtheencryptedresultpackage,andusercanjustrunonesimplecommandtodecrypttheresult.Pleasenotethatonlytheuserwhotriggersthetask(i.e.SGXapplication)isabletodownloadtheencryptedresult,andonlytheuserownsthekeytodecrypttheapplicationresult.

Pleasenotethattheprocedureisplatformindependent,andthereforeiscompatiblewithdifferentoperatingsystems:Windows,Linux,MacOS.

Inthenearfuture,wewillfurthersimplifyuser’sprocedure—allthethreestepswillbeintegratedintoonesimplestep,andcanbedonebyseveralsimpleclicksfromuserviauserfriendlyuserinterface—https://market.iex.ec/.

2.TheiExecSolutionisSGXVendorAgnostic

TheiExecplatformisopentodifferentSGXsolutionvendors.Specifically,iExechasbeencollaboratingwithSCONEandFortanixtointegratetheirSGXframeworksintoiExec’sE2ESGXsolution.WearealsointhephaseofevaluatingIntel’sPDOframework.Inthefuture,wewillalsoconsidertheSGXframeworkofGraphene/Graphene-ng.AllthemainstreamSGXsolutionswillbe100%compatiblewithiExec’splatform,andwewillleaveiExecDappdevelopersanduserstofreelychoosetheirpreferredSGXframeworks.OurobjectistopromotetheemergenceofanecosystemwhichprovidestrustedexecutionforBlockchainbasedcomputing,andthesetrustedservicecanbemonetizedviaiExec’smarketplace.

3.iExecContributionstowardsIndustryStandardization

iExecarepioneersinthefieldofblockchain-basedTrustComputing,andisveryactiveinleadingandpushingforwardtheindustrialstandardizationforinthiscontextforBlockchaintechnology.

Especially:

iExecisveryactiveinEEA(EnterpriseEthereumAlliance):iExecischairingtheTrustedComputeWorkGroup,andkeepscontributingandpushingforwardtheEEAspecifications,especiallytheOff-chainTrustedComputeSpecificationwhichistobepubliclyreleasedsoon.

iExecisactiveinIEEEaswell.iExecismemberofIEEEP2418,andisinvolvedinIEEEstandardprojectonDLT-basedFederatedIdentity,CredentialandTrustManagement.iExecleadsthestandardizationworkinseveralBlockchainbaseddomains,especiallythesecurityandTEE(TrustedExecutionEnvironment)

iExeciscollaboratingwithhardwaretrustedexecutionvendorstomoveforwardthishardwarebasedsecuritysolution(SGX)tobefullystandard-compliant,staytunedforthecomingupdatesduringDevcon4.

iExecisalsocollaboratingwithourpartnerstomoveforwardthestandardizationforBlockchainbasedFogComputinginthecontextofOpenFogconsortium.SomeresultofthefirststagecollaborationwithourpartnersonFogComputingwillbereleasedsoon,pleasestaytunedinthefollowingdays.

長按掃碼關注公眾號

點“閱讀原文”了解更多

Tags：THEIONANDICAEthereum Royaltyaion幣是靠顯卡還是核心band幣怎么樣UniCandy

Gateio