I would like to know how the core concept behind the API call "sgx_get_trusted_time".
Is there a deticated hardware for that or what? How does Intel assure that it is a trusted time?
The trusted time is uses AE service for fetching the time. Before using the trusted time function we need to call sgx_create_pse_session for platform service. This platform service enclave fetches the data related to the function.
current_time contains time in seconds and time_source_nonce con-tains nonce associate with the time. The caller should compare time_source_nonce against the value returned from the previous call of this API if it needs to calculate the time passed between two readings of the Trusted Timer. If the time_source_nonce of the two readings do not match, the dif-ference between the two readings does not necessarily reflect time passed
Thanks for your reply. I would like to know the algorithm behind it?
Does it depend on a trusted hardware? How can they guarantee the trust in such a call?
Trusted Time service depends on specific capability in the chipset on the platform. The recent SGX Linux SW releases do provide SGX Monotonic Counter and Trusted Time service on Ubuntu 16.04, if the chipset on the platform supports it.
Thanks for your reply. So there is hardware support behind it. But I found online that this sgx_get_trusted_time API is only available during the simulation mode. Is that right?
Is there any examples for using it?