Intel® Software Guard Extensions (Intel® SGX)

An Intel® architecture extension designed to increase the security of application code and data.

A New Approach

To address the reality of widespread security holes and compromised systems, Intel set out to design a hardware-assisted trusted execution environment with a very small attack surface: the processor boundary. Intel SGX delivers 17 new Intel® architecture instructions that can be used by applications to set aside private regions of code and data, and can prevent direct attacks on executing code or data stored in memory.

The foundation of Intel SGX was created with input from major corporations, security researchers at universities, and government security agencies. Hundreds of independent software vendors (ISV) and enterprise developers are engaging with Intel to use Intel SGX to secure mission-critical applications. Intel SGX will spawn the development of new innovative security applications such as those listed below.

Guard applications and data Tamper-resistant code tool vendors
Guard payment dialogue plus cloud and data security Financial services industry (FSI) companies
Harden biometrics and authentication Security authentication companies
Harden a browser experience Browser vendors
Harden DRM for enhanced high definition, 4K ultra high definition (UHD) content protection Content playback ISVs and content owners across over-the-top (OTT) and media services
Harden end-point security Security ISVs and original equipment manufacturers (OEM)
Protect communications from an end-point to a management console Security ISVs
Protect electronic medical records (EMR), sensitive and confidential data Governments and major health care organizations
Protect keys on local file system and harden disk protection Disk encryption ISVs
Protect key management, enclave optimized embedded apps Cloud, infrastructure, and software as a service (SaaS) providers
Protected TLS keystore management Cloud, content delivery networks, frequency scanning interferometry (FSI), infrastructure, SaaS
Secure analytics workloads Big data ISVs and enterprises
Securing document sharing and viewing Government and secure document sharing ISVs
Enclave optimized embedded apps Major defense contractors
Secure IoT edge devices and cloud communications IoT gateway and device manufacturers

Develop Protected Applications

In Figure 1, a closer look at the design pattern reveals that an Intel SGX application consists of two parts: untrusted code and a trusted enclave that it securely calls into. A developer can create one-to-many trusted enclaves that work together to support distributed architectures. Common uses include key material, proprietary algorithms, biometric data, and certificate signing request (CSR) generation.

Application Partitioning
Figure 1: Application partitioning

At runtime (see Figure 2), the Intel SGX instructions build and execute the enclave into a special protected memory region with a restricted entry and exit location, which is defined by the developer to prevent data leakage. Enclave code and data inside the processor perimeter runs in the clear and enclave data written to the disk is encrypted and checked for integrity.

Runtime Execution
Figure 2: Runtime execution


  1. App is built with trusted and untrusted parts.
  2. App runs and creates the enclave, which is placed in trusted memory.
  3. Trusted function is called. Execution is transitioned to the enclave.
  4. Enclave sees all process data in clear. External access to enclave data is denied.
  5. Trusted function returns enclave data.
  6. Application continues normal execution.

Attest Enclaves and Seal Data

Currently, original device manufacturers (ODM) and ISVs commonly provision application software and secrets either at the time of manufacturing or by complex field configurations that cannot cryptographically prove application integrity. Intel SGX enables local attestation between enclaves or remote attestation by a third party to ensure the application has not been compromised.

The protected portion of an application is loaded into an enclave where its code and data are measured. A report is sent to the remote application owner’s server, which in turn can validate that the enclave report was generated by an authentic Intel processor. Upon verification of the enclave identity, the remote party can trust the enclave and securely provision keys, credentials, or data.

Intel SGX includes an instruction for generating a processor and enclave-specific sealing key that can be used to safely store and retrieve sensitive information that may need to be stored to disk.


Platforms based on 7th generation (or later) Intel® Core™ processors with BIOS support enabled for Intel SGX Microsoft Visual Studio* 2012 (professional edition) Windows* 7, 8.1 (64 bit)
Windows® 10 (64 bit)
  Intel® Parallel Studio XE 2013 Professional Edition (Windows) Ubuntu* 14.04 LTS (64 bit)