Intel® Software Guard Extensions (Intel® SGX)

An Intel® architecture extension designed to increase the security of application code and data.


Intel® Software Guard Extensions (Intel® SGX) protects selected code and data from disclosure or modification. Developers can partition their application into CPU-hardened “enclaves” or protected areas of execution in memory that increase security even on compromised platforms. Using this new application-layer trusted execution environment, developers can enable identity and records privacy, secure browsing, and digital rights management (DRM), as well as harden endpoint protection or any high-assurance security use case that needs to safely store secrets or protect data.

  • Confidentiality and integrity: Enforced at the OS, BIOS, VMM, or SMM layers even in the presence of privileged malware
  • Low learning curve: A familiar OS programming model integrates with the parent application and executes on the main CPU
  • Remote attest and provision: A remote party can verify an application enclave’s identity and securely provision keys, credentials, and other sensitive data to the enclave
  • Smallest possible attack surface: The CPU boundary becomes the attack surface perimeter —all data, memory, and I/O outside this perimeter is encrypted

Empower Developers
Figure 1: Empower developers to better protect code and data.

The Constraints of Application Security

Developers have long been constrained by the security capabilities that major platform providers have exposed for application development. These same capabilities are also well known by hackers who have exploited weaknesses to steal sensitive data, credentials, or hijack code for attacks. Developers have had to rely on the provider’s security architecture with no means to apply a security model designed to fit their own requirements after a platform release has shipped.

A new model is needed that can leverage the strengths of the platform or OS but deliver independence for the developer who understands what application secrets need additional protection. Silicon-assisted security has a unique opportunity to augment the OS to deliver new capabilities that help applications protect themselves according to developer needs.

Intel SGX—A New Approach

To address the reality of widespread security holes and compromised systems, Intel set out to design a hardware-assisted trusted execution environment with the smallest possible attack surface: the CPU boundary. Intel SGX delivers 17 new Intel® architecture instructions that can be used by applications to set aside private regions of code and data, and can prevent direct attacks on executing code or data stored in memory.

Intel SGX introduces a revolutionary new security architecture that is certain to be the preferred trusted execution environment for application developers who are focused on security.

Developing Intel SGX Protected Applications

In Figure 2, a closer look at the design pattern reveals that an Intel SGX application consists of two parts: untrusted code and a trusted enclave that it securely calls into. A developer can create one-to-many trusted enclaves that work together to support distributed architectures. Common uses include key material, proprietary algorithms, biometric data, and CSR generation.

Application Partitioning
Figure 2: Application Partitioning

At runtime (see Figure 3 below), the Intel SGX instructions build and execute the enclave into a special protected memory region with a restricted entry and exit location, which is defined by the developer. This prevents data leakage. Enclave code and data inside the CPU perimeter runs in the clear and enclave data written to disk is encrypted and checked for integrity.

Runtime Execution
Figure 3: Runtime Execution

Figure legend:

  1. App built with trusted and untrusted parts
  2. App runs and creates the enclave, which is placed in trusted memory
  3. Trusted function is called, execution transitioned to the enclave
  4. Enclave sees all process data in clear; external access to enclave data is denied
  5. Trusted function returns enclave data
  6. Application continues normal execution

No unauthorized access or memory snooping of the enclave is possible. (See Figure 4.)

Security Perimeter
Figure 4: Security Perimeter

Attesting Enclaves and Sealing Data

Currently, ODMs (original device manufacturers) and ISVs (independent software vendors) commonly provision application software and secrets at the time of manufacturing or by complex field configurations that cannot cryptographically prove application integrity. Intel SGX enables local attestation between enclaves or remote attestation by a third party to ensure the application has not been compromised.

The protected portion of an application is loaded into an enclave where its code and data are measured. A report is sent to the remote application owner’s server, which in turn can validate that the enclave report was generated by an authentic Intel processor. (See Figure 5). Upon verification of the enclave identity, the remote party can trust the enclave and securely provision keys, credentials, or data.

Intel SGX includes an instruction for generating a CPU and enclave-specific "sealing key” that can be used to safely store and retrieve sensitive information that may need to be stored to disk.

Intel SGX Enables New Security Models and Innovation

The foundation of Intel SGX was created with input from major corporations, security researchers at universities, and government security agencies. Hundreds of ISVs and enterprise developers are engaging with Intel to use Intel SGX to secure mission-critical applications. Intel SGX will spawn the development of new innovative security applications such as those listed below.

Guarding applications and data Tamper-resistant code tool vendors
Guarding payment dialogue plus cloud and data security Financial services industry (FSI) companies
Hardening biometrics; hardening authentication Security authentication companies
Hardening browser experience Browser vendors
Hardening DRM for enhanced high definition, 4K ultra high definition (UHD) content protection Content playback ISVs and content owners across over-the-top (OTT) and media services
Hardening end-point security Security ISVs and OEMs
Protecting communications - end-point to management console Security ISVs
Protecting electronic medical records (EMR), sensitive and confidential data Governments and major health care organizations
Protecting keys on local file system; hardening disk protection Disk encryption ISVs
Protecting key management, enclave optimized embedded apps Cloud, infrastructure, and SaaS providers
Protected TLS keystore management Cloud, content delivery networks, frequency scanning interferometry (FSI), infrastructure, SaaS
Secure analytics workloads Big data ISVs and enterprises
Securing document sharing and viewing Government and secure document sharing ISVs
Enclave optimized embedded apps Major defense contractors
Secure IoT edge devices and cloud communications IoT gateway and device manufacturers


Platforms based on 7th generation Intel® Core™ processors (or later) with Intel SGX enabled BIOS support Microsoft Visual Studio* 2012 Professional Edition Windows* 7, 8.1, or 10, 64 bit
  Intel® Parallel Studio XE Professional Edition for Windows* Version 2013 Ubuntu* 14.04 LTS, 64 bit