1.0 Introduction
Fortanix-Data-Security-Manager (DSM) is built to operate entirely within Intel® Software Guard Extensions (SGX) enclaves, ensuring that users’ cryptographic keys are protected from even highly privileged attacks. To fully leverage the security benefits of SGX, it is essential to verify that Fortanix DSM software is running unmodified within a genuine SGX enclave on trusted hardware.
This article provides instructions for configuring Data Center Attestation Primitives (DCAP) Offline Attestation in Fortanix DSM clusters.
2.0 What is Intel SGX Attestation?
Intel® Software Guard Extensions (SGX) is a technology that allows software developers to encrypt their application’s data at run time. It achieves this by allowing applications to launch specially protected software containers, also known as enclaves. These enclaves can be used for protecting the application’s data from adversaries who could have root privileges or even physically tap the memory bus.
To utilize the security guarantees of SGX fully, the user must also verify that the application that they have built is running unmodified inside a secure enclave. With the clustered environment, it is also important that each node shares data only after verifying the authenticity of the Software and Hardware of the other node.
The SGX attestation process enables each node in a Fortanix DSM cluster to cryptographically prove the following:
The DSM software, as built and signed by Fortanix, is running unaltered inside a genuine Intel® SGX enclave.
The underlying hardware is a trusted SGX platform with all required microcode updates applied at boot.
All necessary hardware and software configurations for SGX are correctly in place.
3.0 Attestation Events
Attestation is performed when substantial changes are made to a Fortanix DSM cluster. Fortanix DSM communicates with the DCAP service when a valid attestation is required for a node.
Below are the events when this is required:
Creation of a new cluster.
Addition of a new node to the cluster.
Replacing nodes in an existing cluster (for example: replacing failed hardware nodes).
Software upgrade. All nodes require attestation.
Node reboot post-BIOS changes.
Once the above events pass with valid attestations, no further attestation is sought during the normal software execution or API requests.
4.0 What is Intel DCAP?
Intel® enables attestation of SGX enclaves through a remote attestation service called DCAP.
DCAP is a set of libraries and APIs provided by Intel to enable attestation of SGX enclaves without relying on Intel’s IAS (Intel Attestation Service).
DCAP allows relying parties (verifiers) to perform attestation within a data center, using platform-provided evidence.
5.0 What is Offline Attestation?
Intel DCAP Offline Attestation is a method of verifying the trustworthiness of a system using Intel® SGX (Software Guard Extensions), without requiring direct access to Intel’s cloud-based attestation service. It is commonly used in confidential computing environments where external internet access is restricted.
6.0 Configure DCAP Offline Attestation
Perform the following steps to configure DCAP Offline Attestation on a new Fortanix DSM cluster:
Create a
config.yaml
file, including the following:global: rebootEnabled: true attestation: dcap: type: offline externalLoadBalancer: true sdkms: clusterIp: 1.1.1.1
Run the following command to create a Fortanix DSM cluster:
sudo sdkms-cluster create --config ./config.yaml --self <NODE_IP>
Pull the appropriate container image that matches your Fortanix DSM version.
For example, the following image ID is used for Fortanix DSM version 5.0
crictl pull containers.fortanix.com:5000/dcap-retrieve-pckid:2.25.100.3-0.1.0
Navigate to
/usr/bin
and run the following command to fetch thepckid
of the node:root@dsm-server:/usr/bin# ./retrieve-pckid
Copy the PCK ID value from the output and save it to a CSV file named
pckid.csv
.Download the dcap_artifact_retrieval executable.
NOTE
Contact Fortanix Support for the download link.
Example:
wget https://sdkms-artifacts-release.s3.us-west 1.amazonaws.com/2815/dcap_artifact_retrieval chmod +x dcap_artifact_retrieval
Run the
dcap_artificact_retrieval
command to download the artifacts to/data/dcap-artifacts
directory:sudo ./dcap_artifact_retrieval --pckid-file pckid.csv --output-dir /data/dcap-artifacts -v
NOTE
Artifacts can be downloaded on a separate Linux host with internet access. The artifacts for each node can then be copied to the respective node and stored under
/data/dcap-artifacts
.Run the following command to delete the sdkms pod and ensure that the pod restarts without issues:
sudo kubectl delete pod sdkms-...
Proceed with standard certificate procedures:
get_csrs
install_certs
For more information, refer to the Fortanix Data Security Manager Installation Guide - On-Prem.
Repeat Steps 4 to 7 for each node to add to the cluster.
7.0 Frequently Asked Questions
Can I switch from online to offline DCAP attestation on an existing cluster?
Yes. If the cluster was configured with attestation enabled, it can switch from online to offline mode. In the event of a network outage, the cluster will automatically fall back to offline attestation using the artifacts stored in
/data/dcap-artifacts
.Can I enable offline attestation on a cluster that was not configured for attestation?
No. Offline attestation cannot be enabled on clusters that were initially set up without any attestation mode. In such cases, you must recreate the cluster with attestation enabled in the configuration.