PPFL
PPFL copied to clipboard
Published
20 hours ago •
mofanv
mofanv
the use of AES
Hi, @mofanv , it's really great work, and I have a question about the use of AES.
void aes_cbc_TA(char* xcrypt, float* gradient, int org_len)
{
IMSG("aes_cbc_TA %s ing\n", xcrypt);
//convert float array to uint_8 one by one
uint8_t *byte;
uint8_t array[org_len*4];
for(int z = 0; z < org_len; z++){
byte = (uint8_t*)(&gradient[z]);
for(int y = 0; y < 4; y++){
array[z*4 + y] = byte[y];
}
}
//set ctx, iv, and key for aes
int enc_len = (int)(org_len/4);
struct AES_ctx ctx;
uint8_t iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
uint8_t key[16] = { (uint8_t)0x2b, (uint8_t)0x7e, (uint8_t)0x15, (uint8_t)0x16, (uint8_t)0x28, (uint8_t)0xae, (uint8_t)0xd2, (uint8_t)0xa6, (uint8_t)0xab, (uint8_t)0xf7, (uint8_t)0x15, (uint8_t)0x88, (uint8_t)0x09, (uint8_t)0xcf, (uint8_t)0x4f, (uint8_t)0x3c };
//encryption
AES_init_ctx_iv(&ctx, key, iv);
for (int i = 0; i < enc_len; ++i)
{
if(strncmp(xcrypt, "encrypt", 2) == 0){
AES_CBC_encrypt_buffer(&ctx, array + (i * 16), 16);
}else if(strncmp(xcrypt, "decrypt", 2) == 0){
AES_CBC_decrypt_buffer(&ctx, array + (i * 16), 16);
}
}
//convert uint8_t to float one by one
for(int z = 0; z < org_len; z++){
gradient[z] = *(float*)(&array[z*4]);
}
}
For the encryption, it seems that we do not output the ctxt? I want to use the workflow of client-server AES, that is, client encrypts the message and sends the ctxt to the server, then decrypted inside the enclave.
Hi @DylanWangWQF , thanks!
Please note that we were using hardcoded AES keys inside both server and client TEEs. So key management is not presented, and this file is actually not necessary for our prototype. I guess maybe a tiny AES c like this https://github.com/kokke/tiny-AES-c is what you need? I remember our AES submodule (during previous tests) is from there.
