SGX-Tor is a Tor anonymity network in the SGX environment. This project will be published in NSDI'17.
Notice Due to the recent patch in remote attestation protocol in SGX SDK, we are currently updating and modifying the SGX-Tor code, which makes SGX-Tor does not correctly work. We believe we can release the new version of SGX-Tor in March.
- See
(rootdir)/linux-driver/README.mdand(rootdir)/linux-sdk/README.md
$ cd (rootdir)/Enclave/TrustedLibrary/LibEvent_SGX
$ ./configure
$ make
$ cd (rootdir)/Enclave/TrustedLibrary/OpenSSL_SGX
$ ./ina_setting.sh
$ make
$ cd (rootdir)/Enclave/TrustedLibrary/zlib-1.2.8
$ make
###Build SGX-Tor and Run in an enclave
$ cd (rootdir)/
$ make SGX_MODE=HW SGX_DEBUG=1
$ ./app
###Compile OpenSSL Libraries
Install ActivePerl
Use 'VS2013 x64 Native Tools Command Prompt'
- Application and SGX OpenSSL library should be built respectively
$ cd (rootdir)/SGX-Tor_WIN/OpenSSL_APP
or
$ cd (rootdir)/SGX-Tor_WIN/OpenSSL_SGX
- compile
$ ina_setting.bat
$ ina_build.bat
bntest.obj : error LNK2019: messages are OK
- clean
$ ina_clean.bat
###Build LibEvent Libraries
- Application and SGX LibEvent library should be built respectively
$ cd (rootdir)/SGX-Tor_WIN/LibEvent_APP
or
$ cd (rootdir)/SGX-Tor_WIN/LibEvent_SGX
- compile
$ nmake -f Makefile.nmake
###Build ZLib Library
$ open folder (rootdir)/SGX-Tor_WIN/zlib-1.2.8/contrib/vstudio/vc11
$ start zlibvc.sln
$ change configuration to Release mdoe
$ change Platform to x64.
$ visual studio build
###Run SGX-Tor
SGX-Tor will be executed as a client. You can check it by using firefox browser
$ change configuration to Prerelease mdoe
$ change Platform to x64.
$ 'project TorSGX' mouse right click -> Properties
$ change Debugger to launch to Intel(R) SGX Debugger
$ change Working Directory to $(OutDir)
$ do same thing to 'project TorVS2012'
$ build each solution
$ run
- Warning: use sdk version 1.6 in this repository. SGX-Tor does not work on sdk version 1.7.
###For setting private network ####Setting torrc
these settings are needed only once
- setting three authorities
$open TorOriginial2012 directory
$double click ina_fingerprint.bat
$double click ina_gencert.bat
$modify ip_list in ina_set_fingerprint.py to what you want
$(ex. "10.0.0.1", "10.0.0.2", "10.0.0.3")
$double click ina_set.bat
$SGX-Tor_WIN/nodes/A00x/torrc ,/C001/torrc ... all torrc are changed to their own fingerprint.
$copy a DirAuthority line and paste another torrc
$ open torrc and change OrPort, Address and DirPort to appropriate value
- setting client
$ change DirAuthority lines in C001/torrc to authorities information
$ set project arguments
- arguments setting
Seongmin Kim dallas1004@gmail.com
Juhyeng Han sparkly9399@gmail.com
Jaehyeong Ha thundershower@kaist.ac.kr
Seongmin Kim dallas1004@gmail.com
Juhyeng Han sparkly9399@gmail.com
Jaehyeong Ha thundershower@kaist.ac.kr
Taesoo Kim taesoo@gatech.edu
Dongsu Han dongsuh@ee.kaist.ac.kr
Please use the citation below as the canonical reference to SGX-Tor.
Enhancing Security and Privacy of Tor's Ecosystem by using Trusted Execution Environments
Seongmin Kim, Juhyeng Han, Jaehyeong Ha, Taesoo Kim, Dongsu Han
NDSI 2017
@inproceedings{sgx-tor,
title = {{Enhancing Security and Privacy of Tor's Ecosystem by using Trusted Execution Environments}},
author = {Seongmin Kim and Juhyeng Han and Jaehyeong Ha Taesoo Kim and Dongsu Han},
booktitle = {14th USENIX Symposium on Networked Systems Design and Implementation (NSDI 17)},
year = 2017,
}