Time performance

[Augusto Henriques]

Hello,

Since my machine does not have the necessary requirements to run DCAP attestation, could someone kindly give some information about time performance of generating and verifying the quote? The larger the program, the longer it will take to verify the quote or generate the quote, or both (which of the two phases will have more impact)? For example, in a program with x size and takes y time to perform remote attestation, if the program duplicates (2x) size, the time also duplicates(2y)? I would be thankful if someone could give me real numbers that serve as justification for my investigation report. Or some estimation, for example, a program that takes x time to create a perform the execution under enclave, with remote attestation the time will increase ≈y%.

Thanks,

Gus.

[Dmitrii Kuvaiskii]

The time to generate the SGX quote, as well as the time to verify the SGX quote, is *not* related to the size of the program. So, the quote generation/verification time is a constant.

The size of the program matters when the SGX enclave with this program is *being created*. At that point, the initial code + data pages of the program are EADDed (Enclave ADDed) to the SGX enclave. This addition of pages to the enclave has a more or less linear relationship to the program size (more specifically, its initial code & data state).

--
You received this message because you are subscribed to the Google Groups "Gramine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/31148b70-80e4-4248-a781-78d73ea26a05n%40googlegroups.com.

--

Yours sincerely,
Dmitrii Kuvaiskii

[Augusto Henriques]

Hello,

Thank you very much for the explanation, you helped me a lot. One more thing, about the constant time of performing remote attestation, do you have an estimated value? Is it less than 1 second or it depends on the machine? The time of generating the quote is greater than verifying it?

Thank you again,

Gus.

[Dmitrii Kuvaiskii]

If we're talking about DCAP attestation, then both SGX quote generation and verification should be surely less than 1 second.

I have no hard numbers to prove this though.

Generating the quote is typically faster than verifying the quote. I can't say by how much (since I never measured it), but the generation logic has fewer things to perform than the verification logic.

On Mon, Oct 17, 2022 at 12:16 PM Augusto Henriques <augustohen...@gmail.com> wrote:

Hello,

Thank you very much for the explanation, you helped me a lot. One more thing, about the constant time of performing remote attestation, do you have an estimated value? Is it less than 1 second or it depends on the machine? The time of generating the quote is greater than verifying it?

Thank you again,

Gus.

A segunda-feira, 17 de outubro de 2022 à(s) 10:12:24 UTC+1, Dmitrii Kuvaiskii escreveu:

The time to generate the SGX quote, as well as the time to verify the SGX quote, is *not* related to the size of the program. So, the quote generation/verification time is a constant.

The size of the program matters when the SGX enclave with this program is *being created*. At that point, the initial code + data pages of the program are EADDed (Enclave ADDed) to the SGX enclave. This addition of pages to the enclave has a more or less linear relationship to the program size (more specifically, its initial code & data state).

On Sun, Oct 16, 2022 at 4:38 PM Augusto Henriques <augustohen...@gmail.com> wrote:

Hello,

Since my machine does not have the necessary requirements to run DCAP attestation, could someone kindly give some information about time performance of generating and verifying the quote? The larger the program, the longer it will take to verify the quote or generate the quote, or both (which of the two phases will have more impact)? For example, in a program with x size and takes y time to perform remote attestation, if the program duplicates (2x) size, the time also duplicates(2y)? I would be thankful if someone could give me real numbers that serve as justification for my investigation report. Or some estimation, for example, a program that takes x time to create a perform the execution under enclave, with remote attestation the time will increase ≈y%.

Thanks,

Gus.

--
You received this message because you are subscribed to the Google Groups "Gramine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/31148b70-80e4-4248-a781-78d73ea26a05n%40googlegroups.com.

--

Yours sincerely,
Dmitrii Kuvaiskii

--
You received this message because you are subscribed to the Google Groups "Gramine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/345c9b50-3349-499f-80bd-7e5e6ed0f739n%40googlegroups.com.

[Augusto Henriques]

Hello!

Great, that's all I need!

Thank you again for you time!
Gus