Can Intel Access the States within an SGX Enclave?

I am going to state up front that I don’t know the answer. However, I am going to make an educated guess based upon what I know from having been an architect at Intel working in the security space.

It is certainly possible that there is a backdoor into an SGX enclave. One that Intel put there. Possibly to meet the requirements of some customer or a government agency. And if so, the chances are that someone at Intel knows the key to that backdoor. However, I think it is unlikely. Now for why.

Intel's Security Mantras

Intel has a series of Mantras that every employee learns by heart. They give you a copy with your yearly calendar that you wear on the badge you hang around your neck. They are repeated over and over again. One of them is “obey both the spirit and letter of the law.” This paraphrase is stuck in my mind, just as the mission of the ROTC cadet corps I repeated in high school 40 years ago. As an Intel employee, you know not to take bribes because they are not only factually illegal most places but the idea of them is illegal. Therefore, creating a way to break into a system is in the same vein. It not only violates the law but the very idea of it is illegal.

The Dangers of Backdoors

Moreover, even if you don’t work for Intel but you work in security, you learn things. One of the things that nearly every security researcher and worker knows is that you can’t make a backdoor that only lets the good guys in. Any backdoor is a hole in your security that will be used against you. And it is easier for the bad guys to exploit it than the good guys. So any backdoor is an extremely bad idea. You are better off having no security than having security with a backdoor.

Innovative Security Measures

Given these abstract facts, I am going to guess that there is no such backdoor intentionally put in. If one exists, which I doubt, it is almost certainly accidental.

Furthermore, I am going to illustrate this with an example of something I do know about. There are keys in every Intel chip that allow one to customize it. Special keys are made for each Original Equipment Manufacturer (OEM) that is allowed to specify and make custom versions of an x86 chip. Each OEM is given a unique one so that if they are ever hacked or leaked, it is easy to trace whose fault it is. These keys are worth millions and probably billions of dollars. But someone must make those keys, and that requires these special keys that only a few people in Intel know. Moreover, they are done this special way so that one person doesn’t know enough to be able to create OEM keys by themselves. It takes a set of them, I suspect three but it might be five, to do so. And there are only a limited number of people who have those keys—maybe a dozen total in the world possibly less. It is similar to the keys to unlock the root DNS.

This is a very typical fact in the security world. There are some things so secret that you simply don’t let anyone person know. You make it require a set of people who all know only part of the secret. And you let only a few people know even those parts. People are the weak link in any security system. Thus, you protect people against themselves. You don’t make backdoors for good people because while most people are good most of the time, no one is good all of the time. No one is beyond temptation. Power corrupts, and absolute power corrupts absolutely. So, you make certain there is no absolute power. You never make the “one ring” because its existence is corrupting by itself. Thus, a backdoor into an enclave is a bad idea. It is something that would break security by itself, even if you never intend to use it.

Conclusion

In conclusion, based on the security best practices and the inherent risks associated with backdoors, it is highly unlikely that Intel would create a backdoor into an SGX enclave. The security risks and the impracticality of maintaining such a backdoor outweigh any potential benefits. Security is a collective effort, and Intel, as an industry leader, must adhere to high ethical and legal standards to ensure the integrity and confidentiality of its systems.