Skip to content

Encrypted Python Programs and Encrypted Input

With the help of a simple wordcount Python program, we show how to execute encrypted Python code inside of an SGX enclave. In this example, we also show how to encrypt an input file. The Python engine itself also runs inside the same enclave.

We put both the Python code as well as the input file of the wordcount in the same encrypted filesystem. Typically, we would put the Python code in the encrypted filesystem of the image and the encrypted input and output files in one or more encrypted volumes mapped into the container.

SCONE Configuration

This Python image that we use is not intended for production usage

The Python libraries in the Python base image **are not encrypted*. Moreover, the Python engine runs inside of a debug enclave. Contact us, if you need a production-ready Python engine with encrypted Python libraries.*

You require access to the images

This demo uses private docker and github repos. To get access to these repos, please send us an email.

Getting the Code

After you gotten access to the repos, you can get the code via:

git clone https://github.com/scontain/EncryptedWordCount.git

and then enter directory EncryptedWordCount

cd EncryptedWordCount

Files

The Python source code and the input file is stored in directory native-files/. The wordcount.py code is just some very simple Python code to count the frequency of words in a given file:

#!/usr/bin/python
import sys
file=open(sys.argv[1],"r+")

wordcount={}
for word in file.read().split():
    if word not in wordcount:
        wordcount[word] = 1
    else:
        wordcount[word] += 1
for k,v in wordcount.items():
    print k, v

Creating Image with Encrypted wordcount

The repository includes a script create_image.sh that

  • encrypts the files in directory native-files/: the files are integrity, confidentiality and rollback protected
  • attests that CAS is a proper CAS running inside an enclave and then stores the TLS certificate of the CAS in the local file system
  • generates a docker image containing a Python engine which runs inside of an enclave
  • pushes a security policy to CAS via TLS (checking the certificate of CAS) that includes (a) the encryption key of the encrypted files, and (b) limits access to the generated image
  • access to the security policy is controlled via a self-generated key pair

Perform all of the above steps by executing the following shell script:

./create_image.sh

This creates an image encryptedwordcount stored in the local registry and a session in a SCONE Configuration and Attestation Service (CAS) running on a remote site.

We assume in this demo that the creation of the wordcount image is performed on a trusted host. The execution of the wordcount can be performed on an untrusted host. For simplicity, we execute on the same host.

Running the wordcount image

First, read some environment variables set by ./create_image.sh

source myenv

and then start the wordcount.py with docker-compose:

docker-compose up

You will see quite some log output ending with

...
python_1  | scone 1
python_1  | region. 3
python_1  | Hence, 1
python_1  | {ephemeral 1
python_1  | without 1
python_1  | command 1
python_1  | File 1
python_1  | mechanisms. 1
python_1  | region: 1
python_1  | the 19
python_1  | path. 1
python_1  | document. 1
encryptedwordcount_python_1 exited with code 0

Stop the compose file with control-C.

Cleanup

Cleanup afterwards by executing:

docker-compose down

also remove temporary files if so desired

rm -rf encrypted-files/ fspf-file myenv client-key.pem client.pem myenv native-files/keytag session.yml

before starting it with docker-compose up again.

Contacts

© scontain.com, July 2019. Questions or Suggestions?