Giter VIP home page Giter VIP logo

epid-sdk's Introduction

Intel(R) EPID SDK

The Intel(R) Enhanced Privacy ID Software Development Kit

Intel(R) EPID SDK enables adding Intel(R) EPID support to applications and platforms.

Intel(R) EPID is a cryptographic protocol which enables the remote authentication of a trusted platform whilst preserving the user's privacy.

  • For a given public key there are many (e.g., millions) of private keys. The key holders form a group.

  • Any key holder may sign against the one public key.

  • No one can tell which private key signed the data. This is the privacy property.

You can use Intel(R) EPID as a foundational building block for a multitude of security solutions.

⚠️ DISCONTINUATION OF PROJECT

This project will no longer be maintained by Intel(R).  Intel(R) will not provide or guarantee development of or support for this project, including but not limited to, maintenance, bug fixes, new releases, or updates.  Patches to this project are no longer accepted by Intel(R). If you have an ongoing need to use this project, are interested in independently developing it, or would like to maintain patches for the community, please create your own fork of the project.

Prerequisites

What's New in This Release

See CHANGELOG.md.

Documentation

See doc/index.html to browse the html documentation.

License

See LICENSE.txt.

Math Primitives

The source code used for math primitives in the Intel(R) EPID SDK is a subset of the Intel(R) IPP Cryptography library written in pure C and not optimized for performance. For higher performance, you can use the full version available at [https://github.com/intel/ipp-crypto].

Used by FDO

epid-sdk's People

Contributors

dukedavis12 avatar eozturk1 avatar jdominik-intel avatar mav-intel avatar mpkolasi avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

nmaiti reinders davenpcj5542009 ellerbrock cloud-architecture unsecureio asomsiko andrey-golubev eozturk1 zhuowenzou dukedavis12 ndinh215

epid-sdk's Issues

Possible performance improvements

We are trying to improve the performance of EPID and and were wondering what are some places that this is possible, e.g., compilation options, replacing IPP-Crypto with an optimized version?

Tool for generating revocation lists?

We are trying to measure the performance of EPID regarding different revocation list sizes and we are using available revocation lists under example/data. Is there a tool available for generating revocations lists with varying sizes?

If there is not, are the formats of the revocation lists available?

Support for OSX?

Does the SDK support OSX?

The documentation mentions only windows/linux.

SDK can't be built for debug using make

It seems the project only supports optimization build (-O2). In this case, for a project which depends on EPID-SDK, if it supports -O0 build, it may get option conflict warnings because of the mixed build mode. If it enables -Werror, the build would be failed.

/usr/include/features.h:381:4: error: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Werror=cpp]

So how about providing an option to let user decide the build mode? Of cause, you can make optimization build as the default build mode.

Fatal error when building

Hey,

I want to build the epid-sdk on my ubuntu machine (Ubuntu 20.04.3). However, I constantly get an error that a file does not exist.

Last part of the building output:

scons: done reading SConscript files.
Parts: Updating disk
Parts: Updating disk - Done
Message: build mode not specified for 'member'. Defaulting to 'static'
Parts: Loaded 30 Parts
Parts: Total sections: 37 Total known nodes: 6444
scons: Building targets ...
/usr/bin/gcc -o _build/build_release_posix-x86_64/verifier-2c2f/src/1.1/nrverify.o -c -O2 -Werror -Wall -Wextra -Wformat -Wformat-security -fstack-protector -fPIC -Wno-missing-braces -Wno-missing-field-initializers -Wno-unknown-pragmas -Wno-unused-function -fno-strict-aliasing -Wno-unused-but-set-variable -Wno-comment -DNDEBUG -D_FORTIFY_SOURCE=2 -I_sdk/release_posix-x86_64_default/epiddefs_0.0.0_52b9/include -I_sdk/release_posix-x86_64_default/common_0.0.0_2c2f/include -I_sdk/release_posix-x86_64_default/ippmath_0.0.0_2c2f/include -Iepid/verifier/include -Iepid/verifier/header -Iepid/verifier epid/verifier/src/1.1/nrverify.c
epid/verifier/src/1.1/nrverify.c:18:10: fatal error: ippcp.h: No such file or directory
   18 | #include <ippcp.h>
      |          ^~~~~~~~~
compilation terminated.
scons: *** [_build/build_release_posix-x86_64/verifier-2c2f/src/1.1/nrverify.o] Error 1
scons: building terminated because of errors.
Parts: Error!: Summary: 1 build failure detected during build
 Part:"verifier"
 Target:"posix-x86_64"
 Config:"release"
 Node:"_build/build_release_posix-x86_64/verifier-2c2f/src/1.1/nrverify.o"

Infos that might be useful:

**************** VERSIONS *************
* Python Version: 3.8.10
* SCons  Version: 4.3.0
* Parts  Version: 0.16.4
* Compiler Version: GCC 9.3.0 and GXX 9.3.0
* Default Libs:
* 	/usr/lib/x86_64-linux-gnu/libc_nonshared.a)elf-init.oS\nattempt to open /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 succeeded\n/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2\n/usr/lib/x86_64-linux-gnu/libc_nonshared.a\n/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/libgcc_s.so succeeded\nopened script file /usr/lib/gcc/x86_64-linux-gnu/9/libgcc_s.so\n/usr/lib/gcc/x86_64-linux-gnu/9/libgcc_s.so\nopened script file /usr/lib/gcc/x86_64-linux-gnu/9/libgcc_s.so\nattempt to open libgcc_s.so.1 failed\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/libgcc_s.so.1 failed\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/../../../x86_64-linux-gnu/libgcc_s.so.1 succeeded\n/usr/lib/gcc/x86_64-linux-gnu/9/../../../x86_64-linux-gnu/libgcc_s.so.1\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/libgcc.so failed\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/libgcc.a succeeded\n/usr/lib/gcc/x86_64-linux-gnu/9/libgcc.a\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/libgcc.so failed\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/libgcc.a succeeded\n/usr/lib/gcc/x86_64-linux-gnu/9/libgcc.a\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/crtendS.o succeeded\n/usr/lib/gcc/x86_64-linux-gnu/9/crtendS.o\nattempt to open /usr/lib/gcc/x86_64-linux-gnu/9/../../../x86_64-linux-gnu/crtn.o succeeded\n/usr/lib/gcc/x86_64-linux-gnu/9/../../../x86_64-linux-gnu/crtn.o\nld-linux-x86-64.so.2 needed by /lib/x86_64-linux-gnu/libc.so.6\nfound ld-linux-x86-64.so.2 at /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
* Libc/SDK: ld-linux-x86-64.so.2
***************************************

I don't know how to setup the dependencies in order to build the SDK. I hope that you can help me.

Integrating with OSS-Fuzz

Greetings epid-sdk developers and contributors,

We’re reaching out because your project is an important part of the open source ecosystem, and we’d like to invite you to integrate with our fuzzing service, OSS-Fuzz. OSS-Fuzz is a free fuzzing infrastructure you can use to identify security vulnerabilities and stability bugs in your project. OSS-Fuzz will:

  • Continuously run at scale all the fuzzers you write.
  • Alert you when it finds issues.
  • Automatically close issues after they’ve been fixed by a commit.

Many widely used open source projects like OpenSSL, FFmpeg, LibreOffice, and ImageMagick are fuzzing via OSS-Fuzz, which helps them find and remediate critical issues.

Even though typical integrations can be done in < 100 LoC, we have a reward program in place which aims to recognize folks who are not just contributing to open source, but are also working hard to make it more secure.

We want to stress that anyone who meets the eligibility criteria and integrates a project with OSS-Fuzz is eligible for a reward.

If you're not interested in integrating with OSS-Fuzz, it would be helpful for us to understand why—lack of interest, lack of time, or something else—so we can better support projects like yours in the future.

If we’ve missed your question in our FAQ, feel free to reply or reach out to us at [email protected].

Thanks!

Tommy
OSS-Fuzz Team

What does "tiny" refer to?

What does tiny refer to for implementations under member/tiny? Is this an optimized implementation in terms of space usage or computation cost?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.