6.1 KB


This repository contains Docker files for reproducing the implementation of the server-side code for the paper:

Miti Mazmudar, Ian Goldberg. "Mitigator: Privacy policy compliance using trusted hardware".
Proceedings on Privacy Enhancing Technologies. Vol. 2020, No. 3. 18 pages. July 2020.

Note: This system requires a machine with Intel Software Guard Extension (SGX) in order to be built and to function correctly. We install appropriate versions of the following through our dockerscripts.

  • Linux SGX driver
  • Graphene-SGX driver
  • Linux SGX SDK
  • Graphene-SGX library OS

Linux SGX and Graphene-SGX drivers and the Linux SGX SDK through our dockerscripts below.

This system consists of three enclaves: a decryptor, a verifier and a target enclave. The target enclave is a PHP-enabled apache web server, which obtains user data through forms and we wish to ensure compliance of the webserver with its privacy policy. The Linux SGX driver and Linux SGX SDK are required to run the decryptor enclave. The Linux SGX SDK is also required for the enclaves to attest to each other and to seal secrets to disk. We use the Graphene-SGX library to support running a proof-of-concept verifier and the target application. The target application also contains a PHP extension to interface with the decryptor enclave. The Graphene-SGX driver is required to run any applications within Graphene.

We use Docker scripts to reproduce our setup for our paper. Two of our scripts set up drivers and the others set up and launch a docker container for running the three enclaves.

  • build-driver: builds version f7dc97c0 of the Linux SGX driver and version 30d4b940 of the Graphene-SGX driver, as kernel modules.
  • install-driver: installs the kernel modules generated by the build-driver script onto the machine.
  • build-mitigator: builds three docker images, one for each of the Dockerfiles in the sgx-docker/, graphene-docker/, and docker/ folders respectively.
  • run-mitigator: creates a detached docker container with the image initialized in the build-mitigator script. Re-run this script after any changes to the build-mitigator script to recreate a docker container with the new docker image.
  • attach-mitigator: attaches to the container created by the run-mitigator script. This lets you interact with the docker container through the terminal.
  • stop-mitigator: stops the container created by the run-mitigator script. This needs to be run before re-creating a container with a new image through run-mitigator.

The docker images download the following software:

sgx-docker/Dockerfile: installs branch sgx_2.1 of the Linux SGX SDK and PSW

graphene-docker/Dockerfile: downloads and installs our mirror of a branch of the Graphene-SGX library OS.


  • Our own codebase for the Decryptor enclave, the Verifier enclave and the PHP extension for the Apache web server.
  • We install our repository for the Protobuf definitions for passing messages between enclaves during and after local attestation.
  • The decryptor enclave requires the Linux SGX SDK as well as the Intel SGX SSL library for performing cryptography operations safely within an enclave.
  • The Intel SGX SSL repo essentially interfaces functions from the OpenSSL library, and so we install a compatible version of that library.
  • To avoid code duplication, the verifier and the PHP extension use the same source code files for performing local attestation; these files are also made available in our repo.
  • As Graphene-SGX does not support local attestation, we patched the SGX SDK libraries to run them on Graphene; the verifier uses our patch of these libraries.
  • We have tested the verifier with the Pixy source code analysis tool to perform the compliance check, however this code is commented out for now.
  • The PHP extension requires PHP-CPP to make the C++ functions of the extension available to the PHP pages. We provide manifests for the verifier and the PHP extension binaries in order to run them within Graphene-SGX. We use Graphene-SGX's Apache sample application for the Apache web server, with PHP version 7 installed from source.

Build steps

  1. On an SGX-supporting machine with sudo privileges, run ./build-driver and then sudo ./install-driver. This step requires having sudo privileges in order to insert kernel drivers into the machine. The Intel SGX and Gtaphene SGX drivers that are built and installed are the standard ones unmodified by us.
  2. On the same machine, run the build-mitigator script to build the docker images. Enter the docker container by running run-mitigator and then attach-mitigator. After entering the docker container, run the deploy_enclaves script to create the three enclaves. The decryptor enclave is created first, followed by the verifier and then the Apache server, each in a different tmux session. To restart the Apache server after stopping it, you need to stop the decryptor and then run the deploy_enclaves script. This restarts the decryptor, verifier and the Apache server in that order.


We require a client to install our Firefox browser extension to test our server-side setup. The last script opens up the port on which the Mitigator server is running within the docker container (port 8001). The server form page can be retrieved on the server machine by accessing http://server_address:8001/index.php. The browser extension will automatically encrypt all form fields to the decryptor enclave when the submit button is pressed.