Since our announcement last year on developing our open source Rust SDK, hundreds of developers have shown interest in this platform. Today, we are excited to announce the launch of Fortanix Enclave Development Platform (EDP). Fortanix Enclave Development Platform (EDP) is the preferred way to write Intel SGX enclaves from scratch. Through EDP, developers can securely create applications using the Rust programming language. The Rust language, combined with Intel® SGX, makes the application secure from many common development vulnerabilities and outsider attacks. Fortanix EDP leverages Runtime Encryption®, protecting the application during runtime.
Rust is a modern language with advanced static analysis tools built into the compiler. Rust is low-level in that it allows you to write any code C would allow you to, including device drivers, dynamic linkers, and bootloaders. On the other hand, it’s also high-level and therefore much easier to use than C for writing parallel programs, web applications, and even web frontends. Rust’s built-in static analysis makes quick work of common software bugs such as dangling pointers, type confusion, and buffer overflows.
The Rust language and compiler provides strong protection against remote code execution and information leakage vulnerabilities. Therefore, we use Rust in conjunction with our Runtime Encryption® platform based on Intel® SGX to create a variety of secure applications. A prime example of this is our Fortanix Self-Defending KMS™, a fully self-contained secure Key Management and HSM solution running in a secure enclave. Because the server’s TLS private key is secured within the enclave, a client can be assured that it’s talking to a secure backend. A root user or the OS will not be able to steal that private key and impersonate the application server.
Only hardware can fight and defeat hardware. Fortanix Runtime Encryption® decouples the security of an application from the security of the infrastructure. It assumes that the infrastructure is compromised, as was the case in the Big Hack. However, applications running with Runtime Encryption® remain protected wherever they run.
The code in secure enclaves is the most security-critical part of your application. Rust’s advanced static analysis, built right into the compiler, makes it easy to have confidence in the security of your program.
The EDP is what Fortanix uses in-house for various products, such as the award-winning Fortanix Self-Defending KMS. Our years of experience running secure enclaves in production have informed the design of the EDP to fit application developer’s needs.
Easy to use
Rust EDP applications are just like native applications. They have a main function, can have multiple threads, and can make network connections. You don’t have to write any “untrusted” code that runs outside the enclave.
Compatible with existing Rust code
The Fortanix EDP is fully integrated with the Rust compiler. Rust code that doesn’t link to native libraries and that doesn’t use processes or files should compile out of the box. You’ll be able to use new features in the compiler release immediately. Thanks to Rust’s stability, old code will continue to work after upgrading your compiler.
To get started, visit edp.fortanix.com. Our developer guide has a wide range of examples and instruction to get you started. To discuss your requirements with our experts, contact us at firstname.lastname@example.org. or join our Runtime Encryption® slack community.
Get our blog updates in your inbox: