-
Create an SGX-capable VM in Azure: Ubuntu 22.04 LTS, dc2s_v3. Note that you require an Azure account to provision the resources. One can use either the Azure web portal, or the Azure client from the command line.
Note that to perform any actions, you need to be logged in. On the web portal, follow the instructions there. With Azure client, you need to perform
az loginand follow the instructions accordingly.Make sure you obtain store the necessary login information for the VM (e.g., ssh keys).
IMPORTANT NOTE: The praas_server python runs also on Ubuntu 20.04. The default python in Ubuntu 20.04 is 3.8 compared with 3.10 in Ubuntu 22.04. Bigger datasets may fail with an out-of-memory error in python3.8. The proof for spamnet can be also generated in Ubuntu 20.04 (or if the other datasets are split into multiple pieces, they can also work). Proofs for bigger datasets can be generated in Ubuntu 22.04 (cifar10, mnist, fashionmnist).
If Ubuntu 20.04 is used, the requirements of the property computation functions (e.g.,
praas_py_client/property_computation_functions/mnist/requirements.txt) need to be adjusted to use python3.8 for torch (rather than 3.10). -
ssh into the VM.
-
Run
install_vm_dependencies.shto configure dependencies and install openenclave. This script is copied from the original openenclave repo instructions (/~https://github.com/openenclave/openenclave/blob/v0.9.x/docs/GettingStartedDocs/install_oe_sdk-Ubuntu_18.04.md) and modified to match 20.04.chmod +x install_vm_dependencies.sh ./install_vm_dependencies.sh
The SGX platform is not needed, because the above VM comes with SGX platform software installed.
- Install the necessary python packages for running the client.
cd praas_py_client/
sudo python3 -m pip install -r requirements.txt
cd ..
- Install the necessary python packages for running the server.
cd praas_py_server/
sudo python3 -m pip install -r requirements.txt
cd ..
-
Create the datasets:
cd praas_py_client/data python3 create_dataset_spamnet.py 1 python3 create_dataset.py mnist 1 python3 create_dataset.py fashionmnist 1 python3 create_dataset.py cifar10 1 cd ../..
-
Run the server:
cd praas_py_server make sgx-praas-server -
Afterwards, you can trigger the proof generation via by running the client, which will also verify the proof (i.e., quote verification as well as verifying the enclave signature):
cd praas_py_client ./run_example_proof.sh spamnet ./run_example_proof.sh mnist ./run_example_proof.sh fashionmnist ./run_example_proof.sh cifar10The produced proofs will be available under
proofs/folder. -
The produced proofs can also be verified standalone:
python3 check_proof.py proofs/proof_data_spamnet_data_0.tar.gz.json python3 check_proof.py proofs/proof_data_mnist_data_0.tar.gz.json python3 check_proof.py proofs/proof_data_fashionmnist_data_0.tar.gz.json python3 check_proof.py proofs/proof_data_cifar10_data_0.tar.gz.json