Can we prevent EC2 instance from accessing the plain text data when using the AWS Nitro Enclave for encryption?

Question

I am working on a project where the data that comes from the customer through a REST API should be encrypted before sending it to the database. To do that, we need to use AWS Nitro Enclave to do the encryption. So Nitro Enclave will receive the data from the parent EC2, talk to KMS to retrieve the encryption key, encrypt the data and send it back to EC2, then EC2 will send it to the database.

The problem is that the data now is exposed in plain text to any one who can access to the EC2 which defeats the whole purpose of securing the data. My question is: Is there anyway that the data will be intercepted by the Enclave itself, in other words, can the TLS terminate in the Enclave? I know that the Enclave does not have any networking capability but I am not sure now how this Enclave solves the issue of securing the personally identifiable information.

Any clarification on this point is much appreciated.

Many thanks! Zak

Answer 1

TLS terminate in the Enclave?

Sure, you could use vsock-proxy (part of the Nitro Enclaves CLI installation) to pass the traffic (not terminated) directly to the Nitro Enclave, see https://nitro-enclaves.workshop.aws/en/my-first-enclave/secure-local-channel.html

Answer 2

As part of the attestation process you should provide a public key generated inside the enclave [1]. So if your client application on your customer side verifies the attestation of the enclave to ensure it is talking to the right code, it will also have this public key that can be used to agree on a symmetric encryption key. This way you can encrypt your data at source, send it encrypted to the enclave. Then your enclave may decrypt it and re-encrypt it with the key from KMS and send to the database via the parent instance.

[1] https://github.com/aws/aws-nitro-enclaves-nsm-api/blob/main/docs/attestation_process.md