Data sealing is a hardware-enforced cryptographic operation that encrypts data using a key derived from the enclave's unique identity and the platform's Trusted Computing Base (TCB) security version. This ensures the sealed data can only be decrypted by the exact same enclave on the same physical processor, preventing access by malicious software, other enclaves, or even the same enclave running on a compromised platform with a downgraded security patch level.
Glossary
Data Sealing

What is Data Sealing?
Data sealing is a mechanism that cryptographically binds data to a specific enclave's identity and security version, allowing the enclave to securely persist secrets to untrusted storage and retrieve them only on the same platform.
The process typically involves an EGETKEY instruction that derives a sealing key from the processor's Hardware Root of Trust and the enclave's MRENCLAVE or MRSIGNER identity. This allows an enclave to securely write sensitive state—such as model weights or cryptographic keys—to untrusted external storage, guaranteeing confidentiality and integrity upon retrieval, as any tampering or platform rollback will produce an incorrect key and fail decryption.
Key Properties of Data Sealing
Data sealing is a critical mechanism that allows a Trusted Execution Environment (TEE) to securely persist secrets to untrusted external storage. It cryptographically binds data to a specific enclave's identity and security version, ensuring it can only be decrypted by the exact same application on the exact same platform.
Identity Binding
Data sealing cryptographically binds plaintext to the enclave's unique identity. The sealing key is derived from the MRENCLAVE (a hash of the enclave's code) or MRSIGNER (the author's signing key). This ensures that only an enclave running the exact same code, or code from the same trusted author, can unseal the data. This prevents a malicious or modified enclave from accessing persisted secrets.
Authenticated Encryption
The sealing process uses Authenticated Encryption with Associated Data (AEAD), typically AES-GCM. This provides both confidentiality and integrity. Any tampering with the sealed data blob on the untrusted storage will be detected immediately upon unsealing, causing a decryption failure. This guarantees that the enclave never processes corrupted or maliciously modified state.
Platform & Security Version Binding
Sealing policies can bind data to a specific Security Version Number (SVN) or CPUSVN of the platform's firmware and hardware. If a vulnerability is patched and the security version is incremented, an enclave can be configured to refuse to unseal data that was sealed on a vulnerable, older version. This prevents a rollback attack where an attacker downgrades the platform to exploit a known flaw.
Monotonic Counters for Replay Protection
To prevent an attacker from replacing the latest sealed data with a valid but older version (a replay attack), sealing can be bound to a hardware monotonic counter. The enclave increments the counter on each write and verifies it on read. If the counter in the sealed blob doesn't match the hardware's current counter value, the data is rejected, ensuring only the most recent state is restored.
Sealing to a Specific Enclave vs. Signing Identity
Two primary sealing policies exist:
- Sealing to the Enclave Identity (MRENCLAVE): Only the exact same enclave binary can unseal the data. Any code change breaks access.
- Sealing to the Signing Identity (MRSIGNER): Any enclave signed by the same developer key can unseal the data. This allows for seamless data migration between application versions from the same vendor.
Secure State Persistence
The primary use case for data sealing is maintaining a trusted state across power cycles. An enclave can seal its internal state (e.g., database encryption keys, user credentials, or a blockchain wallet) to the local disk. On restart, the enclave attests itself to a local or remote verifier, unseals its state, and resumes secure operation without human intervention to re-inject secrets.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Frequently Asked Questions
Clear answers to the most common questions about how enclaves cryptographically bind sensitive data to a specific platform identity for secure persistence on untrusted storage.
Data sealing is a cryptographic mechanism that binds sensitive data to a specific enclave's identity and security version, allowing the enclave to securely persist secrets to untrusted storage and retrieve them only on the same platform. The process works by deriving a sealing key from the enclave's unique measurement (such as MRENCLAVE in Intel SGX) and the processor's hardware root of trust. When an enclave wants to store data, it encrypts the plaintext using this platform-specific key, producing a sealed blob that can be safely written to disk or a database. Upon retrieval, the enclave requests the processor to unseal the blob; the hardware verifies that the requesting enclave matches the identity bound to the ciphertext before decrypting it. This ensures that even if an attacker gains full access to the storage medium, they cannot decrypt the sealed data without running the exact authorized enclave on the original hardware.
Related Terms
Data sealing is a foundational operation within Trusted Execution Environments. The following concepts define the ecosystem that makes secure persistence and identity verification possible.
Enclave Measurement
A cryptographic hash of the enclave's initial code, data, and configuration. Represented as MRENCLAVE in Intel SGX, this fingerprint uniquely identifies the software running inside the TEE. Data sealing binds secrets to this specific measurement, preventing unauthorized code from accessing protected data.
Hardware Root of Trust
A physically immutable, tamper-resistant module that serves as the foundational trust anchor for the platform. It underpins:
- Secure boot verification
- Attestation key generation
- Sealed storage encryption Without this root, cryptographic binding to a platform identity is impossible.
Trusted Computing Base (TCB)
The set of all hardware, firmware, and software components critical to security. A vulnerability in any TCB component compromises the entire system's guarantees. Data sealing ties secrets to a specific TCB version, ensuring that if a security flaw is patched, old sealed data cannot be retrieved by a downgraded, vulnerable system.
Side-Channel Attack
A non-invasive attack exploiting physical information leakage—such as timing, power consumption, or electromagnetic emissions—to extract secrets from a theoretically secure enclave. Defending against these attacks is critical because a compromised enclave could unseal data and expose it to an attacker monitoring the hardware.
Confidential Computing
The overarching hardware-based security paradigm that protects data in use. Data sealing is a core mechanism within this paradigm, allowing a TEE to securely persist state to untrusted storage. This closes the gap left by protecting data at rest and in transit, ensuring end-to-end confidentiality for sensitive workloads.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us