Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

A question about program integrity with remote attestation

wwfbear789
Beginner
‎11-20-2022 06:49 AM
929 Views
Solved Jump to solution

Intel SGX provides a remote attestation, which means that the client can trust the program running in the Enclave of the SGX application running on the server. However, since the communication between the client and server runs in the untrusted area, I believe that the client cannot guarantee that the data sent by the client will be processed correctly (e.g., a process in the untrusted area is tampered with and does not transition into the Enclave). Is this correct?

0 Kudos
1 Solution
KFPW_Intel
Moderator
‎11-21-2022 05:41 PM
881 Views
Solved Jump to solution

Hi,

 

In order for Remote Attestation to work, the client's enclave must proves the following:

 

  1. The identity
  2. That it has not been tampered with
  3. That it is running on a genuine platform with Intel SGX enabled
  4. That it is running at the latest security level, also referred to as the Trusted Computing Base (TCB) level

 

After all these conditions are met, only then is a connection between client and server established and the remote server can safely provision secrets to the enclave.

 

The Remote Attestation utilizes a modified Sigma protocol to facilitate a Diffie-Hellman Key Exchange (DHKE) between the client and server. The shared key obtained from this exchange can be used by the service provider to encrypt secrets to be provisioned to the client. The client enclave is able to derive the same key and use it to decrypt the secret.

 

Here is the complete attestation flow figure for your reference.

KFPW_Intel_0-1669081441416.png

 

Refer this Article (Provisioning Secrets with Remote Attestation) for more information. Hope this is helpful.

 

Regards,

Ken

 

View solution in original post

Copy link

Link Copied

2 Replies
KFPW_Intel
Moderator
‎11-21-2022 05:41 PM
882 Views
Solved Jump to solution

Hi,

 

In order for Remote Attestation to work, the client's enclave must proves the following:

 

  1. The identity
  2. That it has not been tampered with
  3. That it is running on a genuine platform with Intel SGX enabled
  4. That it is running at the latest security level, also referred to as the Trusted Computing Base (TCB) level

 

After all these conditions are met, only then is a connection between client and server established and the remote server can safely provision secrets to the enclave.

 

The Remote Attestation utilizes a modified Sigma protocol to facilitate a Diffie-Hellman Key Exchange (DHKE) between the client and server. The shared key obtained from this exchange can be used by the service provider to encrypt secrets to be provisioned to the client. The client enclave is able to derive the same key and use it to decrypt the secret.

 

Here is the complete attestation flow figure for your reference.

KFPW_Intel_0-1669081441416.png

 

Refer this Article (Provisioning Secrets with Remote Attestation) for more information. Hope this is helpful.

 

Regards,

Ken

 

Copy link
KFPW_Intel
Moderator
‎11-24-2022 08:11 PM
827 Views
Solved Jump to solution

Hi,

 

Thank you for your question and the accepted solution. Hope the information provided is helpful. If you need any additional information from Intel, please submit a new question as this thread is no longer being monitored.

 

Regards,

Ken

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.