- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IAS returns "SW_HARDENING_NEEDED" if the mitigations against known attacks are not represented in the received quote. So, the question is that how IAS checks the fact that mitigations are correctly handled. I couldn't understand that IAS checks them even though the IAS is a remote party.
Thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hyunsoo,
All of that data together comprise what you have probably seen as the Trusted Computing Base (TCB). The Intel Attestation Service maintains a database of acceptable TCBs for all Intel processors that support SGX. During attestation, the data in the provided quote is compared to the known-good TCBs maintained by Intel and you get the comparison results.
Sincerely,
Jesus G.
Intel Customer Support
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hyunsoo,
"Remote Attestation Service (IAS) examines only the quote sent by the service provider, or relying third party, to attest the enclave and the client platform.
Refer to the Data Structures chapter of the Intel® Software Guard Extensions (Intel® SGX) Attestation API Spec for details of the Attestation Evidence Payload."
Specifically, IAS uses the fields we discussed in your other post: MSRSIGNER, MRENCLAVE, the various SVNs, and the PSE Manifest.
The IAS attestation report contains a Platform Info Blob (PIB) that you can decode. The PIB is described in the Intel® Software Guard Extensions (Intel® SGX) Attestation API Spec.
For security purposes, Intel does not publish exactly how it uses all of that data to determine the security posture of the platform. Intel just tells you the data from the quote that it uses.
Whether the relying party should trust a quote with TCB issues is a policy decision. Security patches and recommended BIOS configurations harden the system against known vulnerabilities, and only the service provider can determine how much of a risk such a system presents. These decisions typically take the workload into account, as not all workloads are sensitive to specific vulnerabilities.
Sincerely,
Jesus G.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi G, Thanks for the reply.
Okay, I understand that the process detail may be confidential, but I just want to know high-level idea. For example, where that measure is performed and how they measure them are enough in this question. I guess that microcode has related something. Is there a material associated with this question? I didn't find it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hyunsoo,
All of that data together comprise what you have probably seen as the Trusted Computing Base (TCB). The Intel Attestation Service maintains a database of acceptable TCBs for all Intel processors that support SGX. During attestation, the data in the provided quote is compared to the known-good TCBs maintained by Intel and you get the comparison results.
Sincerely,
Jesus G.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page