Community
cancel
Showing results for 
Search instead for 
Did you mean: 
fskpyro
Beginner
192 Views

DCAP session key

Jump to solution

After remote attestation, service provider use ga & gb to derive session key for future messages encryption. The DCAP code sample only perform quote generation & quote verification. Is there any mechanism to provision secrets after the quote has been verified?

Labels (1)
0 Kudos
1 Solution
JesusG_Intel
Moderator
181 Views

Hello fskpyro,


For DCAP, Intel provides the quote generation/verification pieces and leaves it up to the ISV to choose their own mechanism for exchanging secrets. Most ISVs use TLS terminating inside the enclave, but there are other ways it could be done.


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

6 Replies
JesusG_Intel
Moderator
182 Views

Hello fskpyro,


For DCAP, Intel provides the quote generation/verification pieces and leaves it up to the ISV to choose their own mechanism for exchanging secrets. Most ISVs use TLS terminating inside the enclave, but there are other ways it could be done.


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

fskpyro
Beginner
175 Views

Hello Jesus G,

 

Thanks for your answer, there is another question: sgx_create_enclave in my sgx app take about 15min to 30min to return, after this call, everything just perfect, is there any suggestions to find out the reason? (The samples return quick as usual)

 

Thanks,

fskpyro

JesusG_Intel
Moderator
157 Views

Hello fskpyro,


Please provide more details in the form of source code and project configuration files, so we can troubleshoot why sgx_create_enclave takes so long.


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
129 Views

Hello fskpyro,


If you still need help with this issue, please provide more details in the form of source code and project configuration files, so we can troubleshoot why sgx_create_enclave takes so long.


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
105 Views

Hello fskpyro,


We have not heard from you in several days so we will no longer monitor this thread. We hope you were able to resolve your issue. Please start a new thread if you need further help.


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
103 Views

Hello fskpyro,


I hope you have been able to resolve your issue. I have not heard back from you so I will close this inquiry now. If you need further assistance, please open a new thread.


Sincerely,

Jesus G.

Intel Customer Support


Reply