Please forgive me for many basic questions because I haven't been understood about Remote Attestation(RA).
I think I would like to use Remote Attestation for utilize SGX.
In detail, I would like to implement basic model using RA:
- Service Provider(SP) send data to ISV
- ISV calculate something with sent data inside enclave
- ISV return the result to SP
At first, I thought that when SP or ISV send data to another after RA complete, only I have to do is passing the data which I want to send to SP/ISV in some special function without encrypting the data, and SGX library automatically proceeds rest of communication and load-to-enclave process(this probably must be a silly idea).
But I became to know that it may be wrong, by learning about the mechanism of RA more in detail and reading the code carefully.
From my understanding, I have to encrypt the data with the session keys "SK" and "MK" myself, which can be gained by both ISV and SP in the process of RA(because RA is basically Sigma Protocol).
And here is the question:
In the first place, my (newer) understanding is correct?
If it's correct, the data transfers between SP and ISV(including Challenge request and MsgX delivery) are implemented by ordinal TCP client-server communication model(or if I use the simulation model of "SampleCode/RemoteAttestation" in intel's linux-sgx, using functions of ra_network.cpp)?
I thought that "Challenge Request" for RA is sent by SP to ISV, and ISV will return msg0 for the response to the challenge request. But as far as I read the codes of "SampleCode/RemoteAttesitation/", only ISV's untrusted app has the main() function and ISV starts the RA process. Is there some misunderstanding with challenge request for me, or are there some part that SP starts the RA(it may be the very challenge request)?
Sorry for my poor English and questions, but I have to use RA for my project. And If you know some simple sample codes in addition to "SampleCode/RemoteAttestation" in Intel's linux-sgx, I'm glad if you tell me about them.