Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Dual Remote Attestation

Elephant
Beginner
190 Views

Hi,

In the SGX Developer's Manual, the example code for remote attestation is that the Service Provider need to attest a client enclave before it provisions a secret to that enclave.  If the Service Provider also runs an enclave and that the client would want to attest that enclave, is there a more efficient way to do dual attestation other than going through the remote attestation protocol (msg1-msg4) twice?

Thanks!

Kind Regards,
Elephant

0 Kudos
1 Reply
you_w_
New Contributor III
190 Views

Hi Elephant:

One way is that service provider get it's quote and sent it to IAS, once get the attestation report SP can save it. If a client need to attest SP, in client side, client can check the  validation of report with intel's public key, and then do the rest processes of remote attestation.

Regards

You

Reply