- General Support
I don't think that Ga is redundant. The reasoning is that you cannot obtain Ga from the hash and verify if it is still the same Ga as in previous messages.
Moreover, in a scenario where you are attesting multiple enclaves, how would you verify if the hash is valid (iterate over all possible Ga's)?
Ga is already sent to SP in Msg1. Sending it again doesn't help prevent a MITM attack because an active adversary can change both Msg1 and Msg3. If multiple enclaves are to be attested, then the entire flow needs to be started from the beginning, meaning a new Msg1 and Ga will be received by SP for every attestation instance. Therefore, there isn't really a problem obtaining a hash for Ga.