Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Question about DHKE in remote attestation

shin__dongmin
Beginner
178 Views

As we know, DHKE requires to exchange g and p between Alice and Bob.

https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

I am studying the steps of remote attestation on https://software.intel.com/en-us/articles/code-sample-intel-software-guard-extensions-remote-attestation-end-to-end-example

In msg1 description, "the client's public key for the DHKE" seems public key ga mod p. And DHKE secret from sgx_ra_get_ga() seems a.

But where is the step of exchanging g and p between client and server ?

0 Kudos
1 Reply
Rodolfo_S_
New Contributor III
178 Views

Hi there.

The agreement of those values can be done by using a named elliptic curve. In the remote attestation process that is exactly the case. They use the NIST P256 elliptic curve.

You can learn more about that by searching for ECDH protocol.

Regards,

Rodolfo

Reply