Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1502 Discussions

Question about the reliability of Quote verification results with QvE in ECDSA-RA

dd_cliffford
Beginner
805 Views

Hello, 

Please let me ask you a question about the ECDSA-RA (ECDSA Remote Attestation) provided by DCAP.

 

The sample codes in DCAP assumes that the ISV Enclave and the QvE exist on the same SGX machine.

Looking at the implementation, it seems that the ISV Enclave is verifying that the Quote verification results by the QvE are correct by performing an LA with the QvE.

 

However, if the ISV Enclave is not legitimate (e.g. malicious, corrupted) in the first place, it may be possible to forge any data and make any RA status look "OK".

For example, after receiving a “Quote Signature Invalid” status from QvE, and then an attacker on the SGX machine signs/MACs a Quote or REPORT consisting of arbitrary entries (e.g. stolen MRSIGNER) with a randomly generated key, there is no way for the client (SP; Relying Party) to verify it except by using the collateral again himself.

 

This would appear to leave the client with no choice but to verify again with QvL or QvE on client’s environment, but is there any way to obtain reliable Quote verification results using only the verification process on the SGX machine?

0 Kudos
0 Replies
Reply