Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1458 Discussions

Remote attestation between Enclaves

SA
Beginner
‎04-06-2018 07:53 AM
408 Views

 

Hi,

I would like to know if it is possible to establish a remote attestation between 2 enclaves each on a different platform? If this is possible, do we still need to communicate with IAS?

Thank you

0 Kudos

Link Copied

1 Reply
Hoang_N_Intel
Employee
‎04-16-2018 11:28 AM
408 Views

You cannot do remote attestation between two different enclaves on different machines. You can only do local attestation between enclaves on the same machine to get reports on the enclave attributes and measurements. However, currently you must use Intel Attestation Service (IAS) to verify the platform ID using Intel EPID which is not part of the local attestation.

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.