- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I'm relatively new to Intel SGX/TDX technology and have recently set up an Azure Intel TDX-based confidential VM as outlined here. This VM is running Windows OS and operates within a Trusted Domain (TD), where its memory and state are encrypted and protected from the hypervisor and other VMs.
In the context of Intel SGX, remote attestation is typically performed between an enclave application and its corresponding service providers. However, with Intel TDX and my current setup, I'm uncertain about how to perform remote attestation between my TD (Azure VM) and the relevant service provider. It seems I might need to utilize the Intel TDX Quote Generation Library, but I'm unclear about the prerequisites and how it aligns with my specific use case. Moreover, I am not sure if the complete TDX attestation workflow can be performed from within the TD (Azure VM). Are there any sample examples available to help me get started?
I've found that resources on this topic online are quite scarce, so any assistance or guidance would be greatly appreciated!
Thank you in advance!
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello.
You can read about Azure TDX remote attestation on Microsoft's GitHub repo:
Regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Scott,
We are currently using SGX remote attestation via the EPID model which is about to be deprecated soon.
I want to know what changes are required on our side as per the new Intel Trust Authority model for attestation. Do we have any sample code/example of remote attestation using the replying party ?
-Thanks
Sam123
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page