This advanced feature allows a hardware entity or a combination of hardware and software to gain a remote provider's (also known as the relying party) or producer's trust.
Remote attestation gives the relying party increased confidence that the software is running:
Inside an Intel® Software Guard Extension (Intel® SGX) enclave
On a fully updated system at the latest security level (also referred to as the trusted computing base [TCB] version)
Attestation results provide:
The identity of the software being attested
Details of an unmeasured state (such as the execution mode)
An assessment of possible software tampering
After an enclave successfully attests itself to a relying party, an encrypted communication channel can be established between the two. Secrets, such as credentials or other sensitive data, can be provisioned directly to the enclave.
Intel SGX currently supports two types of remote attestation:
Elliptic Curve Digital Signature Algorithm (ECDSA) Attestation
This method enables third-party attestation via the Intel® Software Guard Extensions Data Center Attestation Primitives (Intel® SGX DCAP). ECDSA is available on server platforms based on 3rd generation Intel® Xeon® Scalable processors and selected Intel® Xeon® E3 processors.
Features of ECDSA-based attestations:
Takes advantage of 3rd generation Intel Xeon Scalable processors for next-generation cloud-optimized platforms, 5G-ready networks, and next-generation virtual networks
Provides flexible provisioning based on ECDSA certificates
Allows for construction of on-premise attestation services
Requires flexible launch control in supported Intel® platforms
Available under an open source licensing model
Intel® Enhanced Privacy ID (Intel® EPID) Attestation
This method supports Intel attestation via the Intel SGX platform software. It is available on selected client systems, selected Intel Xeon E3 processors, and selected Intel® Xeon® E processors.
Features of attestations based on Intel® EPID:
Increased privacy protections
Based on Intel EPID signatures
Provisioning and attestation at workload runtime
ECDSA-based attestation with Intel SGX DCAP allows providers to build and deliver their own attestation service instead of using the remote attestation service provided by Intel. This is useful for enterprise, data center, and cloud service providers who need to:
Use the large enclave sizes that are available in the Intel Xeon Scalable processor family.
Run large parts of their networks in environments where internet-based services cannot be reached.
Keep attestation decisions in-house.
Deliver applications that work in a distributed fashion (for example, peer-to-peer networks) that benefit from not relying on a single point of verification.
Prevent platform anonymity where it is not permitted.
This attestation solution is supported on select Intel Xeon E processors and Intel Xeon Scalable processors.
While Intel SGX DCAP requires more provider-managed infrastructure than the attestation solution based on Intel EPID, Intel helps providers create this infrastructure through Intel SGX DCAP.
Registration Service for Intel® Xeon® Scalable Processors
To support the initial setup of Intel SGX on server platforms based on Intel Xeon Scalable processors, Intel is providing a registration service.
This service creates a package that registers platform root keys (PRKs) that are shared between all of the processors on the platform.
Provisioning Certification Service (PCS) for ECDSA Attestation
The PCS includes a set of publicly accessible APIs that allow attestation service providers to retrieve the following:
Trusted computing base information
These components are then used in the providers’ remote attestation infrastructure to attest their enclaves. For more information (including subscription links), see Attestation Services.
Remote Attestation Based on Intel® EPID
Note This attestation option is only supported on selected Intel® Core™, Intel Xeon E, and Intel Xeon E3 processors. It is not supported on Intel Xeon Scalable processors.
This technology enables a relying party to attest an enclave without knowing the specific Intel® processor that the enclave is running on. Using this technology requires a platform and for the relying party to have internet access. For more information, see Intel EPID Security Technology.
The online attestation service is created and managed by Intel to:
Minimize the complexity of handling multiple security versions for a platform with a trusted computing base (TCB) for Intel SGX
Provide privacy properties
Get Started with Remote Attestation and Intel EPID
Use these resources as a guide through the process of developing a remote attestation application.