Intel® Software Guard Extensions

 



Strengthen Enclave Trust with Attestation

  

Remote Attestation

This advanced feature allows a hardware entity or a combination of hardware and software to gain a remote provider's (also known as the relying party) or producer's trust.

Remote attestation gives the relying party increased confidence that the software is running:

  • Inside an Intel® Software Guard Extension (Intel® SGX) enclave
  • On a fully updated system at the latest security level (also referred to as the trusted computing base [TCB] version)

Attestation results provide:

  • The identity of the software being attested
  • Details of an unmeasured state (such as the execution mode)
  • An assessment of possible software tampering

After an enclave successfully attests itself to a relying party, an encrypted communication channel can be established between the two. Secrets, such as credentials or other sensitive data, can be provisioned directly to the enclave.


Intel SGX currently supports two types of remote attestation:

Elliptic Curve Digital Signature Algorithm (ECDSA) Attestation

This method enables third-party attestation via the Intel® Software Guard Extensions Data Center Attestation Primitives (Intel® SGX DCAP). ECDSA is available on server platforms based on 3rd generation Intel® Xeon® Scalable processors and selected Intel® Xeon® E3 processors.

Features of ECDSA-based attestations:

  • Takes advantage of 3rd generation Intel Xeon Scalable processors for next-generation cloud-optimized platforms, 5G-ready networks, and next-generation virtual networks
  • Provides flexible provisioning based on ECDSA certificates
  • Allows for construction of on-premise attestation services
  • Requires flexible launch control in supported Intel® platforms
  • Available under an open source licensing model

Intel® Enhanced Privacy ID (Intel® EPID) Attestation

This method supports Intel attestation via the Intel SGX platform software. It is available on selected client systems, selected Intel Xeon E3 processors, and selected Intel® Xeon® E processors.

Features of attestations based on Intel® EPID:

  • Increased privacy protections
  • Based on Intel EPID signatures
  • Provisioning and attestation at workload runtime

ECDSA-based Attestation

ECDSA-based attestation with Intel SGX DCAP allows providers to build and deliver their own attestation service instead of using the remote attestation service provided by Intel. This is useful for enterprise, data center, and cloud service providers who need to:

  • Use the large enclave sizes that are available in the Intel Xeon Scalable processor family.
  • Run large parts of their networks in environments where internet-based services cannot be reached.
  • Keep attestation decisions in-house.
  • Deliver applications that work in a distributed fashion (for example, peer-to-peer networks) that benefit from not relying on a single point of verification.
  • Prevent platform anonymity where it is not permitted.

This attestation solution is supported on select Intel Xeon E processors and Intel Xeon Scalable processors.

While Intel SGX DCAP requires more provider-managed infrastructure than the attestation solution based on Intel EPID, Intel helps providers create this infrastructure through Intel SGX DCAP.

Registration Service for Intel® Xeon® Scalable Processors

To support the initial setup of Intel SGX on server platforms based on Intel Xeon Scalable processors, Intel is providing a registration service.

This service creates a package that registers platform root keys (PRKs) that are shared between all of the processors on the platform.

Provisioning Certification Service (PCS) for ECDSA Attestation

The PCS includes a set of publicly accessible APIs that allow attestation service providers to retrieve the following:

  • Provisioning certificates
  • Revocation lists
  • Trusted computing base information

These components are then used in the providers’ remote attestation infrastructure to attest their enclaves. For more information (including subscription links), see Attestation Services.

Remote Attestation Based on Intel® EPID

Note This attestation option is only supported on selected Intel® Core™, Intel Xeon E, and Intel Xeon E3 processors. It is not supported on Intel Xeon Scalable processors.

This technology enables a relying party to attest an enclave without knowing the specific Intel® processor that the enclave is running on. Using this technology requires a platform and for the relying party to have internet access. For more information, see Intel EPID Security Technology.

The online attestation service is created and managed by Intel to:

  • Minimize the complexity of handling multiple security versions for a platform with a trusted computing base (TCB) for Intel SGX
  • Provide privacy properties

Get Started with Remote Attestation and Intel EPID

Use these resources as a guide through the process of developing a remote attestation application.

To implement the remote attestation service in your application:

  1. Request access to the Development (DEV) attestation service portal.

  2. Get a commercial license. This is required to access the production (LIV) attestation service so that you can run your enclave in production mode.