Quote structure details used by Remote Attestation Service (IAS) to attest Intel® Software Guard Extensions enclave and client platform
In remote attestation, the client gives a Quote to the service provider, and the service provider passes the Quote to the Remote Attestation Service (IAS) for verification.
What components, or materials, does IAS use to attest the enclave and the client platform?
The Intel® Remote Attestation Service (IAS) examines only the Quote sent by the service provider, or relying third party, to attest the enclave and the client platform.
| Note |
Refer to the Data Structures chapter of the Intel® Software Guard Extensions (Intel® SGX) Attestation API Spec for details of the Attestation Evidence Payload. |
The Quoting Enclave (QE), which is an architectural enclave developed and signed by Intel, generates the Quote. The following fields in the Quote are used by IAS to verify the identity of the enclave:
- MRENCLAVE
- MRSIGNER
- ISVPRODID
- ISVSVN
These fields are not modifiable by the ISV enclave. During the attestation process, the processor hardware generates a CMAC measurement of the quote. If the CMAC is changed, attestation fails.
Only the Intel-signed QE will be able to get the private Attestation Key during the provisioning step recognized by IAS. Any other enclave, even using the open-source QE code, will not be able to get an attestation key that the IAS will accept since it will not be signed by the Intel QE signing key.
All of that data together comprises the Trusted Computing Base (TCB). The IAS maintains a database of acceptable TCBs for all Intel processors that support SGX. During attestation, the data in the provided quote is compared to the known-good TCBs maintained by Intel, and the generated attestation report contains the comparison results.