Article ID: 000059717 Content Type: Product Information & Documentation Last Reviewed: 07/07/2021

Why does the RemoteAttestation Sample in the Intel® Software Guard Extensions (Intel® SGX) SDK Return a Successful Attestation when Running in Simulation Mode?

BUILT IN - ARTICLE INTRO SECOND COMPONENT
Summary

The RemoteAttestation sample in the Intel® Software Guard Extensions (Intel® SGX) SDK emulates the IAS so it always returns successfully.

Description
  • Compiled and ran the RemoteAttestation sample in Simulation mode.
  • Received message: Remote attestation success!
  • Unable to determine why it was successful because remote attestation is supposed to fail if the Intel SGX enclave is run in Simulation mode.
Resolution

Simulation mode works with the RemoteAttestation sample application because it does not access the real IAS. In the sample, the IAS is emulated.

The RemoteAttestation/service_provicer/ias_ra.cpp file states:

// This whole file is used as simulation of the interfaces to be

// delivered by the IAS. This sample does not contact the real

// IAS. The IAS Sevice Provider developer needs to follow the

// IAS onboarding process to gain access to the real IAS.

Use sgx-ra-sample to access the real IAS. The sgx-ra-sample will fail attestation if run in Simulation mode.

Additional information

Remote attestation fails if the Intel SGX enclave that is being attested is run in Simulation mode because the enclave does not have the Intel SGX hardware protections.

Related Products

This article applies to 1 products