Attestation

SGX IAS-based RA:

An attesting SGX application gets its measurement using MRENCLAVE. It wraps the measurement, a signature signed by an Intel-provisioned key and other data to form an encrypted report. This report can only be decrypted and verified by Intel Attestation Service (IAS).

The Enhanced Privacy ID protocol allows systems to be identified as genuine SGX platforms without revealing their identity in the process. Within the EPID remote attestation model, a verifier sends the quote to the Intel Attestation Service (IAS) which replies with an attestation verification report, confirming or denying the authenticity of the quote and the enclave it originates from.

Many have criticized this approach because of the need to constantly interact with Intel’s backend services to validate requests in every interaction.

● Scheme from https://eprint.iacr.org/2009/095

● Barretto-Naehrig curve, optimal Ate pairing

● Code allegedly based on https://eprint.iacr.org/2010/354

THIS IS BEING DEPRECATED APRIL 2025