Decentralizing Attestation

Our Terminology:

Evidence: claims signed by the TEE instance, binding together the state of the TEE, the identity of the code running in it, and application level data (usually public keys); produced by the TEE instance at runtime.

Endorsements: additional data used to establish the trustworthiness of the evidence (e.g., intermediate certificates, signatures, inclusion proofs); produced or cached by the untrusted host running the TEE.

Reference values: the policy that determines the acceptable range of values that the client trusts (e.g., TCB version number, individual measurements, etc.); hardcoded in the client code, or obtained over some trustworthy channel.

PreviousIntel Trust Authority NextIt’s Butterfree!

Last updated 2 months ago