公开(公告)号：US20180241572A1

公开(公告)日：2018-08-23

申请号：US15600667

申请日：2017-05-19

Applicant: INTEL CORPORATION

Inventor： ANDREA MIELE ,  KARLA SAUR ,  JAMES HELD ,  MIC BOWMAN

IPC: H04L9/32 ,  H04L9/06 ,  H04W12/06

CPC classification number: H04L9/3263 ,  G06F21/44 ,  G06F21/57 ,  H04L9/0643 ,  H04L9/3236 ,  H04L63/08 ,  H04L2201/08 ,  H04L2209/42

Abstract: Techniques for remote SGX enclave authentication are described. An attestation service may be used to attest that an enclave was successfully established on a Software Guard Extensions (SGX) enabled platform. Further, an attestation service may, in embodiments, be used as a notary system to attest that a public-key certificate was generated by a particular SGX enclave and, therefore, may be trusted by other remote enclaves for authentication. In an embodiment, a client-side SGX enclave may generate a public-private key pair (SK, PK), compute a cryptographic hash H of PK, create a report R containing H, obtain a quote Q on the report R from a quoting enclave component, obtain remote attestation response RA from an attestation service, and broadcast RA and PK to one or more server side SGX enclaves. Other embodiments are described and claimed.