Skip to main content
Information Security

Questions tagged [remote-attestation]

Ask Question

The tag has no summary.

31 questions
Newest Active Bountied Unanswered
2 votes
0 answers
60 views

I am confusing about the Provisioning Enclave and Provisioning Certificate Enclave. In the document SGX101 - Interaction between PSE and Application Enclaves, the Provisioning Enclave (PvE) and ...
Latte Xu's user avatar
  • 51
3 votes
1 answer
204 views

I am implementing a client that generates a CSR, sends it to my own CA service, and the CA issues a certificate for that CSR. In this process, I need to verify that the csr is trusted, generated by ...
crystal crystal's user avatar
  • 31
1 vote
1 answer
248 views

The TPM (Trusted Platform Module) has a feature called dynamic root-of-trust. If i understand correctly a measurement of the current system is taken (to enable attestation) by the CPU and transmitted ...
user25100341's user avatar
  • 21
0 votes
1 answer
224 views

Modern laptops and mobile phone platforms are built around a main, beefy SoC, which generally supports Secure Boot for its firmware and also has a unique hardware identity that is used to attest to a ...
Silviu's user avatar
  • 66
2 votes
3 answers
825 views

During remote attestation, a device sends the server the EK certificate, AK public, AK name. By using tpm2_makecredential/tpm2_activatecredential, the attestation sever can confirm that: the EK is ...
SKK's user avatar
  • 21
1 vote
0 answers
180 views

I want to know the use cases of DAA (Direct Anonymous Attestation) in the real world.
user97821's user avatar
  • 11
1 vote
1 answer
113 views

I try to attest my vm running on a kvm+qemu host using qmp and this command: echo '{ "execute": "qmp_capabilities" }\n{"execute":"query-sev-attestation-report",&...
alindner's user avatar
  • 11
4 votes
1 answer
1k views

I've been pondering some potential cybersecurity applications for enclaves. One of them being the problem of password hashing. Some clients have enclave support, meaning part of their CPU can securely ...
Expectator's user avatar
  • 290
1 vote
1 answer
347 views

Among the things listed that a TPM chip can do I found something not like the others: Remote Attestation: ... This allows a third party to verify that the software has not been changed. But in a ...
Joshua's user avatar
  • 1,300
1 vote
0 answers
171 views

I'm currently reading about the TPM and remote attestation. Here's my current understanding of what is happening. To attest a PCR value to a remote party, the TPM signs the value with an attestation ...
SuppenGeist's user avatar
  • 11
1 vote
0 answers
318 views

I need to create an attestation key (AK) and use it to sign arbitrary data in TPM 2.0. The TCG Guidance documents, suggest that some TPMs may come pre-provisioned with an AK that is part of the ...
mohamed's user avatar
  • 11
2 votes
0 answers
252 views

It is known that is possible to define an NV Extend Index which has a behaviour similar to a PCR (Platform Configuration Register) and it is possible to modify it using TPM2_NV_Extend() operation. ...
Andrew's user avatar
  • 21
1 vote
1 answer
725 views

I’m a little unclear on this (marked strong): "The public key authentication functions provide for on-chip key pair generation using a hardware random number generator, along with public key ...
user avatar
2 votes
1 answer
1k views

I am currently reading up on Intel's SGX, especially the remote attestation part. I am having a questions regarding this topic. Let us consider the following protocol: Enclave A and B do remote ...
Donut's user avatar
  • 141
3 votes
1 answer
2k views

I have a question about Remote Attestation and measured boot with a TPM-Module. The illustration shows my project schematically. A TPM module will be used to measure the boot process and validate ...
DommiB's user avatar
  • 31

15 30 50 per page
1
2 3