Intel SGX Remote Attestation is Not Sufficient

Black Hat USA 2017

Presented by: Yogesh Swami
Date: Thursday July 27, 2017
Time: 11:00 - 11:50
Location: Mandalay Bay CD

In this paper, we argue that SGX Remote Attestation provided by Intel is not sufficient to guarantee confidentiality and integrity for running unmodified applications in the cloud. In particular, we demonstrate cases where:

This talk will also discuss the details about Remote Attestation mechanism: - What keys are embedded inside each SGX hardware, and what's the protocol for providing proof of knowledge? Are these protocols zero-knowledge, as claimed by Intel? - How the EPID's zero-knowledge proof of knowledge works, what anonymity guarantees it provides, and can it be replaced with other simpler schemes where platform anonymity is not a concern. - What key-exchanges take place between Intel Attestation Service, Software Vendor's own service, Intel Provided Platform Enclaves (e.g., launch enclave, etc.), and the enclave itself.

Yogesh Swami

Yogesh Swami is a Principal Engineer/Security Architect at Cryptography Research, a Division of Rambus. Yogesh is passionate about all aspects of Cryptography---from it's theoretical foundations to its practical usage---and leads a team that builds HSM-based Crypto-tools for provisioning hardware root of trust in SoCs. Yogesh has 15 years of experience analyzing Provably Secure (i.e, reductionist) protocols and takes great pride in keeping up with theoretical aspects of Cryptography and understanding its practical implications for building secure systems.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats