Intel SGX remote attestation Remote platform Host platform 2. Calculate ad arg MACCMAC clave Enclave 3. Send MAC SGX CPU SGX CPU Quoting 4. Verity Enclave 6. Send signature 5. Sign with group key [EPID] Attest an application on remote platform Check the identity of enclave(hash of code/data pages) Can establish a"secure channel" between enclavesIntel SGX, remote attestation • Attest an application on remote platform • Check the identity of enclave (hash of code/data pages) • Can establish a “secure channel” between enclaves Target Enclave Quoting Enclave Challenger Enclave SGX CPU Remote platform Host platform SGX CPU 1. Request 2. Calculate MAC 3. Send MAC 6. Send signature CMAC Hash 4. Verify 5. Sign with group key [EPID]