📃
Confidential Computing 101
HomeTechnologyTry CC!
  • Welcome
  • Confidential Computing
    • What is Confidential Computing
    • What problems Confidential Computing solves
      • Bare Metal
      • Docker
      • Kubernetes
      • Knative
    • Why Confidential Computing
    • How Confidential Computing works
      • Memory Encryption
      • Workload Attestation
      • Confidential Boot
      • Sealing / Binding
      • Secret Provisioning
    • Technology Overview
    • Cloud Service Providers
  • Technology in depth
    • Intel SGX
      • Getting Started
        • Bare Metal Server Installation
        • Enclave Development Environment
        • Intel SGX SDK Setup
      • Technology
        • 🎭Features
        • 💂Threat Model
        • 🆚Versions
        • 🟦Concepts
          • 🏦Memory Encryption
          • 👮Local and Remote Attestation
          • 🖼️DCAP-Attestation Framework
          • 🔑Secret Key Provisioning
      • enclaive Development Kit
        • 🏢Architecture
        • 🌪️Workflow
        • 🌍Tutorials
          • Azure DCdsv3, DCsv2, or DCsv3 Setup
          • Redis in cK8s
          • MongoDB in cK8s
          • K8s + HashiCorp Vault on Azure DCsv3
      • Vault Remote Attestation Plug-In
        • 🏃‍♂️Initialization
        • 👮Attestation
        • ⚙️Configuration
    • Intel TDX
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
          • VT
          • TME/MKTME
          • SGX
        • Features
        • Threat Model
        • Concepts
          • Architecture
            • TDX Module
          • Memory Encryption
            • Confidentiality and Integrity
            • Keys and Key Management
          • TD Partitioning
          • DCAP-Attestation
            • Overview
            • Platform Registration
            • Attestation Report
    • AMD SEV
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
        • Threat Model
        • SME Concepts
          • Use Models
        • SEV-SNP Concepts
          • Features
            • Integrity Threats
            • Reverse Map Table
            • Page Validation
            • Page States
            • Virtual Machine Privilege Levels
            • Interrupt/Exception Protection
            • Trusted Platform Information
            • TCB Versioning
            • VM Launch & Attestation
            • VM Migration
            • Side Channels
          • Use Cases
          • Architecture
            • Encrypted Memory
            • Key Management
          • Software Implications
    • ARM CC
      • Technology
        • Introduction
        • Threat Model
        • Design
        • Comparison
    • Attestation Methods
      • Raw Attestation
      • Raw Attestation with Secure-Boot
      • Raw Attestation with a vTPM
        • AMD Secure VM Service Module and vTPMs
      • Raw Attestation with paravirtualized TPM
  • Resources
    • Youtube
    • Github
    • Products
Powered by GitBook
On this page
  • General
  • AMD-SEV-SNP
  • Intel TDX

Was this helpful?

  1. Technology in depth
  2. Attestation Methods

Raw Attestation

Last updated 8 months ago

Was this helpful?

General

We will call the basic (remote)-attestation that is supported by the Trusted Execution Environment (TEE) "Raw Attestation" in order to make clear that this is the baseline of attestation that is supported. For this attestation variant the processor takes measurements of the platform configuration and the initial configuration of the VM which includes the virtual firmware and the state of the vCPUs.

AMD-SEV-SNP

In AMD-SEV-SNP the Raw Attestation process is one single step. In this single step the CPU takes the measurements of the firmware and the vCPUs and creates the attestation report. The report is signed through a private key that belongs to the CPU which has been certified through the AMD CA. A user can check the signature of the attestation report with the included public key and can contact the AMD CA with the public key and the certificate to validate that the platform is genuine.

Intel TDX

The Raw Attestation process in Intel TDX is composed of two different steps. In a first step the CPU generates a structure that is called the TDREPORT. This report can only be verified on the the same platform and is therefore only used if VMs on the same CPU need to attest each other. For the remote verification this report is transformed into a TDQUOTE which is signed through the CPU with a key that can be checked through an Intel Service for its genuinity.

Drawing