Remote attestation

Learn how to make a "remote" attestation workflow using the CLI commands.

Remote attestation is the security process that allows the attester (or the "prover"), such as a VM or container to prove to another party (or the "verifier") it is running trusted software in a secure enclaved environment. This process is crucial in cloud, edge and AI confidential computing scenarios, where workloads need to prove their integrity and identity before being granted access to sensitive resources or secrets.

Step 1: Setup

Step 2: Generate a Nonce

Step 3: Generate a Report

Step 4: Verify the Report

Remote attestation typically involves four steps:

The verifier creates a policy defining when an attestation report is valid.
The verifier issues a challenge, often a nonce to the attester.
The attester generates a cryptographically signed report, including the nonce and measurements of its environment.
Implementing the security policy, the verifier validates the report to ensure the attester is genuine and uncompromised.

Last updated 3 months ago

Was this helpful?