Suppose I receive data from Bob and he says the data are generated or calculated by TEE (e.g., Intel SGX).
Is there any method, TEE, or auxiliary information like zero-knowledge in cryptography that he can provide to prove the data are indeed from TEE, not from an ordinary PC?
Then, everyone trust him the data are generated or calculated by TEE.
BTW, could you provide some materials or useful tutorials to learn SGX programming that is easy to understand?
是的。该方法称为证明。由于通常第三方是远程的,因此使用的方法将是远程证明。
在 SGX enclave 内运行的每个应用程序都会生成一组关于 enclave 的信息。一旦第三方想要与该应用程序通信(例如,您想要与 Bob 通信),它就会通过质询消息启动远程证明过程。在此过程中,第三方接收 enclave 的信息并与英特尔认证服务 (IAS) 核对信息是否来自有效的英特尔 SGX。在您的示例中,您将收到 Bob 的 enclave 信息并与 IAS 核对 Bob 是否使用真正的英特尔 SGX。
您可以在以下链接中找到更多信息:
https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/attestation-services.html
https://www.intel.com/content/www/us/en /developer/articles/code-sample/software-guard-extensions-remote-attestation-end-to-end-example.html
https://sgx101.gitbook.io/sgx101/sgx-bootstrap/attestation
https://gts3 .org/pages/remote-attestation.html