Securing SEV VMs with SGX Enclaves: Flexible Remote Attestation Protocol

It has been some time since I last updated the readers on my scientific endeavors in confidential computing. Though quiet here, I was not sitting idle. I am excited to share that my joint research effort Flexible Remote Attestation of pre-SNP SEV VMs using SGX Enclaves, with with Pedro Antonino, Senior Research Scientist at The Blockhouse Technology Limited, and Ante Đerek, Associate Professor at the University of Zagreb Faculty of Electrical Engineering and Computing, has been published in the IEEE Access open access journal in September 2023.

  • P. Antonino, A. Derek, and W. A. Wołoszyn, “Flexible remote attestation of pre-snp sev vms using sgx enclaves,” Ieee access, vol. 11, pp. 90839-90856, 2023.
    [Bibtex]
    @article{Antonino-Derek-Woloszyn23:Flexible-remote-attestation-of-pre-SNP-SEV-VMs-using-SGX-enclaves,
    author={Antonino, Pedro and Derek, Ante and Wołoszyn, Wojciech Aleksander},
    journal={IEEE Access},
    title={Flexible Remote Attestation of Pre-SNP SEV VMs Using SGX Enclaves},
    year={2023},
    volume={11},
    number={},
    pages={90839-90856}}

Abstract. We propose a protocol that explores a synergy between two TEE implementations: it brings SGX-like remote attestation to SEV VMs. We use the notion of a trusted guest owner, implemented as an SGX enclave, to deploy, attest, and provision an SEV VM. This machine can, in turn, rely on the trusted owner to generate SGX-like attestation proofs on its behalf. Our protocol combines the application portability of SEV with the flexible remote attestation of SGX. We formalise our protocol and prove that it achieves the intended guarantees using the Tamarin prover. Moreover, we develop an implementation for our trusted guest owner together with example SEV machines, and put those together to demonstrate how our protocol can be used in practice; we use this implementation to evaluate our protocol in the context of creating accountable machine-learning models. We also discuss how our protocol can be extended to provide a simple remote attestation mechanism for a heterogeneous infrastructure of trusted components.

SEV attestation scenarios with and without our trusted guest owner.

Find the article at The Blockhouse Technology Limited and access the source code at GitHub.

  • P. Antonino, A. Derek, and W. A. Wołoszyn, “Flexible remote attestation of pre-snp sev vms using sgx enclaves,” Ieee access, vol. 11, pp. 90839-90856, 2023.
    [Bibtex]
    @article{Antonino-Derek-Woloszyn23:Flexible-remote-attestation-of-pre-SNP-SEV-VMs-using-SGX-enclaves,
    author={Antonino, Pedro and Derek, Ante and Wołoszyn, Wojciech Aleksander},
    journal={IEEE Access},
    title={Flexible Remote Attestation of Pre-SNP SEV VMs Using SGX Enclaves},
    year={2023},
    volume={11},
    number={},
    pages={90839-90856}}

Leave a Reply

Your email address will not be published. Required fields are marked *