Signing Arbitrary Quotes for Remote Attestation
We have used CacheOut and SGAxe to recover private attestation keys from a fully updated SGX machine which is considered by Intel to be in a trusted status. With these private attestation keys in hands, we can sign arbitrary SGX attestation quotes which are then considered legitimate by Intel’s attestation service (or at least until they revoke our key). In this video, we sign our own quote and then verify it against Intel’s Attestation Service.
6 months ago 00:19:13 1
6 months ago 00:12:10 1
7 months ago 00:05:46 1
7 months ago 00:25:17 1
8 months ago 00:01:27 1
10 months ago 01:48:11 1
12 months ago 00:48:31 1
12 months ago 00:06:43 1
12 months ago 00:57:57 1
12 months ago 01:01:44 1
12 months ago 00:46:15 1
1 year ago 00:04:04 3
1 year ago 00:10:08 1
1 year ago 00:15:37 2
1 year ago 00:06:44 1
1 year ago 00:04:24 3
1 year ago 00:11:30 6
1 year ago 00:10:20 1
2 years ago 00:10:38 1
2 years ago 00:32:25 1
2 years ago 00:11:21 1
2 years ago 00:01:25 1
2 years ago 01:05:08 1
2 years ago 00:26:17 1
