Skip to main content
FOSDEM PWA

Challenges of Remote Attestation for Confidential Computing Workloads

UD6.215 | Day 2 | 10:50 - 11:10 | Speakers: Yogesh Deshpande

Challenges of Remote Attestation for Confidential Computing Workloads
A picture of a devroom at FOSDEM 2024
Open in browser

Notes

Abstract

Confidential Computing poses a unique challenge of Attestation Verification. The reason is, Attester in Confidential Computing is infact a collection of Attesters, what we call as Composite Attester. One Attester is a Workload which runs in a CC Environment, while the other Attester is the actual platform on which the Workload is executed. The two Attesters have separate Supply Chains (one been the Workload Owner deploying the Workload) while the Platform is a different Supplier, say Intel TDX or Arm CC. Another deployment could be a Workload been trained on a GPU (via means of Integrated TEE) attached to a CPU, to create an end-to-end secure environment. How can one trust such a Workload, along with the CPU which is feeding the training data to it?? To trust a Composite Attester, through remote attestation one needs multiple Remote Attestation Verifiers, for example one coming from CPU Vendor the other from a GPU Vendor. How do the Verifiers coordinate? Are there topological patterns of coordination that can be standardized.

The presentation will highlight the Work done in IETF Standards & Open Source Project Veraison to highlight: 1. Composite Attesters 2. Remote Attestation though Multiple Verifiers 3. Open-Source Work done in Project Veraison to highlight how Composition of Attesters can be constructed in a standardized manner 4. Open Source Work done in Project Veraison to highlight how Multiple Verifiers can coordinate to produce a Combined Attestation Verdict for a Composite Attester.

Please see the following links- https://datatracker.ietf.org/doc/draft-richardson-rats-composite-attesters/

https://datatracker.ietf.org/doc/draft-deshpande-rats-multi-verifier/

Composition of Attesters using Concise Message Wrappers: Golang Implementation: https://github.com/veraison/cmw
Rust Implementation: https://github.com/veraison/rust-cmw

Attestation results required for constructing compositional semantics: Golang Implementation: https://github.com/veraison/ear

Rust Implementation: https://github.com/veraison/rust-ear

Verification of Composite Attesters - Arm-CCA https://github.com/veraison/services

Attachments

Speakers

Yogesh Deshpande

Yogesh Deshpande is a Security Architect working on Open Source Project Veraison and in standards body on Remote Attestation and Supply Chain Security.

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.