Pith. sign in

REVIEW 4 cited by

Integrating Remote Attestation with Transport Layer Security

Not yet reviewed by Pith; the record is open.

This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.

SPECIMEN: schema-true, not a live event

T0 review · schema-true

One-sentence machine reading of the paper's core claim.

pith:XXXXXXXX · record.json · timestamp

arxiv 1801.05863 v2 pith:7IVZK7WV submitted 2018-01-17 cs.CR

Integrating Remote Attestation with Transport Layer Security

classification cs.CR
keywords attestationintelremoteattestedconnectionimplementationslayerprotocol
verification ladder T0 review T1 audit T2 compute T3 formal T4 reserved
0 comments
read the original abstract

Intel(R) Software Guard Extensions (Intel(R) SGX) is a promising technology to securely process information in otherwise untrusted environments. An important aspect of Intel SGX is the ability to perform remote attestation to assess the endpoint's trustworthiness. Ultimately, remote attestation will result in an attested secure channel to provision secrets to the enclave. We seamlessly combine Intel SGX remote attestation with the establishment of a standard Transport Layer Security (TLS) connection. Remote attestation is performed during the connection setup. To achieve this, we neither change the TLS protocol, nor do we modify existing protocol implementations. We have prototype implementations for three widely used open-source TLS libraries: OpenSSL, wolfSSL and mbedTLS. We describe the requirements, design and implementation details to seamlessly bind attested TLS endpoints to Intel SGX enclaves.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 4 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. A TEE-Based Architecture for Confidential and Dependable Process Attestation in Authorship Verification

    cs.CR 2026-02 unverdicted novelty 7.0

    First TEE-based architecture for continuous process attestation with hardware tamper resistance, tiered assurance levels, Markov-chain dependability modeling, and resilient protocol achieving over 99.5% evidence chain...

  2. TrustMee: Self-Verifying Remote Attestation Evidence

    cs.CR 2026-02 unverdicted novelty 7.0

    TrustMee enables self-verifying remote attestation evidence by embedding WebAssembly verification logic in attestation bundles for platform-independent validation of confidential VMs.

  3. Two-Way Confidential VMs (2cVM): Collaborative Confidential Computing for Mutually Distrustful Parties

    cs.CR 2026-06 unverdicted novelty 5.0

    2cVM is a two-layer confidential VM using AMD SEV-SNP hardware protection plus WebAssembly isolation, governed by an immutable Commitment Manifest, with evaluation showing non-linear overhead from negligible to ~2x de...

  4. Scanclave: Verifying Application Runtime Integrity in Untrusted Environments

    cs.CR 2019-07 unverdicted novelty 5.0

    Scanclave enables runtime integrity verification of applications in untrusted environments by combining TEE protections with a minimal trusted software stack and TEE-based memory access.