Attestation is the process of demonstrating that a piece of software has been established on a platform. In the case of Intel SGX, it is the mechanism by which a third entity establishes that a software entity is running on an Intel SGX enabled platform protected within an enclave prior to provisioning that software with secrets and protected data. Attestation relies on the ability of a platform to produce a credential that accurately reflects the signature of an enclave, which includes information on the enclave’s security properties. The Intel SGX architecture provides the mechanisms to support two forms of attestation. There is a mechanism for creating a basic assertion between enclaves running on the same platform, which supports local, or intra-platform attestation, and then another mechanism that provides the foundation for attestation between an enclave and a remote third party.
The signing process involved in attestation takes place in such a manner that the relying party can be assured that it is communicating with a real hardware enclave and not some software emulation.