{"created":"2025-01-19T01:19:11.644489+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00218849","sets":["1164:6389:10832:10943"]},"path":["10943"],"owner":"44499","recid":"218849","title":["Intel SGXのECDSA Attestationにおける検証についての課題とその改善に向けた考察"],"pubdate":{"attribute_name":"公開日","attribute_value":"2022-07-12"},"_buckets":{"deposit":"bf1c1c5c-badc-49ef-8c94-6b99252156f2"},"_deposit":{"id":"218849","pid":{"type":"depid","value":"218849","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"Intel SGXのECDSA Attestationにおける検証についての課題とその改善に向けた考察","author_link":["570050","570053","570052","570054","570057","570049","570051","570056","570048","570055"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Intel SGXのECDSA Attestationにおける検証についての課題とその改善に向けた考察"},{"subitem_title":"Issues and Considerations for Improvement of Verification in ECDSA Attestation of Intel SGX","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"HWS","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2022-07-12","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"筑波大学／産業技術総合研究所"},{"subitem_text_value":"産業技術総合研究所"},{"subitem_text_value":"産業技術総合研究所"},{"subitem_text_value":"産業技術総合研究所"},{"subitem_text_value":"筑波大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"University of Tsukuba /  National Institute of Advanced Industrial Science and Technology","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Advanced Industrial Science and Technology","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Advanced Industrial Science and Technology","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Advanced Industrial Science and Technology","subitem_text_language":"en"},{"subitem_text_value":" University of Tsukuba","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/218849/files/IPSJ-SPT22048005.pdf","label":"IPSJ-SPT22048005.pdf"},"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SPT22048005.pdf","filesize":[{"value":"967.0 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_login","version_id":"467c30c7-f016-4fc4-b0da-45b9a24e24d4","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2022 by the Institute of Electronics, Information and Communication Engineers This SIG report is only available to those in membership of the SIG."}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"矢川, 嵩"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"須崎, 有康"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"照屋, 唯紀"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"大原, 一真"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"阿部, 洋丈"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Takashi, Yagawa","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Kuniyasu, Suzaki","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tadanori, Teruya","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Kazuma, Ohara","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hirotake, Abe","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12628305","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8671","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"Intel SGX は TEE（Trusted Execution Environment）の一実装であり，OS やハイパーバイザ等の特権命令を含む攻撃からも，SGX 内メモリにあるプログラムやデータの機密性及び完全性を保護できる．また，SGX ではユーザーが SGX 搭載プラットフォームを利用する際に，プラットフォームと SGX で実行するソフトウェア (TA: Trusted Application) の真正性を検証できる Remote Attestation(RA) の機能を提供している．近年 SGX はクラウドでの活用が想定されており，2018 年に RA としてデータセンター等での利用を想定した Elliptic Curve Digital Signature Algorithm (ECDSA) Attestation が新たに利用可能になった．しかし，これは従来の RA よりも実装の自由度が高い分，その検証結果を誰が保証しているかは曖昧である．本論文では，現在の ECDSA Attestation のプロビジョニングと実行について示し，検証される要素についてそれぞれ誰が保証しているかを明らかにする．さらに，そこから ECDSA Attestation の課題を明らかにした上で，その改善策について考察する．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Intel SGX is a kind of TEE (Trusted Execution Environment) and can protect the confidentiality and integrity of programs and data in the memory of SGX from attacks involving privileged instructions from the OS, hypervisor, etc. SGX offers Remote Attestation (RA), which confirms the authenticity of the genuine platform and intended software on SGX (i.e., TA: Trusted Application).In recent years, SGX is utilized for the clouds, SGX RA is also developed for Cloud in 2018; the Elliptic Curve Digital Signature Algorithm (ECDSA) Attestation, which is intended for use in data centers. However, the degree of freedom of implementation is higher than in the past, and it is unclear who guarantees the verification results. This paper describes the provisioning and execution of the current ECDSA Attestation and clarifies who guarantees the verified elements. Furthermore, from this, the challenges of ECDSA Attestation will be identified, and then measures for improvement will be discussed.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告セキュリティ心理学とトラスト（SPT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2022-07-12","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"5","bibliographicVolumeNumber":"2022-SPT-48"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":218849,"updated":"2025-01-19T15:00:42.418886+00:00","links":{}}