|
|
|
|
|
|
by nneonneo
308 days ago
|
|
|
The attestation covers the public key, so you would only connect to an instance which has that public key. In order for a malicious instance to use the same public key as an attested one, they’d have to share the private key (for decryption to work). If you can verify that the SGX code never leaks the private key that was generated inside the enclave, then you can be reasonably sure that the private key can’t be shared to other servers or WG instances. |
|
|