{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T23:56:33Z","timestamp":1772927793119,"version":"3.50.1"},"reference-count":46,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Fundamentals"],"published-print":{"date-parts":[[2026,3,1]]},"DOI":"10.1587\/transfun.2025cip0027","type":"journal-article","created":{"date-parts":[[2025,9,29]],"date-time":"2025-09-29T22:08:46Z","timestamp":1759183726000},"page":"305-316","source":"Crossref","is-referenced-by-count":0,"title":["Clarifying CPU Vendor\u2019s Responsibilities for Remote Attestation with Intel SGX"],"prefix":"10.1587","volume":"E109.A","author":[{"given":"Takashi","family":"YAGAWA","sequence":"first","affiliation":[{"name":"University of Tsukuba"},{"name":"National Institute of Advanced Industrial Science and Technology (AIST)"}]},{"given":"Tadanori","family":"TERUYA","sequence":"additional","affiliation":[{"name":"National Institute of Advanced Industrial Science and Technology (AIST)"}]},{"given":"Kazuma","family":"OHARA","sequence":"additional","affiliation":[{"name":"National Institute of Advanced Industrial Science and Technology (AIST)"}]},{"given":"Kuniyasu","family":"SUZAKI","sequence":"additional","affiliation":[{"name":"Institute of Information Security"}]},{"given":"Hirotake","family":"ABE","sequence":"additional","affiliation":[{"name":"University of Tsukuba"}]}],"member":"532","reference":[{"key":"1","doi-asserted-by":"publisher","unstructured":"[1] V. Navale and P.E. Bourne, \u201cCloud computing applications for biomedical science: A perspective,\u201d PLoS Comput. Biol., vol.14, no.6, p.e1006144, 2018. 10.1371\/journal.pcbi.1006144","DOI":"10.1371\/journal.pcbi.1006144"},{"key":"2","doi-asserted-by":"crossref","unstructured":"[2] C. Gentry, \u201cFully homomorphic encryption using ideal lattices,\u201d Proc. Forty-First Annual ACM Symposium on Theory of Computing, pp.169-178, 2009. 10.1145\/1536414.1536440","DOI":"10.1145\/1536414.1536440"},{"key":"3","doi-asserted-by":"crossref","unstructured":"[3] C. Gentry and S. Halevi, \u201cImplementing Gentry\u2019s fully-homomorphic encryption scheme,\u201d Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp.129-148, Springer, 2011. 10.1007\/978-3-642-20465-4_9","DOI":"10.1007\/978-3-642-20465-4_9"},{"key":"4","unstructured":"[4] S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O\u2019Keeffe, M.L. Stillwell, D. Goltzsche, D. Eyers, R. Kapitza, P. Pietzuch, and C. Fetzer, \u201cSCONE: Secure Linux containers with Intel SGX,\u201d 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16), Savannah, GA, pp.689-703, Nov. 2016."},{"key":"5","unstructured":"[5] C.-C. Tsai, D.E. Porter, and M. Vij, \u201cGraphene-SGX: A practical library OS for unmodified applications on SGX,\u201d 2017 USENIX Annual Technical Conference (USENIX ATC 17), Santa Clara, CA, pp.645-658, July 2017."},{"key":"6","unstructured":"[6] T. Hunt, Z. Zhu, Y. Xu, S. Peter, and E. Witchel, \u201cRyoan: A distributed sandbox for untrusted computation on secret data,\u201d 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16), Savannah, GA, pp.533-549, Nov. 2016."},{"key":"7","doi-asserted-by":"crossref","unstructured":"[7] F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich, \u201cVC3: Trustworthy data analytics in the cloud using SGX,\u201d 2015 IEEE Symposium on Security and Privacy, pp.38-54, 2015. 10.1109\/sp.2015.10","DOI":"10.1109\/SP.2015.10"},{"key":"8","doi-asserted-by":"crossref","unstructured":"[8] Y. Shen, H. Tian, Y. Chen, K. Chen, R. Wang, Y. Xu, Y. Xia, and S. Yan, \u201cOcclum: Secure and efficient multitasking inside a single enclave of Intel SGX,\u201d Proc. Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, pp.955-970, 2020. 10.1145\/3373376.3378469","DOI":"10.1145\/3373376.3378469"},{"key":"9","unstructured":"[9] \u201cIntel<sup>\u00ae<\/sup> SGX product offerings,\u201d https:\/\/www.intel.co.jp\/content\/www\/jp\/ja\/architecture-and-technology\/sgx-product-offerings.html, accessed Oct. 28. 2024."},{"key":"10","doi-asserted-by":"crossref","unstructured":"[10] E. Brickell and J. Li, \u201cEnhanced privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities,\u201d Proc. 2007 ACM Workshop on Privacy in Electronic Society, WPES\u201907, pp.21-30, 2007. 10.1145\/1314333.1314337","DOI":"10.1145\/1314333.1314337"},{"key":"11","unstructured":"[11] S. Johnson, V. Scarlata, C. Rozas, E. Brickell, and F. Mckeen, \u201cIntel software guard extensions: Epid provisioning and attestation services,\u201d White Paper, vol.1, no.1-10, p.119, 2016."},{"key":"12","unstructured":"[12] V. Scarlata, S. Johnson, J. Beaney, and P. Zmijewski, \u201cSupporting third party attestation for Intel SGX with Intel data center attestation primitives,\u201d Intel White Paper, 2018."},{"key":"13","unstructured":"[13] \u201cGithub - intel\/sgxdatacenterattestationprimitives,\u201d https:\/\/github.com\/intel\/SGXDataCenterAttestationPrimitives, accessed Oct. 28. 2024."},{"key":"14","unstructured":"[14] \u201cIntel<sup>\u00ae<\/sup> software guard extensions (Intel<sup>\u00ae<\/sup> SGX) data center attestation primitives: ECDSA quote library API,\u201d March 2023. https:\/\/download.01.org\/intel-sgx\/latest\/dcap-latest\/linux\/docs\/Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf, accessed Oct. 28. 2024."},{"key":"15","unstructured":"[15] \u201cWhite paper Intel<sup>\u00ae<\/sup> trust domain extensions,\u201d Feb. 2023."},{"key":"16","doi-asserted-by":"crossref","unstructured":"[16] M.U. Sardar, R. Faqeh, and C. Fetzer, \u201cFormal foundations for Intel SGX data center attestation primitives,\u201d Formal Methods and Software Engineering: 22nd International Conference on Formal Engineering Methods, ICFEM 2020, Singapore, Singapore, March 2021, Proceedings, pp.268-283, 2020. 10.1007\/978-3-030-63406-3_16","DOI":"10.1007\/978-3-030-63406-3_16"},{"key":"17","doi-asserted-by":"crossref","unstructured":"[17] J. M\u00e9n\u00e9trey, C. G\u00f6ttel, A. Khurshid, M. Pasin, P. Felber, V. Schiavoni, and S. Raza, \u201cAttestation mechanisms for trusted execution environments demystified,\u201d Distributed Applications and Interoperable Systems, pp.95-113, Springer, 2022. 10.1007\/978-3-031-16092-9_7","DOI":"10.1007\/978-3-031-16092-9_7"},{"key":"18","unstructured":"[18] \u201cIntel(r) software guard extensions developer reference for Linux* OS developer reference,\u201d Jan. 2024. https:\/\/download.01.org\/intel-sgx\/latest\/linux-latest\/docs\/Intel_SGX_Developer_Reference_Linux_2.23_Open_Source.pdf, accessed Oct. 28. 2024."},{"key":"19","doi-asserted-by":"crossref","unstructured":"[19] E. Brickell, J. Camenisch, and L. Chen, \u201cDirect anonymous attestation,\u201d Proc. 11th ACM Conference on Computer and Communications Security, CCS\u201904, pp.132-145, 2004. 10.1145\/1030083.1030103","DOI":"10.1145\/1030083.1030103"},{"key":"20","unstructured":"[20] \u201cWhich processors support Intel<sup>\u00ae<\/sup> software guard extensions (Intel<sup>\u00ae<\/sup> SGX) EPID?,\u201d https:\/\/www.intel.com\/content\/www\/us\/en\/support\/articles\/000092568\/software\/intel-security-products.html, accessed Oct. 28. 2024."},{"key":"21","unstructured":"[21] V. Costan and S. Devadas, \u201cIntel SGX explained,\u201d Cryptology ePrint Archive, Paper 2016\/086, 2016."},{"key":"22","doi-asserted-by":"crossref","unstructured":"[22] M.W. Shih, S. Lee, T. Kim, and M. Peinado, \u201cT-SGX: Eradicating controlled-channel attacks against enclave programs,\u201d NDSS, 2017. 10.14722\/ndss.2017.23193","DOI":"10.14722\/ndss.2017.23193"},{"key":"23","unstructured":"[23] J. Van Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T.F. Wenisch, Y. Yarom, and R. Strackx, \u201cForeshadow: Extracting the keys to the Intel SGX kingdom with transient Out-of-Order execution,\u201d 27th USENIX Security Symposium (USENIX Security 18), pp.991-1008, USENIX Association, 2018."},{"key":"24","doi-asserted-by":"crossref","unstructured":"[24] K. Murdock, D. Oswald, F.D. Garcia, J. Van Bulck, D. Gruss, and F. Piessens, \u201cPlundervolt: Software-based fault injection attacks against Intel SGX,\u201d 2020 IEEE Symposium on Security and Privacy (SP), pp.1466-1482, IEEE, 2020. 10.1109\/sp40000.2020.00057","DOI":"10.1109\/SP40000.2020.00057"},{"key":"25","unstructured":"[25] F. Brasser, U. M\u00fcller, A. Dmitrienko, K. Kostiainen, S. Capkun, and A.R. Sadeghi, \u201cSoftware grand exposure: SGX cache attacks are practical,\u201d 11th USENIX Workshop on Offensive Technologies (WOOT 17), USENIX Association, 2017."},{"key":"26","doi-asserted-by":"crossref","unstructured":"[26] G. Chen, S. Chen, Y. Xiao, Y. Zhang, Z. Lin, and T.H. Lai, \u201cSgxPectre: Stealing Intel secrets from SGX enclaves via speculative execution,\u201d 2019 IEEE European Symposium on Security and Privacy (EuroS&amp;P), pp.142-157, 2019. 10.1109\/eurosp.2019.00020","DOI":"10.1109\/EuroSP.2019.00020"},{"key":"27","unstructured":"[27] \u201cAsylo,\u201d https:\/\/asylo.dev\/"},{"key":"28","doi-asserted-by":"crossref","unstructured":"[28] R. Pass, E. Shi, and F. Tram\u00e8r, \u201cFormal abstractions for attested execution secure processors,\u201d Advances in Cryptology - EUROCRYPT 2017, J.S. Coron and J.B. Nielsen, eds., pp.260-289, Springer International Publishing, Cham, 2017. 10.1007\/978-3-319-56620-7_10","DOI":"10.1007\/978-3-319-56620-7_10"},{"key":"29","doi-asserted-by":"crossref","unstructured":"[29] P. Subramanyan, R. Sinha, I. Lebedev, S. Devadas, and S.A. Seshia, \u201cA formal foundation for secure remote execution of enclaves,\u201d Proc. 2017 ACM SIGSAC Conference on Computer and Communications Security, pp.2435-2450, 2017. 10.1145\/3133956.3134098","DOI":"10.1145\/3133956.3134098"},{"key":"30","doi-asserted-by":"crossref","unstructured":"[30] M.U. Sardar, D.L. Quoc, and C. Fetzer, \u201cTowards formalization of enhanced privacy ID (EPID)-based remote attestation in Intel SGX,\u201d 2020 23rd Euromicro Conference on Digital System Design (DSD), pp.604-607, 2020. 10.1109\/dsd51259.2020.00099","DOI":"10.1109\/DSD51259.2020.00099"},{"key":"31","doi-asserted-by":"publisher","unstructured":"[31] S. Fei, Z. Yan, W. Ding, and H. Xie, \u201cSecurity vulnerabilities of SGX and countermeasures: A survey,\u201d ACM Comput. Surv. (CSUR), vol.54, no.6, pp.1-36, 2021. 10.1145\/3456631","DOI":"10.1145\/3456631"},{"key":"32","unstructured":"[32] S. Van Schaik, A. Kwong, D. Genkin, and Y. Yarom, \u201cSGAxe: How SGX fails in practice,\u201d 2020."},{"key":"33","unstructured":"[33] J. Lee, J. Jang, Y. Jang, N. Kwak, Y. Choi, C. Choi, T. Kim, M. Peinado, and B.B. Kang, \u201cHacking in darkness: Return-oriented programming against secure enclaves,\u201d 26th USENIX Security Symposium (USENIX Security 17), Vancouver, BC, pp.523-539, Aug. 2017."},{"key":"34","unstructured":"[34] \u201cDell EMC PowerEdge R750 BIOS and UEFI reference guide,\u201d https:\/\/www.dell.com\/support\/manuals\/en-us\/poweredge-r750\/per750_bios_pub_ism\/system-bios?guid=guid-cf672af3-f0e7-4b34-9ccc-304720ffa838, accessed Oct. 28. 2024."},{"key":"35","unstructured":"[35] \u201cGithub - intel\/linux-sgx,\u201d https:\/\/github.com\/intel\/linux-sgx, accessed Oct. 28. 2024."},{"key":"36","unstructured":"[36] \u201cIntel<sup>\u00ae<\/sup> trust domain extensions data center attestation primitives (Intel<sup>\u00ae<\/sup> TDX DCAP): Quote generation library and quote verification library,\u201d Dec. 2023. https:\/\/download.01.org\/intel-sgx\/latest\/dcap-latest\/linux\/docs\/Intel_TDX_DCAP_Quoting_Library_API.pdf, accessed Oct. 28. 2024."},{"key":"37","doi-asserted-by":"publisher","unstructured":"[37] M.U. Sardar, S. Musaev, and C. Fetzer, \u201cDemystifying attestation in Intel trust domain extensions via formal verification,\u201d IEEE Access, vol.9, pp.83067-83079, 2021. 10.1109\/access.2021.3087421","DOI":"10.1109\/ACCESS.2021.3087421"},{"key":"38","unstructured":"[38] \u201cIntel<sup>\u00ae<\/sup> Tiber<sup>TM<\/sup> trust services,\u201d https:\/\/www.intel.com\/content\/www\/us\/en\/software\/trust-and-security-solutions.html, accessedMarch 4. 2025."},{"key":"39","doi-asserted-by":"crossref","unstructured":"[39] T. Yagawa, T. Teruya, K. Suzaki, and H. Abe, \u201cDelegating verification for remote attestation using TEE,\u201d 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&amp;PW), pp.186-192, IEEE, 2024. 10.1109\/eurospw61312.2024.00025","DOI":"10.1109\/EuroSPW61312.2024.00025"},{"key":"40","doi-asserted-by":"crossref","unstructured":"[40] X. Zhang, K. Qin, S. Qu, T. Wang, C. Zhang, and D. Gu, \u201cTeamwork makes TEE work: Open and resilient remote attestation on decentralized trust,\u201d 2024.","DOI":"10.1109\/TDSC.2025.3636884"},{"key":"41","doi-asserted-by":"publisher","unstructured":"[41] M. Yang, G. Huang, H. Chen, Y. Liao, Q. Wang, and X. Chen, \u201cEnhancing the availability and security of attestation scheme for multiparty-involved DLaaS: A circular approach,\u201d IEEE Trans. Cloud Comput., vol.13, no.1, pp.227-244, 2025. 10.1109\/tcc.2024.3522993","DOI":"10.1109\/TCC.2024.3522993"},{"key":"42","doi-asserted-by":"crossref","unstructured":"[42] G. Chen, Y. Zhang, and T.H. Lai, \u201cOPERA: Open remote attestation for Intel\u2019s secure enclaves,\u201d Proc. 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS19), pp.2317-2331, 2019. 10.1145\/3319535.3354220","DOI":"10.1145\/3319535.3354220"},{"key":"43","doi-asserted-by":"crossref","unstructured":"[43] M. Schwarz, S. Weiser, and D. Gruss, \u201cPractical enclave malware with Intel SGX,\u201d Detection of Intrusions and Malware, and Vulnerability Assessment, pp.177-196, Springer International Publishing, 2019. 10.1007\/978-3-030-22038-9_9","DOI":"10.1007\/978-3-030-22038-9_9"},{"key":"44","unstructured":"[44] S. Weiser, L. Mayr, M. Schwarz, and D. Gruss, \u201cSGXJail: Defeating Enclave Malware via Confinement,\u201d RAID, pp.353-366, 2019."},{"key":"45","doi-asserted-by":"crossref","unstructured":"[45] Z. Zhang, X. Zhang, Q. Li, K. Sun, Y. Zhang, S. Liu, Y. Liu, and X. Li, \u201cSee through walls: Detecting malware in SGX enclaves with SGX-bouncer,\u201d Proc. 2021 ACM Asia Conference on Computer and Communications Security, pp.931-943, 2021. 10.1145\/3433210.3437531","DOI":"10.1145\/3433210.3437531"},{"key":"46","unstructured":"[46] Y. Chen, J. Li, G. Xu, Y. Zhou, Z. Wang, C. Wang, and K. Ren, \u201cSGXLock: Towards efficiently establishing mutual distrust between host application and enclave for SGX,\u201d 31st USENIX Security Symposium (USENIX Security 22), pp.4129-4146, 2022."}],"container-title":["IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E109.A\/3\/E109.A_2025CIP0027\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T04:11:14Z","timestamp":1772856674000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E109.A\/3\/E109.A_2025CIP0027\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,1]]},"references-count":46,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2026]]}},"URL":"https:\/\/doi.org\/10.1587\/transfun.2025cip0027","relation":{},"ISSN":["0916-8508","1745-1337"],"issn-type":[{"value":"0916-8508","type":"print"},{"value":"1745-1337","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,1]]},"article-number":"2025CIP0027"}}