Android Client Application

A "real" remote attestation flamework of Intel SGX

tpm go-attestation playground

Prototype code for the Zero-Knowledge Proof of Integrity Conformance (ZEKRO) security protocol

A small subset of the submitted sample data from https://github.com/GrapheneOS/Auditor. It has a sample attestation certificate chain per device model (ro.product.model) along with a subset of the system properties from the sample as supplementary information.

Code and Tex files for the System Security Course Projects, ETH Zurich, HS 2021.

This repository contains the code and roadmap for the Enclave.NET library, a managed wrapper around the Open Enclave SDK. This library allows app developers to build Intel SGX-aware applications using managed .NET code.

PoC implementation of a DTCB: a set of devices that mutually attest each other leveraging the decentralized nature of a DLT (The IOTA Tangle). The Trust Status of each device participating in the formation of the DTCB is completely maintained without the need of central authorities.

immune Guard agent application

Implementation of zRA protocol, a non-interactive method for constructing a transparent remote attestation (RA) protocol based on zkSNARKs.

Simple and clear sample code for Remote Attestation

A Kubernetes device plugin that exposes Confidential Computing devices to workloads in Google Kubernetes Engine (GKE) clusters.

EMBRAVE: EMBedded Remote Attestation and Verification framEwork

TPM Remote Attestation protocol using go-tpm and gRPC

A Confidential Computing-Aware Certificate Authority

On the TOCTOU Problem in Remote Attestation

Report and track banking app compatibility with GrapheneOS, including which workarounds may be required.

Auditor app prebuilt using the latest official release of the Auditor app.

Proof-of-concept implementation of the IETF RATS Reference Interaction Model for Challenge-Response-based Remote Attestation.

Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.