Home

attester

An attester is an entity that provides attestation—an evidence-based claim about a subject or its environment. Attestations are used in trust and security systems to establish that something meets a prescribed policy or integrity. In a typical attestation protocol, the attester gathers evidence about the subject (the entity being attested), such as hardware and software configuration, measured values, or cryptographic credentials, and communicates this evidence to a verifier. The attester signs the evidence with a private key bound to a trusted root, and may include a nonce from the verifier to prevent replay.

Depending on the deployment, attestation can be remote or local. Remote attestation involves a verifier in

Examples of attesters include hardware security modules and trusted platform modules that generate signed security quotes,

Attestation evidence typically comprises measurements or claims, a cryptographic signature, a certificate chain anchored to a

Privacy concerns may arise because attestation can reveal device identity or configuration details, prompting the use

a
different
system,
often
over
a
network,
while
local
attestation
occurs
within
components
on
the
same
device
or
trusted
execution
environment.
secure
enclaves
such
as
Intel
SGX
environments,
and
software
agents
that
report
configuration.
In
identity
and
access
systems,
authenticators
may
function
as
attesters
by
presenting
attestation
statements
about
their
origin
and
capabilities.
In
cloud
computing
and
confidential
computing,
attestation
statements
verify
that
a
VM
or
container
is
running
genuine,
untampered
software.
trusted
authority,
and
sometimes
a
nonce
or
timestamp.
Verifiers
validate
the
evidence
against
policy,
check
the
signature
against
a
trust
anchor,
and
decide
whether
to
grant
access
or
continuity
of
service.
of
anonymized
or
aggregated
attestations
where
possible.
See
also
remote
attestation,
digital
signatures,
and
trust
anchors.