mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-29 01:16:12 -05:00
44 lines
1.8 KiB
Markdown
44 lines
1.8 KiB
Markdown
|
# Proof of Ownership
|
||
|
|
||
|
A cluster owner needs a way to prove a cluster belongs to them, while a third-party needs to be able to verify the owner's claims.
|
||
|
For that, the owner generates a private/public key pair.
|
||
|
|
||
|
During `constellation init`, the cluster will generate its own private/public key pair, and send back a signing request for the public key.
|
||
|
|
||
|
The signed public key is measured into a PCR, so the binding of the private/public key to the cluster can be verified through remote attestation.
|
||
|
|
||
|
The cluster is now able to sign data using its own private key.
|
||
|
|
||
|
A third-party can verify a cluster belongs to a specific person in three steps:
|
||
|
|
||
|
1. Verify the signature of data provided by the third-party and signed by the cluster
|
||
|
|
||
|
2. Verify the cluster's public key was signed by the owner
|
||
|
|
||
|
3. Verify the public key is measured into a PCR by validating the cluster's attestation statement
|
||
|
|
||
|
## Workflow
|
||
|
|
||
|
1. Cluster owner generates a private/public key pair
|
||
|
|
||
|
2. The Constellation cluster generates its own private/public key pair and requests the owner to sign the public key during `constellation init`
|
||
|
|
||
|
3. Constellation measures the signed public key into PCR[11] (previously used for ownerID)
|
||
|
|
||
|
4. A third-party requests an attestation from the verification service, providing some data to be signed
|
||
|
|
||
|
5. The verification service signs the data using its private key
|
||
|
|
||
|
6. The verification service returns: attestation document + data signature + signed public key
|
||
|
|
||
|
7. The third-party verifies the public key signature using the owner's public key
|
||
|
|
||
|
8. The third-party calculates the expected PCR[11] using the signed public key and validates the attestation document
|
||
|
|
||
|
9. The data signature is verified, and if successful proving ownership of the cluster
|
||
|
|
||
|
## Encoding
|
||
|
|
||
|
The signed public key measured into PCR[11] is DER encoded.
|
||
|
TODO: Add exact encoding specification
|