- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
According to the paper “ww10-2016-sgx-provisioning-and-attestation-final” , the SGX Key Hierarchy is shown below. I want to confirm whether Intel knows the Root Seal Key. The Root Seal Key is created during processor manufacturing and is not retained by Intel. But Intel is also a chip maker. So, who is the processor manufacturer? how to ensure the privacy of the Root Seal Key?
By the way, I would like to clarify how much memory space SGX currently supports. 64G?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello essencejay,
Intel is the processor manufacturer and does not keep the root seal key. The keys are randomly generated and burned into e-fuses in processors during the manufacturing process. After burning the root seal key, Intel completely removes any traces of the key from its systems. This ensures that only the SGX platform knows its own root seal key, which is burned in the processor and nowhere else.
Most platforms have either 128 MB or 256 MB of EPC. The exception is 3rd Generation Intel® Xeon® Scalable processors, which each support 512GB of EPC size, adding up to 1TB on a two-socket platform.
Sincerely,
Jesus G.
Intel Customer Support
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello essencejay,
Intel is the processor manufacturer and does not keep the root seal key. The keys are randomly generated and burned into e-fuses in processors during the manufacturing process. After burning the root seal key, Intel completely removes any traces of the key from its systems. This ensures that only the SGX platform knows its own root seal key, which is burned in the processor and nowhere else.
Most platforms have either 128 MB or 256 MB of EPC. The exception is 3rd Generation Intel® Xeon® Scalable processors, which each support 512GB of EPC size, adding up to 1TB on a two-socket platform.
Sincerely,
Jesus G.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page