Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1371 Discussions

How to derive the PCK from the platform key?

ffffffff
Beginner
‎05-31-2022 02:43 AM
530 Views
Solved Jump to solution

Simulation has a derive process from BASE_PROVISIONING_KEY to (simulated) PCK. Now there are three methods to derive the PCK in difference scenario:

  1. On Single-Package Platform, PCK is derived from SGX provisioning root key;
  2. On Multi-socket platform, PCK is derived from Platform root key which was encrypted by RSEK in Platform manifest;
  3. On Simulation Platform, PCK is derived from BASE_PROVISION_KEY.
    Is that right? If it's right, do they have same derive algorithm, and the SGX provisioning root key, Platform root key,BASE_PROVISION_KEY play the same role in the derive process ?
0 Kudos
1 Solution
Sahira_Intel
Moderator
‎06-01-2022 09:59 AM
502 Views
Solved Jump to solution

Hi,


I believe you have opened a Github thread for this topic already: https://github.com/intel/SGXDataCenterAttestationPrimitives/issues/233


The short answer however is that Simulation mode derivations are not the same as the real ones, and the real ones are not public.


Thanks,

Sahira


View solution in original post

0 Kudos
Copy link

Link Copied

2 Replies
Sahira_Intel
Moderator
‎06-01-2022 09:59 AM
503 Views
Solved Jump to solution

Hi,


I believe you have opened a Github thread for this topic already: https://github.com/intel/SGXDataCenterAttestationPrimitives/issues/233


The short answer however is that Simulation mode derivations are not the same as the real ones, and the real ones are not public.


Thanks,

Sahira


0 Kudos
Copy link
ffffffff
Beginner
‎06-01-2022 06:00 PM
483 Views
Solved Jump to solution
In response to Sahira_Intel

OK. Thanks for your reply.

In response to Sahira_Intel
0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.