Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

What does the "Extended EPID Group ID" mean?

Changzheng_W_Intel
480 Views

Hi

I 'm not quite clear about the extended epid group id got from sgx_get_extended_epid_group_id() function.

It always be 0 on my machine. What is this id used for?

If I launch a same enclave code on a same or different platform, how can I distinguish them?

Thanks

0 Kudos
3 Replies
you_w_
New Contributor III
480 Views

Hi Changzheng:

If you use hardware mode the Extended EPID Group ID would not always be 0. It's something else.

Regards you

you_w_
New Contributor III
480 Views

Hi Changzheng:

My previous answer is wrong. I toke the Extended GID as GID. The application uses this value to tell the ISV Service Provider which extended Intel(R) EPID Group to use during remote attestation. When the value is 0, that means Intel IAS is used for enclave verification during remote attestation. When using a different platform, the difference is the GID in msg1.

Kind regards

you

Shivananda_H_Intel
480 Views

Hi

You can check below thread for more info

https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/671363

Regards

Shivananda

Reply