Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

What does the "Extended EPID Group ID" mean?

Changzheng_W_Intel
1,183 Views

Hi

I 'm not quite clear about the extended epid group id got from sgx_get_extended_epid_group_id() function.

It always be 0 on my machine. What is this id used for?

If I launch a same enclave code on a same or different platform, how can I distinguish them?

Thanks

0 Kudos
3 Replies
you_w_
New Contributor III
1,183 Views

Hi Changzheng:

If you use hardware mode the Extended EPID Group ID would not always be 0. It's something else.

Regards you

0 Kudos
you_w_
New Contributor III
1,183 Views

Hi Changzheng:

My previous answer is wrong. I toke the Extended GID as GID. The application uses this value to tell the ISV Service Provider which extended Intel(R) EPID Group to use during remote attestation. When the value is 0, that means Intel IAS is used for enclave verification during remote attestation. When using a different platform, the difference is the GID in msg1.

Kind regards

you

0 Kudos
Shivananda_H_Intel
1,183 Views

Hi

You can check below thread for more info

https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/671363

Regards

Shivananda

0 Kudos
Reply