Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
101 Views

What does the "Extended EPID Group ID" mean?

Hi

I 'm not quite clear about the extended epid group id got from sgx_get_extended_epid_group_id() function.

It always be 0 on my machine. What is this id used for?

If I launch a same enclave code on a same or different platform, how can I distinguish them?

Thanks

0 Kudos
3 Replies
Highlighted
New Contributor III
101 Views

Hi Changzheng:

If you use hardware mode the Extended EPID Group ID would not always be 0. It's something else.

Regards you

0 Kudos
Highlighted
New Contributor III
101 Views

Hi Changzheng:

My previous answer is wrong. I toke the Extended GID as GID. The application uses this value to tell the ISV Service Provider which extended Intel(R) EPID Group to use during remote attestation. When the value is 0, that means Intel IAS is used for enclave verification during remote attestation. When using a different platform, the difference is the GID in msg1.

Kind regards

you

0 Kudos
Highlighted
101 Views

Hi

You can check below thread for more info

https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/671363

Regards

Shivananda

0 Kudos