Services for Intel hardware-based Trusted Execution Environments (TEEs)
Intel provides both registration and provisioning services for selected Intel® Xeon® E processors and Intel® Xeon® Scalable processors (starting from 3rd generation). These services support both Intel® Software Guard Extensions (Intel® SGX) and Intel® Trust Domain Extension (Intel® TDX) services, providing the data and collateral to enable third-party remote attestation using the Elliptic Curve Digital Signature Algorithm (ECDSA).
Intel® SGX and Intel® TDX Registration Service
Intel provides the Registration Services to create a package that will register platform root keys (PRKs) shared between all processors on a platform. Visit the Intel® SGX and Intel® TDX Registration Service page for more information.
Intel® SGX and Intel® TDX Provisioning Certification Service
Intel provides Provisioning Certification Services enabling retrieval of necessary collaterals to attest the Intel® SGX-enabled enclave or an Intel® TDX trusted virtual machine (VM). To learn more and subscribe to the service, visit our Intel® SGX and Intel® TDX Provisioning Certification Service page.
Intel® SGX Attestation Service Utilizing Enhanced Privacy ID (EPID)
The Intel® SGX Attestation Service utilizing EPID is only available on select client systems, select Intel® Xeon® E3 processors, and selected Intel® Xeon® E processors.
Intel plans to end of life (EOL) this service April 2, 2025. This would include all active API versions. Intel also plans to limit access to the IAS Development (DEV) environment after September 29, 2024. Please factor this into your engagement plans (reference this link for additional details and Intel-offered attestation alternatives).
Intel SGX Attestation Service enables a relying party to attest an enclave without knowing the specific Intel® processor that the enclave is executing on. To learn more and subscribe to the service, visit our Intel® SGX Attestation Service page.
Attestation Service utilizing EPID is only available on selected client systems, selected Intel® Xeon E3 processors, and selected Intel® Xeon E processors.
You can go to here to learn more about Intel® SGX.
When subscribing to Intel® SGX and Intel® TDX Services, it is highly recommended to register a special account utilizing a public distribution list. The email address utilized for registration will be the single point of contact for any notifications, including updates, new features, availability, downtime, or subscription revocation.
Intel, the Intel logo and Xeon are trademarks of Intel Corporation or its subsidiaries.