Towards a Trusted Execution Environment via Reconfigurable FPGA

07/08/2021
by   Sérgio Pereira, et al.
0

Trusted Execution Environments (TEEs) are used to protect sensitive data and run secure execution for security-critical applications, by providing an environment isolated from the rest of the system. However, over the last few years, TEEs have been proven weak, as either TEEs built upon security-oriented hardware extensions (e.g., Arm TrustZone) or resorting to dedicated secure elements were exploited multiple times. In this project, we introduce Trusted Execution Environments On-Demand (TEEOD), a novel TEE design that leverages the programmable logic (PL) in the heterogeneous system on chips (SoC) as the secure execution environment. Unlike other TEE designs, TEEOD can provide high-bandwidth connections and physical on-chip isolation. We implemented a proof-of-concept (PoC) implementation targeting an Ultra96-V2 platform. The conducted evaluation demonstrated TEEOD can host up to 6 simultaneous enclaves with a resource usage per enclave of 7.0 FFs, and BRAMS, respectively. To demonstrate the practicability of TEEOD in real-world applications, we successfully run a legacy open-source Bitcoin wallet.

READ FULL TEXT

page 2

page 3

page 4

page 6

research
03/08/2022

BYOTee: Towards Building Your Own Trusted Execution Environments Using FPGA

In recent years, we have witnessed unprecedented growth in using hardwar...
research
12/08/2022

HyperEnclave: An Open and Cross-platform Trusted Execution Environment

A number of trusted execution environments (TEEs) have been proposed by ...
research
04/20/2020

BAHULAM: Distributed Data Analytics on Secure Enclaves

This is a survey of some of the currently available frameworks (opensour...
research
03/02/2022

ReZone: Disarming TrustZone with TEE Privilege Reduction

In TrustZone-assisted TEEs, the trusted OS has unrestricted access to bo...
research
09/08/2021

IceClave: A Trusted Execution Environment for In-Storage Computing

In-storage computing with modern solid-state drives (SSDs) enables devel...
research
09/04/2021

Understanding TEE Containers, Easy to Use? Hard to Trust

As an emerging technique for confidential computing, trusted execution e...
research
10/23/2020

Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX

Since its debut, SGX has been used in many applications, e.g., secure da...

Please sign up or login with your details

Forgot password? Click here to reset