Towards a Trusted Execution Environment via Reconfigurable FPGA

07/08/2021
by   Sérgio Pereira, et al.
0

Trusted Execution Environments (TEEs) are used to protect sensitive data and run secure execution for security-critical applications, by providing an environment isolated from the rest of the system. However, over the last few years, TEEs have been proven weak, as either TEEs built upon security-oriented hardware extensions (e.g., Arm TrustZone) or resorting to dedicated secure elements were exploited multiple times. In this project, we introduce Trusted Execution Environments On-Demand (TEEOD), a novel TEE design that leverages the programmable logic (PL) in the heterogeneous system on chips (SoC) as the secure execution environment. Unlike other TEE designs, TEEOD can provide high-bandwidth connections and physical on-chip isolation. We implemented a proof-of-concept (PoC) implementation targeting an Ultra96-V2 platform. The conducted evaluation demonstrated TEEOD can host up to 6 simultaneous enclaves with a resource usage per enclave of 7.0 FFs, and BRAMS, respectively. To demonstrate the practicability of TEEOD in real-world applications, we successfully run a legacy open-source Bitcoin wallet.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 2

page 3

page 4

page 6

06/24/2019

On The Performance of ARM TrustZone

The TrustZone technology, available in the vast majority of recent ARM p...
04/20/2020

BAHULAM: Distributed Data Analytics on Secure Enclaves

This is a survey of some of the currently available frameworks (opensour...
09/08/2021

IceClave: A Trusted Execution Environment for In-Storage Computing

In-storage computing with modern solid-state drives (SSDs) enables devel...
09/04/2021

Understanding TEE Containers, Easy to Use? Hard to Trust

As an emerging technique for confidential computing, trusted execution e...
07/23/2019

Keystone: An Open Framework for Architecting TEEs

Trusted execution environments (TEEs) are being used in all the devices ...
10/23/2020

Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX

Since its debut, SGX has been used in many applications, e.g., secure da...
07/17/2017

Downgrade Attack on TrustZone

Security-critical tasks require proper isolation from untrusted software...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.