Towards a Trusted Execution Environment via Reconfigurable FPGA

by   Sérgio Pereira, et al.

Trusted Execution Environments (TEEs) are used to protect sensitive data and run secure execution for security-critical applications, by providing an environment isolated from the rest of the system. However, over the last few years, TEEs have been proven weak, as either TEEs built upon security-oriented hardware extensions (e.g., Arm TrustZone) or resorting to dedicated secure elements were exploited multiple times. In this project, we introduce Trusted Execution Environments On-Demand (TEEOD), a novel TEE design that leverages the programmable logic (PL) in the heterogeneous system on chips (SoC) as the secure execution environment. Unlike other TEE designs, TEEOD can provide high-bandwidth connections and physical on-chip isolation. We implemented a proof-of-concept (PoC) implementation targeting an Ultra96-V2 platform. The conducted evaluation demonstrated TEEOD can host up to 6 simultaneous enclaves with a resource usage per enclave of 7.0 FFs, and BRAMS, respectively. To demonstrate the practicability of TEEOD in real-world applications, we successfully run a legacy open-source Bitcoin wallet.



There are no comments yet.


page 2

page 3

page 4

page 6


On The Performance of ARM TrustZone

The TrustZone technology, available in the vast majority of recent ARM p...

BAHULAM: Distributed Data Analytics on Secure Enclaves

This is a survey of some of the currently available frameworks (opensour...

IceClave: A Trusted Execution Environment for In-Storage Computing

In-storage computing with modern solid-state drives (SSDs) enables devel...

Understanding TEE Containers, Easy to Use? Hard to Trust

As an emerging technique for confidential computing, trusted execution e...

Keystone: An Open Framework for Architecting TEEs

Trusted execution environments (TEEs) are being used in all the devices ...

Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX

Since its debut, SGX has been used in many applications, e.g., secure da...

Downgrade Attack on TrustZone

Security-critical tasks require proper isolation from untrusted software...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.