Litcius/Paper detail

SoK: Understanding Design Choices and Pitfalls of Trusted Execution Environments

M. Li, Yuheng Yang, Guoxing Chen, Mengjia Yan, Yinqian Zhang

202415 citationsDOIOpen Access PDF

Abstract

Trusted execution environment (TEE) is a revolutionary technology that enables secure remote execution (SRE) of cloud workloads on untrusted server-side computing platforms. Both commercial and academic TEEs have been proposed in the past few years, including Intel's SGX and TDX, AMD's SEV, ARM's CCA, IBM's PEF, and their academic counterparts built atop open-source RISC-V processors, such as Keystone, Sanctum, CURE, and Penglai. While great efforts from both sides have been made in developing a confidential computing ecosystem, the existence of server-side TEEs with drastically different designs and the presence of various known attacks have significantly increased the difficulty of understanding TEE designs and the reasons behind existing attacks.

Topics & Concepts

Computer scienceDirect Anonymous AttestationHuman–computer interactionTrusted ComputingComputer securitySecurity and Verification in ComputingAdvanced Malware Detection TechniquesPhysical Unclonable Functions (PUFs) and Hardware Security