skip to main content
10.1145/3319535.3363205acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEE

Published: 06 November 2019 Publication History

Abstract

Secure enclaves provide a practical solution to secure computation, and current approaches to secure enclaves are implemented by extending hardware security mechanisms to the CPU architecture. Therefore, it is hard for a platform to offer secure computation if its CPU architecture is not equipped with any secure enclave features. Unfortunately, ARM CPUs, dominating mobile devices and having increasing momentum in cloud markets, do not provide any security mechanisms achieving the security equivalent to modern secure enclave architectures. In this paper, we propose SecTEE, a software-based secure enclave architecture which is based on the CPU's isolation mechanism and does not require specialized security hardware of the CPU architecture such as memory encryption engines. SecTEE achieves a high level of security even compared with hardware-based secure enclave architectures: resistance to privileged host software attacks, lightweight physical attacks, and memory access based side-channel attacks. Besides, SecTEE provides rich trusted computing primitives for enclaves: integrity measurement, remote attestation, data sealing, secrets provisioning, and life cycle management. We implement a SecTEE prototype based on the ARM TrustZone technology, but our approach can be applied to other CPU architectures with isolation mechanisms. The evaluation results show that most overhead comes from the software encryption and the runtime overhead imposed by trusted computing primitives is acceptable.

Supplementary Material

WEBM File (p1723-zhao.webm)

References

[1]
AMD64 Virtualization. Secure Virtual Machine Architecture Reference Manual. AMD Publication, 33047, 2005.
[2]
ARM. Security Technology - Building a Secure System using Trustzone Technology. ARM Technical White Paper, 2009.
[3]
S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O'keeffe, M. Stillwell, M. L. Stillwell, D. Goltzsche, D. Eyers, R. Kapitza, P. Pietzuch, and C. Fetzer. SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI'16, pages 689--703. USENIX Association, 2016.
[4]
P.-L. Aublin, F. Kelbert, D. O'Keeffe, D. Muthukumaran, C. Priebe, J. Lind, R. Krahn, C. Fetzer, D. Eyers, and P. Pietzuch. TaLoS: Secure and Transparent TLS Termination inside SGX Enclaves. Imperial College London, Tech. Rep, 5, 2017.
[5]
A. M. Azab, P. Ning, J. Shah, Q. Chen, R. Bhutkar, G. Ganesh, J. Ma, and W. Shen. Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World. In 21st ACM SIGSAC Conference on Computer and Communications Security, CCS'14, pages 90--102. ACM, 2014.
[6]
R. Boivie and P. Williams. SecureBlue+: CPU Support for Secure Execution. Technical report, 2012.
[7]
B. Bond, C. Hawblitzel, M. Kapritsos, K. R. M. Leino, J. R. Lorch, B. Parno, A. Rane, S. Setty, and L. Thompson. Vale: Verifying High-Performance Cryptographic Assembly Code. In 26th USENIX Security Symposium, USENIX Security 17, pages 917--934. USENIX Association, 2017.
[8]
F. Brasser, D. Gens, P. Jauernig, A.-R. Sadeghi, and E. Stapf. SANCTUARY: ARMing TrustZone with User-space Enclaves. In 26th Network and Distributed System Security Symposium, NDSS 2019, 2019.
[9]
F. Brasser, U. Müller, A. Dmitrienko, K. Kostiainen, S. Capkun, and A.-R. Sadeghi. Software Grand Exposure: SGX Cache Attacks Are Practical. In 11th USENIX Workshop on Offensive Technologies. USENIX Association, 2017.
[10]
S. Brenner, C. Wulf, D. Goltzsche, N. Weichbrodt, M. Lorenz, C. Fetzer, P. Pietzuch, and R. Kapitza. SecureKeeper: Confidential ZooKeeper using Intel SGX. In 17th International Middleware Conference, pages 14:1--14:13. ACM, 2016.
[11]
C. Cao, L. Guan, N. Zhang, N. Gao, J. Lin, B. Luo, P. Liu, J. Xiang, and W. Lou. CryptMe: Data Leakage Prevention for Unmodified Programs on ARM Devices. In International Symposium on Research in Attacks, Intrusions, and Defenses, RAID 2018, pages 380--400. Springer, 2018.
[12]
D. Champagne and R. B. Lee. Scalable Architectural Support for Trusted Software. In 16th IEEE International Symposium on High-Performance Computer Architecture, pages 1--12. IEEE, 2010.
[13]
G. Chen, S. Chen, Y. Xiao, Y. Zhang, Z. Lin, and T. Lai. SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution. In 4th IEEE European Symposium on Security and Privacy, pages 142--157. IEEE, 2019.
[14]
S. Chen, X. Zhang, M. K. Reiter, and Y. Zhang. Detecting Privileged Side-Channel Attacks in Shielded Execution with Déjá Vu. In 12th ACM on Asia Conference on Computer and Communications Security, pages 7--18. ACM, 2017.
[15]
P. Colp, J. Zhang, J. Gleeson, S. Suneja, E. De Lara, H. Raj, S. Saroiu, and A. Wolman. Protecting Data on Smartphones and Tablets from Memory Attacks. In 20th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS'15, pages 177--189. ACM, 2015.
[16]
V. Costan and S. Devadas. Intel SGX Explained. IACR Cryptology ePrint Archive, 2016/086, 2016.
[17]
V. Costan, I. Lebedev, and S. Devadas. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In 25th USENIX Security Symposium, USENIX Security 16, pages 857--874. USENIX Association, 2016.
[18]
Y. Ding, R. Duan, L. Li, Y. Cheng, Y. Zhang, T. Chen, T. Wei, and H. Wang. POSTER: Rust SGX SDK: Towards Memory Safety in Intel SGX Enclave. In 24th ACM SIGSAC Conference on Computer and Communications Security, CCS'17, pages 2491--2493. ACM, 2017.
[19]
L. Duflot, Y.-A. Perez, G. Valadon, and O. Levillain. Can You Still Trust Your Network Card. CanSecWest/core10, pages 24--26, 2010.
[20]
D. Evtyushkin, J. Elwell, M. Ozsoy, D. Ponomarev, N. A. Ghazaleh, and R. Riley. Iso-X: A Flexible Architecture for Hardware-Managed Isolated Execution. In Proceedings of the 47th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO-47, pages 190--202. IEEE Computer Society, 2014.
[21]
D. Evtyushkin, R. Riley, N. Abu-Ghazaleh, and D. Ponomarev. BranchScope: A New Side-Channel Attack on Directional Branch Predictor. In 23rd International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS'18, pages 693--707. ACM, 2018.
[22]
A. Ferraiuolo, A. Baumann, C. Hawblitzel, and B. Parno. Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software. In 26th Symposium on Operating Systems Principles, SOSP'17, pages 287--305. ACM, 2017.
[23]
B. Fisch, D. Vinayagamurthy, D. Boneh, and S. Gorbunov. IRON: Functional Encryption using Intel SGX. In 24th ACM SIGSAC Conference on Computer and Communications Security, CCS'17, pages 765--782. ACM, 2017.
[24]
Y. Fu, E. Bauman, R. Quinonez, and Z. Lin. SGX-LAPD: Thwarting Controlled Side Channel Attacks via Enclave Verifiable Page Faults. In 20th International Symposium on Research in Attacks, Intrusions, and Defenses, RAID 2017, pages 357--380. Springer, 2017.
[25]
FuturePlus System. DDR2 800 Bus Analysis Probe. http://www.futureplus.com/download/datasheet/fs2334_ds.pdf, 2006.
[26]
B. Garmany and T. Müller. PRIME: Private RSA Infrastructure for Memory-less Encryption. In 29th Annual Computer Security Applications Conference, ACSAC'13, pages 149--158. ACM, 2013.
[27]
Q. Ge, Y. Yarom, and G. Heiser. No Security Without Time Protection: We Need a New Hardware-Software Contract. In 9th Asia-Pacific Workshop on Systems, pages 1:1--1:9. ACM, 2018.
[28]
X. Ge, H. Vijayakumar, and T. Jaeger. Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture. arXiv preprint arXiv:1410.7747, 2014.
[29]
Global Platform Device Technology. TEE client API specification version 1.0. http://globalplatform.org, 2010.
[30]
GlobalPlatform. GlobalPlatform Device Technology: TEE System Architecture. Technical report, GPD_SPE_009, 2017.
[31]
M. M. Godfrey and M. Zulkernine. Preventing Cache-Based Side-Channel Attacks in a Cloud Environment. IEEE Transactions on Cloud Computing, 2(4):395--408, 2014.
[32]
J. Götzfried, M. Eckert, S. Schinzel, and T. Müller. Cache Attacks on Intel SGX. In 10th European Workshop on Systems Security, pages 2:1--2:6. ACM, 2017.
[33]
B. Gras, K. Razavi, H. Bos, and C. Giuffrida. Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks. In 27th USENIX Security Symposium, USENIX Security 18, pages 955--972. USENIX Association, 2018.
[34]
D. Gruss, C. Maurice, K. Wagner, and S. Mangard. Flush+Flush: A Fast and Stealthy Cache Attack. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pages 279--299. Springer, 2016.
[35]
D. Gruss, R. Spreitzer, and S. Mangard. Cache Template Attacks: Automating Attacks on Inclusive Last-level Caches. In 24th USENIX Security Symposium, USENIX Security 15, pages 897--912. USENIX Association, 2015.
[36]
L. Guan, C. Cao, P. Liu, X. Xing, X. Ge, S. Zhang, M. Yu, and T. Jaeger. Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM. IEEE Transactions on Dependable and Secure Computing, 16(3):438--453, 2018.
[37]
L. Guan, J. Lin, B. Luo, and J. Jing. Copker: Computing with Private Keys without RAM. In 21st Network and Distributed System Security Symposium, NDSS 2014, pages 23--26, 2014.
[38]
L. Guan, J. Lin, B. Luo, J. Jing, and J. Wang. Protecting Private Keys against Memory Disclosure Attacks using Hardware Transactional Memory. In 36th IEEE Symposium on Security and Privacy, S&P 2015, pages 3--19. IEEE, 2015.
[39]
S. Gueron. A Memory Encryption Engine Suitable for General Purpose Processors. IACR Cryptology ePrint Archive, 2016/204, 2016.
[40]
D. Gullasch, E. Bangerter, and S. Krenn. Cache games--Bringing access-based cache attacks on AES to practice. In 30th IEEE Symposium on Security and Privacy, S&P 2011, pages 490--505. IEEE, 2011.
[41]
M. Hahnel, W. Cui, and M. Peinado. High Resolution Side Channels for Untrusted Operating Systems. In 2017 USENIX Annual Technical Conference, USENIX ATC 17, pages 299--312. USENIX Association, 2017.
[42]
J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest We Remember: Cold Boot Attacks on Encryption Keys. Communications of the ACM, 52(5):91--98, 2009.
[43]
M. Henson and S. Taylor. Beyond Full Disk Encryption: Protection on Security-Enhanced Commodity Processors. In 11th International Conference on Applied Cryptography and Network Security, pages 307--321. Springer, 2013.
[44]
G. Hotz. PS3 Glitch Hack. http://www.eurasia.nu/wiki/index.php/PS3_Glitch_Hack, 2010.
[45]
Z. Hua, J. Gu, Y. Xia, H. Chen, B. Zang, and H. Guan. vTZ: Virtualizing ARM TrustZone. In 26th USENIX Security Symposium, USENIX Security 17, pages 541--556. USENIX Association, 2017.
[46]
A. Huang. Keeping Secrets in Hardware: The Microsoft Xboxtextsuperscript™ Case Study. In 4th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2002, pages 213--227. Springer, 2002.
[47]
M. S. Inci, B. Gülmezoglu, G. I. Apecechea, T. Eisenbarth, and B. Sunar. Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud. IACR Cryptology ePrint Archive, 2015/898, 2015.
[48]
Intel Corporation. LaGrande Technology Preliminary Architecture Specification. Document No. 315168 002, 2006.
[49]
G. Irazoqui, T. Eisenbarth, and B. Sunar. S$A: A shared cache attack that works across cores and defies VM sandboxing--and its application to AES. In 36th IEEE Symposium on Security and Privacy, S&P 2015, pages 591--604. IEEE, 2015.
[50]
G. Irazoqui, T. Eisenbarth, and B. Sunar. Cross Processor Cache Attacks. In 11th ACM on Asia conference on computer and communications security, pages 353--364. ACM, 2016.
[51]
G. Irazoqui, M. S. Inci, T. Eisenbarth, and B. Sunar. Wait a Minute! A fast, Cross-VM Attack on AES. In 17th International Workshop on Recent Advances in Intrusion Detection, RAID 2014, pages 299--319. Springer, 2014.
[52]
D. Ji, Q. Zhang, S. Zhao, Z. Shi, and Y. Guan. MicroTEE: Designing TEE OS Based on the Microkernel Architecture. In 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2019. IEEE, 2019.
[53]
L. Jin and S. Cho. Better than the Two: Exceeding Private and Shared Caches via Two-Dimensional Page Coloring. In 1st Workshop on Chip Multiprocessor Memory Systems and Interconnects, 2007.
[54]
V. Karande, E. Bauman, Z. Lin, and L. Khan. SGX-Log: Securing System Logs With SGX. In 12th ACM on Asia Conference on Computer and Communications Security, pages 19--30. ACM, 2017.
[55]
T. Kim, M. Peinado, and G. Mainar-Ruiz. STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud. In 21st USENIX Security Symposium, USENIX Security 12, pages 189--204. USENIX Association, 2012.
[56]
G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. seL4: Formal verification of an OS kernel. In 22nd ACM Symposium on Operating Systems Principles, SOSP'09, pages 207--220. ACM, 2009.
[57]
H. Krawczyk. SIGMA: The `SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and its Use in the IKE Protocols. In 23rd Annual International Cryptology Conference, CRYPTO 2003, pages 400--425. Springer, 2003.
[58]
K. A. Kücc ük, A. Paverd, A. Martin, N. Asokan, A. Simpson, and R. Ankele. Exploring the Use of Intel SGX for Secure Many-Party Applications. In the 1st Workshop on System Software for Trusted Execution, pages 5:1--5:6. ACM, 2016.
[59]
M. G. Kuhn. Cipher Instruction Search Attack on the Bus-encryption Security Microcontroller DS5002FP. IEEE Transactions on Computers, 47(10):1153--1157, 1998.
[60]
D. Lee, D. Kohlbrenner, K. Cheang, C. Rasmussen, K. Laeufer, I. Fang, A. Khosla, C.-C. Tsai, S. Seshia, D. Song, and K. Asanovic. Keystone Enclave: An Open-Source Secure Enclave for RISC-V. https://keystone-enclave.org/, 2018.
[61]
S. Lee, M. Shih, P. Gera, T. Kim, H. Kim, and M. Peinado. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium, USENIX Security 17, pages 557--574. USENIX Association, 2017.
[62]
W. Li, H. Li, H. Chen, and Y. Xia. AdAttester: Secure Online Mobile Advertisement Attestation Using TrustZone. In 13th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys'15, pages 75--88. ACM, 2015.
[63]
W. Li, S. Luo, Z. Sun, Y. Xia, L. Lu, H. Chen, B. Zang, and H. Guan. VButton: Practical Attestation of User-driven Operations in Mobile Apps. In 16th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys'18, pages 28--40. ACM, 2018.
[64]
W. Li, Y. Xia, L. Lu, H. Chen, and B. Zang. TEEv: Virtualizing Trusted Execution Environments on Mobile Platforms. In 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'19, pages 2--16. ACM, 2019.
[65]
Linaro. OP-TEE: Open Portable Trusted Execution Environment. https://www.op-tee.org, 2014.
[66]
Linaro. OP-TEE Pager. https://github.com/OP-TEE/optee_os/blob/master/documentation/optee_design.md, 2015.
[67]
Linaro. OP-TEE Xtest Framework. https://github.com/OP-TEE/optee_test, 2016.
[68]
M. Lipp, D. Gruss, R. Spreitzer, C. Maurice, and S. Mangard. ARMageddon: Cache attacks on mobile devices. In 25th USENIX Security Symposium, USENIX Security 16, pages 549--564. USENIX Association, 2016.
[69]
F. Liu, Y. Yarom, Q. Ge, G. Heiser, and R. B. Lee. Last-Level Cache Side-Channel Attacks are Practical. In 36th IEEE Symposium on Security and Privacy, S&P 2015, pages 605--622. IEEE, 2015.
[70]
P. Maene, J. Götzfried, R. De Clercq, T. Müller, F. Freiling, and I. Verbauwhede. Hardware-Based Trusted Computing Architectures for Isolation and Attestation. IEEE Transactions on Computers, 67(3):361--374, 2018.
[71]
J. M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, and A. Perrig. TrustVisor: Efficient TCB Reduction and Attestation. In 31th IEEE Symposium on Security and Privacy, S&P 2010, pages 143--158. IEEE, 2010.
[72]
J. M. McCune, B. J. Parno, A. Perrig, M. K. Reiter, and H. Isozaki. Flicker: An Execution Infrastructure for TCB Minimization. In ACM SIGOPS Operating Systems Review, volume 42, pages 315--328. ACM, 2008.
[73]
A. Moghimi, G. Irazoqui, and T. Eisenbarth. CacheZoom: How SGX Amplifies the Power of Cache Attacks. In 19th International Conference on Cryptographic Hardware and Embedded Systems, CHES 2017, pages 69--90. Springer, 2017.
[74]
T. Müller, A. Dewald, and F. C. Freiling. AESSE: A Cold-boot Resistant Implementation of AES. In 3rd European Workshop on System Security, pages 42--47. ACM, 2010.
[75]
T. Müller, F. C. Freiling, and A. Dewald. TRESOR Runs Encryption Securely Outside RAM. In 20th USENIX Security Symposium, USENIX Security 11, volume 17. USENIX Association, 2011.
[76]
T. Müller and M. Spreitzenbarth. Frost: Forensic Recovery of Scrambled Telephones. In 12th International Conference on Applied Cryptography and Network Security, pages 373--388. Springer, 2013.
[77]
E. Nascimento. Cache Side-channel Attack AES. https://github.com/enascimento/cache_side-channel_attack_aes, 2017.
[78]
NCC Group. TPM Genie: Interposer Attacks Against the Trusted Platform Module Serial Bus. https://www.nccgroup.trust/us/our-research/tpm-genie-interposer-attacks-against-the-trusted-platform-module-serial-bus, 2018.
[79]
J. Noorman, P. Agten, W. Daniels, R. Strackx, A. Van Herrewege, C. Huygens, B. Preneel, I. Verbauwhede, and F. Piessens. Sancus: Low-cost Trustworthy Extensible Networked Devices with a Zero-software Trusted Computing Base. In 22th USENIX Security Symposium, USENIX Security 13, pages 479--498. USENIX Association, 2013.
[80]
D. A. Osvik, A. Shamir, and E. Tromer. Cache Attacks and Countermeasures: the Case of AES. In Cryptographers' Track at the RSA Conference, pages 1--20. Springer, 2006.
[81]
E. Owusu, J. Guajardo, J. McCune, J. Newsome, A. Perrig, and A. Vasudevan. OASIS: On Achieving a Sanctuary for Integrity and Secrecy on Untrusted Platforms. In 20th ACM SIGSAC Conference on Computer and Communications Security, CCS'13, pages 13--24. ACM, 2013.
[82]
P. Papadopoulos, G. Vasiliadis, G. Christou, E. Markatos, and S. Ioannidis. No Sugar but All the Taste! Memory Encryption Without Architectural Support. In 22nd European Symposium on Research in Computer Security, ESORICS 2017, pages 362--380. Springer, 2017.
[83]
J. Protzenko, B. Parno, A. Fromherz, C. Hawblitzel, M. Polubelova, K. Bhargavan, B. Beurdouche, J. Choi, A. Delignat-Lavaud, C. Fournet, T. Ramananandro, A. Rastogi, N. Swamy, C. Wintersteiger, and S. Zanella-Beguelin. EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider. Technical report, IACR Cryptology ePrint Archive, 2019/757, 2019.
[84]
H. Raj, R. Nathuji, A. Singh, and P. England. Resource Management for Isolation Enhanced Cloud Services. In 1st ACM workshop on Cloud computing security, pages 77--84. ACM, 2009.
[85]
H. Raj, S. Saroiu, A. Wolman, R. Aigner, J. Cox, P. England, C. Fenner, K. Kinshumann, J. Lö ser, D. Mattoon, M. Nyströ m, D. Robinson, R. Spiger, S. Thom, and D. Wooten. fTPM: A Software-Only Implementation of a TPM Chip. In 25th USENIX Security Symposium, USENIX Security 16, pages 841--856. USENIX Association, 2016.
[86]
P. Rauzy and S. Guilley. A Formal Proof of Countermeasures against Fault Injection Attacks on CRT-RSA. Journal of Cryptographic Engineering, 4(3):173--185, 2014.
[87]
Rick Boivie, Eric Hall, Charanjit Jutla, Mimi Zohar. Secure Blue - Secure CPU Technology. https://researcher.watson.ibm.com/researcher/view_page.php?id=6904, 2006.
[88]
Samsung. Whitepaper: Samsung KNOX Security Solution. 2017.
[89]
N. Santos, H. Raj, S. Saroiu, and A. Wolman. Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications. In 19th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS'14, pages 67--80. ACM, 2014.
[90]
F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich. VC3: Trustworthy Data Analytics in the Cloud Using SGX. In 36th IEEE Symposium on Security and Privacy, S&P 2015, pages 38--54. IEEE, 2015.
[91]
M. Schwarz, S. Weiser, D. Gruss, C. Maurice, and S. Mangard. Malware Guard Extension: Using SGX to Conceal Cache Attacks. In 14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pages 3--24. Springer, 2017.
[92]
J. Shi, X. Song, H. Chen, and B. Zang. Limiting Cache-based Side-channel in Multi-tenant Cloud using Dynamic Page Coloring. In IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops, DSN-W 2011, pages 194--199. IEEE, 2011.
[93]
M.-W. Shih, M. Kumar, T. Kim, and A. Gavrilovska. S-NFV: Securing NFV States by Using SGX. In 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pages 45--48. ACM, 2016.
[94]
S. Shinde, Z. L. Chua, V. Narayanan, and P. Saxena. Preventing Page Faults from Telling Your Secrets. In 11th ACM on Asia Conference on Computer and Communications Security, pages 317--328. ACM, 2016.
[95]
S. Shinde, D. Le Tien, S. Tople, and P. Saxena. Panoply: Low-TCB Linux Applications With SGX Enclaves. In 24th Network and Distributed System Security Symposium, NDSS 2017, 2017.
[96]
P. Simmons. Security Through Amnesia: A Software-Based Solution to the Cold Boot Attack on Disk Encryption. In 27th Annual Computer Security Applications Conference, pages 73--82. ACM, 2011.
[97]
Solutions EPN. Analysis Tools for DDR1, DDR2, DDR3, Embedded DDR and Fully Buffered DIMM Modules, 2014.
[98]
R. Spreitzer and T. Plos. Cache-Access Pattern Attack on Disaligned AES T-Table. In 4th International Workshop on Constructive Side-Channel Analysis and Secure Design, pages 200--214. Springer, 2013.
[99]
R. Spreitzer and T. Plos. On the Applicability of Time-Driven Cache Attacks on Mobile Devices. In 7th International Conference on Network and System Security, pages 656--662. Springer, 2013.
[100]
G. E. Suh, D. Clarke, B. Gassend, M. Van Dijk, and S. Devadas. AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In ACM International Conference on Supercomputing 25th Anniversary Volume, pages 357--368. ACM, 2014.
[101]
H. Sun, K. Sun, Y. Wang, and J. Jing. TrustOTP: Transforming Smartphones into Secure One-Time Password Tokens. In 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS'15, pages 976--988. ACM, 2015.
[102]
H. Sun, K. Sun, Y. Wang, J. Jing, and S. Jajodia. TrustDump: Reliable Memory Acquisition on Smartphones. In 19th European Symposium on Research in Computer Security, ESORICS 2014, pages 202--218. Springer, 2014.
[103]
H. Sun, K. Sun, Y. Wang, J. Jing, and H. Wang. TrustICE: Hardware-Assisted Isolated Computing Environments on Mobile Devices. In 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015, pages 367--378. IEEE, 2015.
[104]
D. Tam, R. Azimi, L. Soares, and M. Stumm. Managing Shared L2 Caches on Multicore Systems in Software. In 2nd Workshop on the Interaction between Operating Systems and Computer Architecture, pages 26--33, 2007.
[105]
A. Triulzi. The Jedi Packet Trick Takes over the Deathstar. Central Area Networking and Security, CANSEC 2010, 2010.
[106]
C.-C. Tsai, D. E. Porter, and M. Vij. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In 2017 USENIX Annual Technical Conference, USENIX ATC 17, pages 645--658. USENIX Association, 2017.
[107]
J. Van Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In 27th USENIX Security Symposium, USENIX Security 18, pages 991--1008. USENIX Association, 2018.
[108]
J. Van Bulck, F. Piessens, and R. Strackx. SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control. In 2nd Workshop on System Software for Trusted Execution, pages 4:1--4:6. ACM, 2017.
[109]
G. Vasiliadis, E. Athanasopoulos, M. Polychronakis, and S. Ioannidis. Pixelvault: Using GPUs for Securing Cryptographic Operations. In 21st ACM SIGSAC Conference on Computer and Communications Security, CCS'14, pages 1131--1142. ACM, 2014.
[110]
W. Wang, G. Chen, X. Pan, Y. Zhang, X. Wang, V. Bindschaedler, H. Tang, and C. A. Gunter. Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX. In 24th ACM SIGSAC Conference on Computer and Communications Security, CCS'17, pages 2421--2434. ACM, 2017.
[111]
S. Weiser and M. Werner. SGXIO: Generic Trusted I/O Path for Intel SGX. In 7th ACM Conference on Data and Application Security and Privacy, pages 261--268. ACM, 2017.
[112]
M. Weiß, B. Heinz, and F. Stumpf. A Cache Timing Attack on AES in Virtualization Environments. In 16th International Conference on Financial Cryptography and Data Security, pages 314--328. Springer, 2012.
[113]
M. Weiß, B. Weggenmann, M. August, and G. Sigl. On Cache Timing Attacks Considering Multi-core Aspects in Virtualized Embedded Systems. In 6th International Conference on Trusted Systems, pages 151--167. Springer, 2014.
[114]
Y. Xu, W. Cui, and M. Peinado. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In 36th IEEE Symposium on Security and Privacy, S&P 2015, pages 640--656. IEEE, 2015.
[115]
M. Yan, R. Sprabery, B. Gopireddy, C. Fletcher, R. Campbell, and J. Torrellas. Attack Directories, Not Caches: Side-Channel Attacks in a Non-Inclusive World. In 40th IEEE Symposium on Security and Privacy, S&P 2019. IEEE, 2019.
[116]
Y. Yarom and K. Falkner. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-channel Attack. In 23rd USENIX Security Symposium, USENIX Security 14, pages 719--732. USENIX Association, 2014.
[117]
Y. Ye, R. West, Z. Cheng, and Y. Li. COLORIS: A Dynamic Cache Partitioning System using Page Coloring. In 23rd International Conference on Parallel Architecture and Compilation Techniques, PACT'14, pages 381--392. IEEE, 2014.
[118]
K. Ying, A. Ahlawat, B. Alsharifi, Y. Jiang, P. Thavai, and W. Du. TruZ-Droid: Integrating TrustZone with Mobile Operating System. In 16th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys'18, pages 14--27. ACM, 2018.
[119]
M. Zhang, Q. Zhang, S. Zhao, Z. Shi, and Y. Guan. SoftME: A Software-Based Memory Protection Approach for TEE System to Resist Physical Attacks. Security and Communication Networks, 2019, 2019.
[120]
N. Zhang, H. Sun, K. Sun, W. Lou, and Y. T. Hou. CacheKit: Evading Memory Introspection Using Cache Incoherence. In 1st IEEE European Symposium on Security and Privacy, EuroS&P 2016, pages 337--352. IEEE, 2016.
[121]
N. Zhang, K. Sun, W. Lou, and Y. T. Hou. Case: Cache-Assisted Secure Execution on ARM Processors. In 37th IEEE Symposium on Security and Privacy, S&P 2016, pages 72--90. IEEE, 2016.
[122]
N. Zhang, K. Sun, D. Shands, W. Lou, and Y. T. Hou. TruSense: Information Leakage from TrustZone. In IEEE Conference on Computer Communications, IEEE INFOCOM 2018, pages 1097--1105. IEEE, 2018.
[123]
S. Zhao, Q. Zhang, Y. Qin, W. Feng, and D. Feng. Minimal Kernel: An Operating System Architecture for TEE to Resist Board Level Physical Attacks. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2019, pages 105--120. USENIX Association, 2019.
[124]
J.-K. Zinzindohoué, K. Bhargavan, J. Protzenko, and B. Beurdouche. HACL*: A Verified Modern Cryptographic Library. In 24th ACM SIGSAC Conference on Computer and Communications Security, CCS'17, pages 1789--1806. ACM, 2017.

Cited By

View all
  • (2025)Tee-based key-value stores: a surveyThe VLDB Journal — The International Journal on Very Large Data Bases10.1007/s00778-024-00877-634:1Online publication date: 1-Jan-2025
  • (2024)A Survey on Energy-Aware Security Mechanisms for the Internet of ThingsFuture Internet10.3390/fi1604012816:4(128)Online publication date: 8-Apr-2024
  • (2024)A High-Performance Transparent Memory Data Encryption and Authentication Scheme Based on Ascon CipherIEEE Transactions on Very Large Scale Integration (VLSI) Systems10.1109/TVLSI.2024.337202632:5(925-937)Online publication date: May-2024
  • Show More Cited By

Index Terms

  1. SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEE

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
      November 2019
      2755 pages
      ISBN:9781450367479
      DOI:10.1145/3319535
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 06 November 2019

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. TEE
      2. arm trustzone
      3. board-level physical attacks
      4. memory access based side-channel attacks
      5. secure enclave

      Qualifiers

      • Research-article

      Funding Sources

      Conference

      CCS '19
      Sponsor:

      Acceptance Rates

      CCS '19 Paper Acceptance Rate 149 of 934 submissions, 16%;
      Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

      Upcoming Conference

      CCS '25

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)283
      • Downloads (Last 6 weeks)41
      Reflects downloads up to 15 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2025)Tee-based key-value stores: a surveyThe VLDB Journal — The International Journal on Very Large Data Bases10.1007/s00778-024-00877-634:1Online publication date: 1-Jan-2025
      • (2024)A Survey on Energy-Aware Security Mechanisms for the Internet of ThingsFuture Internet10.3390/fi1604012816:4(128)Online publication date: 8-Apr-2024
      • (2024)A High-Performance Transparent Memory Data Encryption and Authentication Scheme Based on Ascon CipherIEEE Transactions on Very Large Scale Integration (VLSI) Systems10.1109/TVLSI.2024.337202632:5(925-937)Online publication date: May-2024
      • (2024)Armor: Protecting Software Against Hardware Tracing TechniquesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.337281619(4247-4262)Online publication date: 2024
      • (2024)CacheIEE: Cache-Assisted Isolated Execution Environment on ARM Multi-Core PlatformsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.325141821:1(254-269)Online publication date: Jan-2024
      • (2024)SoK: A Comparison Study of Arm TrustZone and CCA2024 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED61283.2024.00021(107-118)Online publication date: 16-May-2024
      • (2024)Privacy Preserving Machine Learning With Federated Personalized Learning in Artificially Generated EnvironmentIEEE Open Journal of the Computer Society10.1109/OJCS.2024.34668595(694-704)Online publication date: 2024
      • (2024)HyperTEE: A Decoupled TEE Architecture with Secure Enclave Management2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO61859.2024.00018(105-120)Online publication date: 2-Nov-2024
      • (2024)MRA-IMA: Enhanced Mutual Remote Attestation Based on ARM TrustZone2024 9th International Conference on Computer and Communication Systems (ICCCS)10.1109/ICCCS61882.2024.10603080(1278-1284)Online publication date: 19-Apr-2024
      • (2024)LIMBOCOIN: On the Denial-of-Service of Token based Retail CBDCs2024 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)10.1109/ICBC59979.2024.10634471(325-333)Online publication date: 27-May-2024
      • Show More Cited By

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media