Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
119 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Building Your Own Trusted Execution Environments Using FPGA (2203.04214v3)

Published 8 Mar 2022 in cs.CR

Abstract: In recent years, we have witnessed unprecedented growth in using hardware-assisted Trusted Execution Environments (TEE) or enclaves to protect sensitive code and data on commodity devices thanks to new hardware security features, such as Intel SGX and Arm TrustZone. Even though the proprietary TEEs bring many benefits, they have been criticized for lack of transparency, vulnerabilities, and various restrictions. For example, existing TEEs only provide a static and fixed hardware Trusted Computing Base (TCB), which cannot be customized for different applications. Existing TEEs time-share a processor core with the Rich Execution Environment (REE), making execution less efficient and vulnerable to cache side-channel attacks. Moreover, TrustZone lacks hardware support for multiple TEEs, remote attestation, and memory encryption. In this paper, we present BYOTee (Build Your Own Trusted Execution Environments), which is an easy-to-use infrastructure for building multiple equally secure enclaves by utilizing commodity Field Programmable Gate Arrays (FPGA) devices. BYOTee creates enclaves with customized hardware TCBs, which include softcore CPUs, block RAMs, and peripheral connections, in FPGA on demand. Additionally, BYOTee provides mechanisms to attest the integrity of the customized enclaves' hardware and software stacks, including bitstream, firmware, and the Security-Sensitive Applications (SSA) along with their inputs and outputs to remote verifiers. We implement a BYOTee system for the Xilinx System-on-Chip (SoC) FPGA. The evaluations on the low-end Zynq-7000 system for four SSAs and 12 benchmark applications demonstrate the usage, security, effectiveness, and performance of the BYOTee framework.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (101)
  1. V. Costan and S. Devadas, “Intel SGX Explained.,” IACR Cryptol. ePrint Arch., 2016.
  2. S. Pinto and N. Santos, “Demystifying arm trustzone: A comprehensive survey,” ACM Computing Surveys (CSUR), 2019.
  3. R. Bahmani, F. Brasser, G. Dessouky, P. Jauernig, M. Klimmek, A.-R. Sadeghi, and E. Stapf, “CURE: A Security Architecture with CUstomizable and Resilient Enclaves,” in USENIX Security Symposium, 2021.
  4. A. M. Azab, P. Ning, J. Shah, Q. Chen, R. Bhutkar, G. Ganesh, J. Ma, and W. Shen, “Hypervision across worlds: Real-time kernel protection from the arm trustzone secure world,” in ACM Conference on Computer and Communications Security (CCS), 2014.
  5. X. Ge and T. Jaeger, “Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture,” in Mobile Security Technologies Workshop (MoST), 2014.
  6. S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O’keeffe, M. L. Stillwell, et al., “SCONE: Secure linux containers with intel SGX,” in USENIX symposium on Operating Systems Design and Implementation (OSDI), 2016.
  7. C.-C. Tsai, D. E. Porter, and M. Vij, “Graphene-sgx: A practical library OS for unmodified applications on SGX,” in USENIX Annual Technical Conference (ATC), 2017.
  8. N. Santos, H. Raj, S. Saroiu, and A. Wolman, “Using ARM TrustZone to build a trusted language runtime for mobile applications,” in International conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2014.
  9. A. Baumann, M. Peinado, and G. Hunt, “Shielding applications from an untrusted cloud with haven,” ACM Transactions on Computer Systems (TOCS), 2015.
  10. J. Lind, C. Priebe, D. Muthukumaran, D. O’Keeffe, P.-L. Aublin, F. Kelbert, T. Reiher, D. Goltzsche, D. Eyers, R. Kapitza, et al., “Glamdring: Automatic application partitioning for intel SGX,” in USENIX Annual Technical Conference (ATC), 2017.
  11. F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich, “VC3: Trustworthy data analytics in the cloud using SGX,” in IEEE symposium on Security and Privacy (S&P), 2015.
  12. D. Cerdeira, N. Santos, P. Fonseca, and S. Pinto, “SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems,” in IEEE symposium on Security and Privacy (S&P), 2020.
  13. M. Gross, N. Jacob, A. Zankl, and G. Sigl, “Breaking trustzone memory isolation through malicious hardware on a modern fpga-soc,” in ACM Workshop on Attacks and Solutions in Hardware Security Workshop (ASHES), 2019.
  14. M. Schneider, A. Dhar, I. Puddu, K. Kostiainen, and S. Capkun, “Composite Enclaves: Towards Disaggregated Trusted Execution,” IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022.
  15. N. Zhang, K. Sun, D. Shands, W. Lou, and Y. T. Hou, “TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices,” IACR Cryptology ePrint Archive, 2016.
  16. H. Cho, P. Zhang, D. Kim, J. Park, C.-H. Lee, Z. Zhao, A. Doupé, and G.-J. Ahn, “Prime+Count: Novel cross-world covert channels on arm trustzone,” in Annual Computer Security Applications Conference (ACSAC), 2018.
  17. F. Brasser, U. Müller, A. Dmitrienko, K. Kostiainen, S. Capkun, and A.-R. Sadeghi, “Software grand exposure: SGX cache attacks are practical,” in USENIX Workshop on Offensive Technologies, 2017.
  18. X. Zhang, Y. Xiao, and Y. Zhang, “Return-oriented flush-reload side channels on arm and their implications for android devices,” in ACM Conference on Computer and Communications Security (CCS), 2016.
  19. M. Gutierrez, Z. Zhao, A. Doupé, Y. Shoshitaishvili, and G.-J. Ahn, “Cachelight: Defeating the cachekit attack,” in Workshop on Attacks and Solutions in Hardware Security, 2018.
  20. F. Brasser, D. Gens, P. Jauernig, A.-R. Sadeghi, and E. Stapf, “SANCTUARY: ARMing TrustZone with User-space Enclaves.,” in Network and Distributed System Security Symposium (NDSS), 2019.
  21. P. Nasahl, R. Schilling, M. Werner, and S. Mangard, “HECTOR-V: A heterogeneous CPU architecture for a secure RISC-V execution environment,” in ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2021.
  22. S. Volos, K. Vaswani, and R. Bruno, “Graviton: Trusted execution environments on gpus,” in USENIX symposium on Operating Systems Design and Implementation (OSDI), 2018.
  23. J. Wilson, “AMD will infuse EPYC CPUs with Xilinx-based FPGA AI Engines, starting as early as 2023.” https://wccftech.com/amd-will-infuse-epyc-cpus-with-xilinx-based-fpga-ai-engines-starting-as-early-as-2023/, -.
  24. “Project Catapult.” https://www.microsoft.com/en-us/research/project/project-catapult/.
  25. “Project Brainwave.” https://www.microsoft.com/en-us/research/project/project-brainwave/.
  26. “Amazon EC2 documentation.” https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/DocumentHistory.html, -.
  27. C. Zhang, P. Li, G. Sun, Y. Guan, B. Xiao, and J. Cong, “Optimizing FPGA-based Accelerator Design for Deep Convolutional Neural Networks,” in ACM International Symposium on Field-Programmable Gate Arrays (FPGA), 2015.
  28. N. Suda, V. Chandra, G. Dasika, A. Mohanty, Y. Ma, S. Vrudhula, J.-s. Seo, and Y. Cao, “Throughput-optimized opencl-based fpga accelerator for large-scale convolutional neural networks,” in ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA), 2016.
  29. Z. Li, C. Ding, S. Wang, W. Wen, Y. Zhuo, C. Liu, Q. Qiu, W. Xu, X. Lin, X. Qian, et al., “E-rnn: Design optimization for efficient recurrent neural networks in fpgas,” in IEEE International Symposium on High Performance Computer Architecture (HPCA), 2019.
  30. W. N. Chelton and M. Benaissa, “Fast elliptic curve cryptography on fpga,” IEEE transactions on very large scale integration (VLSI) systems, 2008.
  31. R. Elkhatib, R. Azarderakhsh, and M. Mozaffari-Kermani, “High-performance fpga accelerator for sike,” IEEE Transactions on Computers, 2021.
  32. M. Lavasani, H. Angepat, and D. Chiou, “An fpga-based in-line accelerator for memcached,” IEEE Computer Architecture Letters, 2013.
  33. “Open Cores.” https://opencores.org/.
  34. “VexRiscv.” https://github.com/SpinalHDL/VexRiscv, 2022.
  35. “Neo430.” https://github.com/stnolting/neo430, 2020.
  36. “Microwatt.” https://github.com/antonblanchard/microwatt.
  37. “A2I.” https://github.com/openpower-cores/a2i.
  38. “A2O.” https://github.com/openpower-cores/a2o.
  39. “OpenSPARC T1 Softcore Processor.” https://www.oracle.com/servers/technologies/opensparc-t1-page.html.
  40. “libreSOC.” https://libre-soc.org/.
  41. R. Lysecky and F. Vahid, “Design and implementation of a microblaze-based warp processor,” ACM Transactions on Embedded Computing Systems (TECS), 2009.
  42. “Intel NIOS softcore.” https://www.intel.com/content/www/us/en/products/details/fpga/nios-processor/, 2020.
  43. E. Matthews and L. Shannon, “Taiga: A new risc-v soft-processor framework enabling high performance cpu architectural features,” in 2017 27th International Conference on Field Programmable Logic and Applications (FPL), 2017.
  44. C. Heinz, Y. Lavan, J. Hofmann, and A. Koch, “A catalog and in-hardware evaluation of open-source drop-in compatible risc-v softcore processors,” in International Conference on ReConFigurable Computing and FPGAs (ReConFig), 2019.
  45. V. Sieh, O. Tschache, and F. Balbach, “Verify: Evaluation of reliability using vhdl-models with embedded fault descriptions,” in IEEE International Symposium on Fault Tolerant Computing, 1997.
  46. P. T. Breuer, C. K. Delgado, A. L. Marin, N. Martinez Madrid, and L. Sanchez Fernandez, “A refinement calculus for the synthesis of verified hardware descriptions in vhdl,” ACM Transactions on Programming Languages and Systems (TOPLAS), 1997.
  47. Xilinx, “Zynq-7000 SoC Technical Reference Manual.” https://www.xilinx.com/support/documentation/user_guides/ug585-Zynq-7000-TRM.pdf, 2021.
  48. J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten, “Lest we remember: cold-boot attacks on encryption keys,” Communications of the ACM (CACM), 2009.
  49. A. Rahmati, M. Salajegheh, D. Holcomb, J. Sorber, W. P. Burleson, and K. Fu, “TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices without Clocks,” in USENIX Security Symposium, 2012.
  50. Springer Science & Business Media, 2011.
  51. M. Ender, A. Moradi, and C. Paar, “The unpatchable silicon: A full break of the bitstream encryption of xilinx 7-series fpgas,” in USENIX Security Symposium, 2020.
  52. “Arm Platform Security Architecture Security Model.” https://armkeil.blob.core.windows.net/developer/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0079-PSA_SM_ALPHA-02.pdf.
  53. “PSA Attestation API .” https://armkeil.blob.core.windows.net/developer/Files/pdf/PlatformSecurityArchitecture/Implement/IHI0085-PSA_Attestation_API-1.0.1-2.pdf.
  54. A. Machiry, E. Gustafson, C. Spensky, C. Salls, N. Stephens, R. Wang, A. Bianchi, Y. R. Choe, C. Kruegel, and G. Vigna, “BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments,” in Network and Distributed System Security Symposium (NDSS), 2017.
  55. X. Li, X. Li, C. Dall, R. Gu, J. Nieh, Y. Sait, and G. Stockwell, “Design and verification of the arm confidential compute architecture,” in 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI 22), pp. 465–484, 2022.
  56. D. Hwang, S. Yeleuov, J. Seo, M. Chung, H. Moon, and Y. Paek, “Ambassy: A Runtime Framework to Delegate Trusted Applications in an ARM/FPGA Hybrid System,” IEEE Transactions on Mobile Computing (TMC), 2021.
  57. M. Zhao and G. E. Suh, “FPGA-based remote power side-channel attacks,” in IEEE symposium on Security and Privacy (S&P), 2018.
  58. Xilinx, “Xilinx Vivado Toolkit.” https://www.xilinx.com/products/design-tools/vivado.html.
  59. Intel, “Intel Quartus Prime Pro Edition Design Software.” https://www.intel.com/content/www/us/en/software-kit/706104/intel-quartus-prime-pro-edition-design-software-version-21-4-for-linux.html?
  60. T. Abera, R. Bahmani, F. Brasser, A. Ibrahim, A.-R. Sadeghi, and M. Schunter, “DIAT: Data Integrity Attestation for Resilient Collaboration of Autonomous Systems.,” in Network and Distributed System Security Symposium (NDSS), 2019.
  61. S. Weiser and M. Werner, “Sgxio: Generic trusted i/o path for intel sgx,” in ACM on Conference on Data and Application Security and Privacy (CODASPY), 2017.
  62. Xilinx, “MicroBlaze.” https://www.xilinx.com/products/design-tools/microblaze.html, 2018.
  63. Xilinx, “7 Series FPGAs Memory Resources..” https://www.xilinx.com/support/documentation/user_guides/ug473_7Series_Memory_Resources.pdf, 2019.
  64. I. Giechaskiel, K. B. Rasmussen, and K. Eguro, “Leaky wires: Information leakage and covert communication between FPGA long wires,” in Asia Conference on Computer and Communications Security (AsiaCCS), 2018.
  65. C. Ramesh, S. B. Patil, S. N. Dhanuskodi, G. Provelengios, S. Pillement, D. Holcomb, and R. Tessier, “FPGA side channel attacks without physical access,” in Annual international symposium on Field-Programmable Custom Computing Machines (FCCM), 2018.
  66. “Pmod I2S2: Stereo Audio Input and Output.” https://store.digilentinc.com/pmod-i2s2-stereo-audio-input-and-output/, 2018.
  67. “BLAKE2—fast secure hashing.” https://www.blake2.net/, 2015.
  68. “Embench IoT benchmark Cortex-M4 data.” https://gitlab.inria.fr/mescoute/embench-iot/-/tree/76e887fac691d3d3f42cd32636b347bf2626036b/doc.
  69. Linaro, “Trusted Firmware M (TFM) v1.3.0.” https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git.
  70. “Gramine Project.” https://github.com/gramineproject/gramine.
  71. “Embench IoT.” https://github.com/embench/embench-iot, 2021.
  72. ARM, “Arm Cortex-M4 Processor Datasheet.” https://developer.arm.com/documentation/102832, 2020.
  73. J. M. McCune, B. J. Parno, A. Perrig, M. K. Reiter, and H. Isozaki, “Flicker: An execution infrastructure for TCB minimization,” in European Conference on Computer Systems (EuroSys), 2008.
  74. J. M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, and A. Perrig, “TrustVisor: Efficient TCB reduction and attestation,” in IEEE symposium on Security and Privacy (S&P), 2010.
  75. A. Baumann, M. Peinado, and G. Hunt, “Shielding Applications from an Untrusted Cloud with Haven,” in USENIX symposium on Operating Systems Design and Implementation (OSDI), 2014.
  76. K. Xia, Y. Luo, X. Xu, and S. Wei, “Sgx-fpga: Trusted execution environment for cpu-fpga heterogeneous architecture,” in IEEE Design Automation Conference (DAC), 2021.
  77. D. Lee, D. Kohlbrenner, S. Shinde, K. Asanović, and D. Song, “Keystone: An Open Framework for Architecting Trusted Execution Environments,” in European Conference on Computer Systems (EuroSys), 2020.
  78. V. Costan, I. Lebedev, and S. Devadas, “Sanctum: Minimal hardware extensions for strong software isolation,” in USENIX Security Symposium, 2016.
  79. H. Sun, K. Sun, Y. Wang, J. Jing, and H. Wang, “Trustice: Hardware-assisted isolated computing environments on mobile devices,” in Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2015.
  80. Z. Hua, J. Gu, Y. Xia, H. Chen, B. Zang, and H. Guan, “vtz: Virtualizing ARM trustzone,” in USENIX Security Symposium, 2017.
  81. D. Oliveira, T. Gomes, and S. Pinto, “utango: an open-source tee for iot devices,” IEEE Access, 2022.
  82. Y. Deng, C. Wang, S. Yu, S. Liu, Z. Ning, K. Leach, J. Li, S. Yan, Z. He, J. Cao, et al., “Strongbox: A gpu tee on arm endpoints,” in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022.
  83. C. R. Sergio Pereira, David Cerdeira and S. Pinto, “Towards a Trusted Execution Environment via Reconfigurable FPGA,” arXiv preprint arXiv:2107.03781, 2021.
  84. J. Noorman, P. Agten, W. Daniels, R. Strackx, A. Van Herrewege, C. Huygens, B. Preneel, I. Verbauwhede, and F. Piessens, “Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base,” in 2USENIX Security Symposium, 2013.
  85. R. Boivie and P. Williams, “Secureblue++: Cpu support for secure execution,” IBM Research Division, 2012.
  86. P. Koeberl, S. Schulz, A.-R. Sadeghi, and V. Varadharajan, “Trustlite: A security architecture for tiny embedded devices,” in European Conference on Computer Systems, 2014.
  87. K. Eldefrawy, G. Tsudik, A. Francillon, and D. Perito, “Smart: secure and minimal architecture for (establishing dynamic) root of trust.,” in Network and Distributed System Security Symposium (NDSS), 2012.
  88. S. Han and J. Jang, “Mytee: Own the trusted execution environment on embedded devices,”
  89. H. Oh, K. Nam, S. Jeon, Y. Cho, and Y. Paek, “MeetGo: A Trusted Execution Environment for Remote Applications on FPGA,” IEEE Access, 2021.
  90. S. Johnson, D. Rizzo, P. Ranganathan, J. McCune, and R. Ho, “Titan: enabling a transparent silicon root of trust for Cloud,” in Hot Chips: A Symposium on High Performance Chips, 2018.
  91. Samsung, “eSE Safeguard against digital attacks..” https://www.samsung.com/semiconductor/security/ese/, 2020.
  92. Apple, “Security enclave processor for a system on a chip.” https://patents.google.com/patent/US8832465, 2020.
  93. J. Vliegen, M. M. Rabbani, M. Conti, and N. Mentens, “SACHa: Self-attestation of configurable hardware,” in Design, Automation & Test in Europe Conference & Exhibition (DATE), 2019.
  94. I. De Oliveira Nunes, S. Jakkamsetti, N. Rattanavipanon, and G. Tsudik, “On the TOCTOU problem in remote attestation,” in ACM Conference on Computer and Communications Security, 2021.
  95. I. Kuon and J. Rose, “Measuring the gap between fpgas and asics,” IEEE Transactions on computer-aided design of integrated circuits and systems, 2007.
  96. Xilinx, “MicroBlaze Debug Modulev3.2.” https://www.xilinx.com/support/documentation/ip_documentation/mdm/v3_2/pg115-mdm.pdf, 2021.
  97. Xilinx, “LogiCORE IP Product Guide.” https://www.xilinx.com/support/documentation/ip_documentation/axi_timer/v2_0/pg079-axi-timer.pdf, 2016.
  98. Xilinx, “AXI GPIO v2.0.” https://www.xilinx.com/support/documentation/ip_documentation/axi_gpio/v2_0/pg144-axi-gpio.pdf, 2016.
  99. Xilinx, “AXI DMA v7.1.” https://www.xilinx.com/support/documentation/ip_documentation/axi_dma/v7_1/pg021_axi_dma.pdf, 2019.
  100. Xilinx, “AXI4-Stream FIFO v4.1.” https://www.xilinx.com/support/documentation/ip_documentation/axi_fifo_mm_s/v4_1/pg080-axi-fifo-mm-s.pdf, 2016.
  101. Xilinx, “XADC Wizard v3.3.” https://china.xilinx.com/support/documentation/ip_documentation/xadc_wiz/v3_3/pg091-xadc-wiz.pdf, 2016.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (3)
  1. Md Armanuzzaman (3 papers)
  2. Ahmad-Reza Sadeghi (66 papers)
  3. Ziming Zhao (25 papers)
Citations (9)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets