Trusted Execution on Leaky Hardware?

Abstract

In recent years, processor vendors have started offering trusted Execution Environments (TEEs), which provide semi-isolated areas for secure code execution. TEEs promise to protect the integrity and confidentiality of the computation executing within them even when the operating system is compromised. Prime among these is Intel's Software Guard Extensions (SGX), which not only protects the execution of software running within it, but also provides infrastructure for secure attestation for remote parties. To provide its ambitions security guarantees, SGX must rely on the security of the underlying processor implementation, which is known to leak information through microarchitectural timing side channels. Acknowledging this limitation, Intel declared timing channels to be out-of-scope for the security model of SGX, raising the question of whether trusted execution can be supported on leaky hardware. In this talk we investigate the intricate interaction between Trusted Execution Environments and microarchitectural side channel attacks. Besides surveying published works in this area, we argue that the strong attack model in which TEEs typically operate significantly exacerbates the effectiveness of microarchitectural side channels. Finally, we conclude by presenting some live demonstrations and future research directions.