ReTEE - Restoring Trust in Trusted Execution Environments

Trusted Execution Environments (TEEs) are a promising building block for better security in the modern computing infrastructure. However, numerous attacks, design flaws and weaknesses of deployed solutions have undermined public trust in TEEs. Building on the lessons learned from previous generations, new TEEs are entering the market--with improved security architectures, better usability and promised countermeasures to the most dangerous attacks. Yet, sensitive computation such as processing of cryptographic keys still requires careful software implementation even in the protected context of TEEs. In ReTEE, we explore new directions in automating countermeasures addressing a broad range of shortcomings of modern TEE hardware in a unified software approach. We propose to simplify the protection of security-critical code through automatic application of countermeasures against the remaining attacks. Through automation, manual effort and the necessary knowledge of developers is reduced, while also ensuring the absence of errors. Our goal is to prevent large classes of attacks that have harmed TEEs, namely microarchitectural side-channels, including single-stepping side-channels and transient execution side channels as well as ciphertext side-channels at the software level. We will explore novel approaches that merge existing singular countermeasures into a new and more efficient unified data and code protection framework. Through combined application of countermeasures against orthogonal attack classes, we can harvest synergies of the approaches while maintaining better performance compared to sequentially applied countermeasures. Part of the validation of the proposed countermeasures is a thorough analysis of remaining attack surfaces on modern TEEs. We will follow the state-of-the-art analysis approach of performing vulnerability research and turn the used methodology into an open-source analysis framework, allowing easy reproduction of results and aiding further advancement of analysis. Most current work on side-channel countermeasures focuses on individual problems and only presents solutions which resolve a single attack class and are incompatible with each other. With ReTEE, we move to a more holistic view, showing how integrated software approaches can harden code against multiple and widely different attack vectors in a single transformation. The availability of means to protect software running on a TEE without the need of a deep understanding of the different classes of attacks will aid adoption and help restoring the trust in TEEs. We hope to inspire the research community to move away from specialized solutions and start looking for countermeasures that cover whole attack classes, while at the same time promising usability in a practical setting.