Attestation Mechanisms for Trusted Execution Environments Demystified

J\"ames M\'en\'etrey; Christian G\"ottel; Anum Khurshid; Marcelo; Pasin; Pascal Felber; Valerio Schiavoni; Shahid Raza

arXiv:2206.03780·cs.CR·September 26, 2022

Attestation Mechanisms for Trusted Execution Environments Demystified

J\"ames M\'en\'etrey, Christian G\"ottel, Anum Khurshid, Marcelo, Pasin, Pascal Felber, Valerio Schiavoni, Shahid Raza

PDF

TL;DR

This paper reviews how trusted execution environments like Intel SGX, Arm TrustZone, AMD SEV, and emerging RISC-V solutions use attestation mechanisms to establish trust and ensure code genuineness in sensitive applications.

Contribution

It provides a comprehensive overview of remote attestation principles and explains their application across various trusted execution environments, including emerging RISC-V solutions.

Findings

01

Detailed explanation of attestation principles

02

Comparison of established and emerging TEEs

03

Insights into the security guarantees provided

Abstract

Attestation is a fundamental building block to establish trust over software systems. When used in conjunction with trusted execution environments, it guarantees the genuineness of the code executed against powerful attackers and threats, paving the way for adoption in several sensitive application domains. This paper reviews remote attestation principles and explains how the modern and industrially well-established trusted execution environments Intel SGX, Arm TrustZone and AMD SEV, as well as emerging RISC-V solutions, leverage these mechanisms.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.