Research Directions for Verifiable Crypto-Physically Secure TEEs

TL;DR

This paper explores how to design and implement physically secure, verifiable TEEs for Web3 applications, reducing reliance on manufacturer trust and cloud infrastructure by leveraging hardware security techniques.

Contribution

It proposes a hardware architecture combining PUFs, masking, redundancy, and open source verification to enhance TEE security against physical attacks and eliminate manufacturer trust.

Findings

Proposes a hardware security framework for TEEs.

Highlights the use of PUFs and open source verification.

Suggests a path toward trustless hardware attestation.

Abstract

A niche corner of the Web3 world is increasingly making use of hardware-based Trusted Execution Environments (TEEs) to build decentralized infrastructure. One of the motivations to use TEEs is to go beyond the current performance limitations of cryptography-based alternatives such as zero-knowledge proofs (ZKP), fully homomorphic encryption (FHE), and multi-party computation (MPC). Despite their appealing advantages, current TEEs suffer from serious limitations as they are not secure against physical attacks, and their attestation mechanism is rooted in the chip manufacturer's trust. As a result, Web3 applications have to rely on cloud infrastruture to act as trusted guardians of hardware-based TEEs and have to accept to trust chip manufacturers. This work aims at exploring how we could potentially architect and implement chips that would be secure against physical attacks and would not require putting trust in chip manufacturers. One goal of this work is to motivate the Web3 movement to acknowledge and leverage the substantial amount of relevant hardware research that already exists. In brief, a combination of: (1) physical unclonable functions (PUFs) to secure the root-of-trust; (2) masking and redundancy techniques to secure computations; (3) open source hardware and imaging techniques to verify that a chip matches its expected design; can help move towards attesting that a given TEE can be trusted without the need to trust a cloud provider and a chip manufacturer.