SlideShare une entreprise Scribd logo

Attestation Mechanisms for Trusted Execution Environments Demystified - Presentation slides

Jämes Ménétrey
Jämes Ménétrey

The presentation slides of the paper Attestation Mechanisms for Trusted Execution Environments Demystified, published in the proceedings of the 22nd IFIP International Conference on Distributed Applications and Interoperable Systems, June 2022. Read the publication here: https://arxiv.org/abs/2206.03780 This publication incorporates results from the VEDLIoT project, which received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 957197.

Logiciels
1  sur  21
Télécharger pour lire hors ligne
Attestation Mechanisms for Trusted Execution Environments Demystified Jämes Ménétrey1 Christian Göttel1 Anum Khurshid2 Marcelo Pasin1 Pascal Felber1 Valerio Schiavoni1 Shahid Raza2 1 University of Neuchâtel, Switzerland 2 RISE Research Institutes of Sweden June 13-17, 2022 17th International Conference on Distributed Applications and Interoperable Systems (DAIS ’22), Lucca, Italy 🇮🇹
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Context Hardware VMM Company OS Software stack Trusted by cloud providers Your apps Trusted by you Developers Cloud providers Your apps Attack surface of your apps • We process and store sensitive data in clouds or on IoT edge devices. • Developers deploy trusted apps on systems they assume to be trustworthy. • TEEs reduce the attack surface and help obtaining remote attestation. 2
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Remote attestation primer (ietf-rats) Attester Veri fi er Relying party Evidence Attestation result Claims H( ) Reference values Reference Value Provider = ? • The attester issues an evidence, which is examined by a verifier and reports to a relying party. • An evidence is a set of claims (e.g., code measurement). 3 Code measurement ② Sending quote ① Provision references values ③ Verification result
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Scope of this survey: available technologies 4 TEEs Intel AMD Arm RISC-V Sanctum LIRA-V
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Intel SGX remote attestation 5 Enclave Process Operating system Hardware High-level architecture of Intel SGX • The enclave are located within the process that spawn it. • Split the application into two parts: secure and unsecure.
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Intel SGX remote attestation (EPID) 6 Enclave (Attester) SGX quoting enclave ② Local attestation ① Challenge Trusted service (Veri fi er) ③ Quote (evidence) Report (claims) ④ Send evidence Intel attestation (Verifier) ⑤ Validate evidence ⑥ Provision data Enclave Process Operating system Hardware High-level architecture
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Intel SGX remote attestation (DCAP) 7 Enclave (Attester) SGX quoting enclave ② Local attestation ① Challenge Trusted service (Veri fi er) ③ Quote (evidence) Report (claims) ④ Send evidence Intel attestation (Verifier) ⑤ Validate evidence ⑥ Provision data Enclave Process Operating system Hardware High-level architecture Intel SGX Certi fi cation Service NEW: ⓪ Download certificates for Intel SGX CPUs
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Arm TrustZone-A 8 TA Process OS Secure monitor High-level architecture of TrustZone-A Trusted OS Normal world Secure world • Available on processors of Cortex-A series. • Split the devices into two worlds.
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Arm TrustZone-A TA Process OS Secure monitor High-level architecture Trusted OS • TrustZone does not provide a built-in remote attestation mechanism. • We demonstrate an extension found in literature [1]. 9 1Establishing Mutually Trusted Channels for Remote Sensing Devices with Trusted Execution Environments, Shepherd C. et al., ARES ’17 *Evidence = System state + H( ) TA Endorser OP-TEE Trusted Measurer TA TA Authenticated boot Signing keys Trusted Measurer OP-TEE TA TA System A System B ① Challenge ② Evidence* B ③ Evidence* A Signing keys
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Arm TrustZone-M 10 TA Process OS Hardware High-level architecture of TrustZone-M Firmware Normal world Secure world • Designed for very small devices. • Available on processors of Cortex-M series.
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 AMD SEV-SNP 11 Process Process OS Hypervisor High-level architecture of AMD SEV-SNP OS Firmware/Hardware Secure virtual machine (TEE) • Secure code execution using virtual machines.
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 AMD SEV-SNP 12 Process Process OS Hypervisor High-level architecture OS Firmware/Hardware Verifier SNP Guest (Attester) AMD Firmware AMD Hardware ① Challenge Challenge (claims) ② IOCTL request ③ Report (evidence) ④ Send evidence ⑤ Provision data
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 RISC-V: general purpose TEEs Keystone • Sanctum is a TEE construction that mimics Intel SGX. • Keystone is a composable framework for TEEs with enclaves comprised of a runtime and an enclave apps. • TEE enforced using a secure monitor and PMP. • Measurements are made by the secure monitor, based on the application code during initialisation. • Remote attestation: similar to Intel SGX. 13 Eapp Process OS Secure monitor Keystone Hardware (PMP) Runtime Enclave Enclave Process Operating system Secure monitor Sanctum Hardware (PMP)
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 RISC-V: IoT edge tailored TEEs (1) • TIMBER-V uses memory tagging to instantiate TEEs for small devices. • Measurements are made by Tag root, based on the application code during initialisation. • Remote attestation: Tag root signs the evidence using a MAC (symmetric crypto). 14 Process OS TIMBER-V Hardware Tag root Process
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 RISC-V: IoT edge tailored TEEs (2) • LIRA-V works with programs in supervisor and machine RISC-V modes and attest regions of memory. • Measurements are made by the Root of trust and measures at runtime. • Remote attestation: mutual, similarly to the Arm TrustZone’s state-of- the-art. 15 Process Root of trust (ROM) LIRA-V Hardware (PMP) Process Mem
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Which TEE is the best fit for me? It depends on the deployment scenarios. 16
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 TEEs characteristics Server-grade General purpose IoT Industrial TEEs Many domains Mutual attestation Encrypted DRAM Local attestation Find more criteria in the paper. 17 LIRA-V Sanctum
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Future perspective 18
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Perspectives for the future: Intel TDX • Intel TDX deploys hardware-isolated virtual machines: Trust Domains (TD). • TDX runs legacy applications on regular OSes, similarly to AMD SEV. • The TDX module isolates the TD thanks to new CPU instructions. • TDX reuses the SGX attestation to support remote attestation: • Initial measurement during TD build process • Can be extended to measure additional data at run-time 19 Regular Virtual Machines Secure Trust Domains TDX module VM TDX-aware VMM Hardware VM TD TD TD VM High-level architecture of Intel TDX
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Perspectives for the future: Arm CCA • Arm CCA deploys hardware-isolated virtual machines: Realm VM. • RME is the hardware extension that introduce a new world: the Realm. • Unlike TrustZone, the Realm has shielded memory (encryption + integrity). • CCA provides attestation of the platform & initial state of the realm. 20 TA Process OS Secure monitor High-level architecture of Arm CCA Trusted OS Realm VM Hypervisor RMM Realm VM SPM Realm Realm Management Monitor Secure Partition Manager Normal Secure
Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Thanks for your attention! Takeaway • Remote attestation ensures the genuineness of deployed applications in TEEs. • There are many TEEs, but no “one size fits all” TEE, it depends on the usage. • Industrial solutions have well-documented (and undiscovered?) flaws. Emerging solutions lack hindsight. • New TEEs design tend to be VM-based (AMD SEV, Intel TDX, Arm CCA). 21 Read me online!

Recommandé

SGX Trusted Execution Environment
SGX Trusted Execution EnvironmentSGX Trusted Execution Environment
SGX Trusted Execution Environment
Kernel TLV
 
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
The Linux Foundation
 
TensorRT survey
TensorRT surveyTensorRT survey
TensorRT survey
Yi-Hsiu Hsu
 
WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...
WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...
WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...
Jämes Ménétrey
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
Florian Roth
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
Houcheng Lin
 

Recommandé

SGX Trusted Execution Environment
SGX Trusted Execution EnvironmentSGX Trusted Execution Environment
SGX Trusted Execution Environment
Kernel TLV
 
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
The Linux Foundation
 
TensorRT survey
TensorRT surveyTensorRT survey
TensorRT survey
Yi-Hsiu Hsu
 
WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...
WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...
WaTZ: A Trusted WebAssembly Runtime Environment with Remote Attestation for T...
Jämes Ménétrey
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
Florian Roth
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
Houcheng Lin
 
Linux booting procedure
Linux booting procedureLinux booting procedure
Linux booting procedure
Dhaval Kaneria
 
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIAnti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Arash Ramez
 
Linux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance ShowdownLinux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance Showdown
ScyllaDB
 
Rancher Rodeo
Rancher RodeoRancher Rodeo
Rancher Rodeo
SUSE
 
Hacking QNX
Hacking QNXHacking QNX
Hacking QNX
ricardomcm
 
Introduction to Linux basic
Introduction to Linux basicIntroduction to Linux basic
Introduction to Linux basic
f114n
 
Raspberry Pi - Lecture 2 Linux OS
Raspberry Pi - Lecture 2 Linux OSRaspberry Pi - Lecture 2 Linux OS
Raspberry Pi - Lecture 2 Linux OS
Mohamed Abdallah
 
Ekiden
EkidenEkiden
Ekiden
YongraeJo
 
GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...
GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...
GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...
Netwalker lab kapper
 
Build and run embedded apps faster from qt creator with docker
Build and run embedded apps faster from qt creator with dockerBuild and run embedded apps faster from qt creator with docker
Build and run embedded apps faster from qt creator with docker
Qt
 
An introduction to the prpl foundation
An introduction to the prpl foundationAn introduction to the prpl foundation
An introduction to the prpl foundation
Imagination Technologies
 
OpenShift Enterprise
OpenShift EnterpriseOpenShift Enterprise
OpenShift Enterprise
Ali Sadeghi Ardestani
 
Software update for IoT: the current state of play
Software update for IoT: the current state of playSoftware update for IoT: the current state of play
Software update for IoT: the current state of play
Chris Simmonds
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introduction
Yi-Hsiu Hsu
 
OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1
OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1
OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1
Ji-Woong Choi
 
Embedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernelEmbedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernel
Emertxe Information Technologies Pvt Ltd
 
[ko] Kernel Networking Stack 진입 장벽 허물기
[ko] Kernel Networking Stack 진입 장벽 허물기[ko] Kernel Networking Stack 진입 장벽 허물기
[ko] Kernel Networking Stack 진입 장벽 허물기
Juhee Kang
 
Building Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARMBuilding Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARM
Sherif Mousa
 
Running Android on the Raspberry Pi: Android Pie meets Raspberry Pi
Running Android on the Raspberry Pi: Android Pie meets Raspberry PiRunning Android on the Raspberry Pi: Android Pie meets Raspberry Pi
Running Android on the Raspberry Pi: Android Pie meets Raspberry Pi
Chris Simmonds
 
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPFCilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Docker, Inc.
 
HiPEAC 2022_Marcelo Pasin presentation
HiPEAC 2022_Marcelo Pasin presentationHiPEAC 2022_Marcelo Pasin presentation
HiPEAC 2022_Marcelo Pasin presentation
VEDLIoT Project
 
IoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentationIoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentation
VEDLIoT Project
 

Contenu connexe

Tendances

Linux booting procedure
Linux booting procedureLinux booting procedure
Linux booting procedure
Dhaval Kaneria
 
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPFCilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Docker, Inc.
 

Tendances (20)

Linux booting procedure
Linux booting procedureLinux booting procedure
Linux booting procedure
 
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIAnti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
 
Linux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance ShowdownLinux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance Showdown
 
Rancher Rodeo
Rancher RodeoRancher Rodeo
Rancher Rodeo
 
Hacking QNX
Hacking QNXHacking QNX
Hacking QNX
 
Introduction to Linux basic
Introduction to Linux basicIntroduction to Linux basic
Introduction to Linux basic
 
Raspberry Pi - Lecture 2 Linux OS
Raspberry Pi - Lecture 2 Linux OSRaspberry Pi - Lecture 2 Linux OS
Raspberry Pi - Lecture 2 Linux OS
 
Ekiden
EkidenEkiden
Ekiden
 
GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...
GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...
GPD-WINや中華ノートPCなどATOM機器に 各種Linuxディストリを入れて遊ぼう Install Linux Distributions on G...
 
Build and run embedded apps faster from qt creator with docker
Build and run embedded apps faster from qt creator with dockerBuild and run embedded apps faster from qt creator with docker
Build and run embedded apps faster from qt creator with docker
 
An introduction to the prpl foundation
An introduction to the prpl foundationAn introduction to the prpl foundation
An introduction to the prpl foundation
 
OpenShift Enterprise
OpenShift EnterpriseOpenShift Enterprise
OpenShift Enterprise
 
Software update for IoT: the current state of play
Software update for IoT: the current state of playSoftware update for IoT: the current state of play
Software update for IoT: the current state of play
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introduction
 
OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1
OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1
OpenStack 인스턴스 간략 사용자_매뉴얼(liberty)_v1
 
Embedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernelEmbedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernel
 
[ko] Kernel Networking Stack 진입 장벽 허물기
[ko] Kernel Networking Stack 진입 장벽 허물기[ko] Kernel Networking Stack 진입 장벽 허물기
[ko] Kernel Networking Stack 진입 장벽 허물기
 
Building Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARMBuilding Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARM
 
Running Android on the Raspberry Pi: Android Pie meets Raspberry Pi
Running Android on the Raspberry Pi: Android Pie meets Raspberry PiRunning Android on the Raspberry Pi: Android Pie meets Raspberry Pi
Running Android on the Raspberry Pi: Android Pie meets Raspberry Pi
 
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPFCilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
 

Similaire à Attestation Mechanisms for Trusted Execution Environments Demystified - Presentation slides

Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
LF Events
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 
Safety-Certifying Open Source Software: The Case of the Xen Hypervisor
Safety-Certifying Open Source Software: The Case of the Xen HypervisorSafety-Certifying Open Source Software: The Case of the Xen Hypervisor
Safety-Certifying Open Source Software: The Case of the Xen Hypervisor
Stefano Stabellini
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Codit
 
Vindicator Overview
Vindicator OverviewVindicator Overview
Vindicator Overview
dp3b58
 

Similaire à Attestation Mechanisms for Trusted Execution Environments Demystified - Presentation slides (20)

HiPEAC 2022_Marcelo Pasin presentation
HiPEAC 2022_Marcelo Pasin presentationHiPEAC 2022_Marcelo Pasin presentation
HiPEAC 2022_Marcelo Pasin presentation
 
IoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentationIoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentation
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsJava in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
 
People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
 
Safety-Certifying Open Source Software: The Case of the Xen Hypervisor
Safety-Certifying Open Source Software: The Case of the Xen HypervisorSafety-Certifying Open Source Software: The Case of the Xen Hypervisor
Safety-Certifying Open Source Software: The Case of the Xen Hypervisor
 
[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
 
CCNA (R & S) Module 02 - Connecting Networks - Chapter 7
CCNA (R & S) Module 02 - Connecting Networks - Chapter 7CCNA (R & S) Module 02 - Connecting Networks - Chapter 7
CCNA (R & S) Module 02 - Connecting Networks - Chapter 7
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
 
IEEE 2014 DOTNET CLOUD COMPUTING PROJECTS Balancing performance--accuracy--an...
IEEE 2014 DOTNET CLOUD COMPUTING PROJECTS Balancing performance--accuracy--an...IEEE 2014 DOTNET CLOUD COMPUTING PROJECTS Balancing performance--accuracy--an...
IEEE 2014 DOTNET CLOUD COMPUTING PROJECTS Balancing performance--accuracy--an...
 
IoT and M2M Safety and Security
IoT and M2M Safety and Security IoT and M2M Safety and Security
IoT and M2M Safety and Security
 
Vindicator Overview
Vindicator OverviewVindicator Overview
Vindicator Overview
 
Slide DevSecOps Microservices
Slide DevSecOps Microservices Slide DevSecOps Microservices
Slide DevSecOps Microservices
 
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
 

Dernier

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
software pro Development
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 

Dernier (20)

How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 

Attestation Mechanisms for Trusted Execution Environments Demystified - Presentation slides

  • 1. Attestation Mechanisms for Trusted Execution Environments Demystified Jämes Ménétrey1 Christian Göttel1 Anum Khurshid2 Marcelo Pasin1 Pascal Felber1 Valerio Schiavoni1 Shahid Raza2 1 University of Neuchâtel, Switzerland 2 RISE Research Institutes of Sweden June 13-17, 2022 17th International Conference on Distributed Applications and Interoperable Systems (DAIS ’22), Lucca, Italy 🇮🇹
  • 2. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Context Hardware VMM Company OS Software stack Trusted by cloud providers Your apps Trusted by you Developers Cloud providers Your apps Attack surface of your apps • We process and store sensitive data in clouds or on IoT edge devices. • Developers deploy trusted apps on systems they assume to be trustworthy. • TEEs reduce the attack surface and help obtaining remote attestation. 2
  • 3. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Remote attestation primer (ietf-rats) Attester Veri fi er Relying party Evidence Attestation result Claims H( ) Reference values Reference Value Provider = ? • The attester issues an evidence, which is examined by a verifier and reports to a relying party. • An evidence is a set of claims (e.g., code measurement). 3 Code measurement ② Sending quote ① Provision references values ③ Verification result
  • 4. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Scope of this survey: available technologies 4 TEEs Intel AMD Arm RISC-V Sanctum LIRA-V
  • 5. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Intel SGX remote attestation 5 Enclave Process Operating system Hardware High-level architecture of Intel SGX • The enclave are located within the process that spawn it. • Split the application into two parts: secure and unsecure.
  • 6. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Intel SGX remote attestation (EPID) 6 Enclave (Attester) SGX quoting enclave ② Local attestation ① Challenge Trusted service (Veri fi er) ③ Quote (evidence) Report (claims) ④ Send evidence Intel attestation (Verifier) ⑤ Validate evidence ⑥ Provision data Enclave Process Operating system Hardware High-level architecture
  • 7. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Intel SGX remote attestation (DCAP) 7 Enclave (Attester) SGX quoting enclave ② Local attestation ① Challenge Trusted service (Veri fi er) ③ Quote (evidence) Report (claims) ④ Send evidence Intel attestation (Verifier) ⑤ Validate evidence ⑥ Provision data Enclave Process Operating system Hardware High-level architecture Intel SGX Certi fi cation Service NEW: ⓪ Download certificates for Intel SGX CPUs
  • 8. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Arm TrustZone-A 8 TA Process OS Secure monitor High-level architecture of TrustZone-A Trusted OS Normal world Secure world • Available on processors of Cortex-A series. • Split the devices into two worlds.
  • 9. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Arm TrustZone-A TA Process OS Secure monitor High-level architecture Trusted OS • TrustZone does not provide a built-in remote attestation mechanism. • We demonstrate an extension found in literature [1]. 9 1Establishing Mutually Trusted Channels for Remote Sensing Devices with Trusted Execution Environments, Shepherd C. et al., ARES ’17 *Evidence = System state + H( ) TA Endorser OP-TEE Trusted Measurer TA TA Authenticated boot Signing keys Trusted Measurer OP-TEE TA TA System A System B ① Challenge ② Evidence* B ③ Evidence* A Signing keys
  • 10. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Arm TrustZone-M 10 TA Process OS Hardware High-level architecture of TrustZone-M Firmware Normal world Secure world • Designed for very small devices. • Available on processors of Cortex-M series.
  • 11. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 AMD SEV-SNP 11 Process Process OS Hypervisor High-level architecture of AMD SEV-SNP OS Firmware/Hardware Secure virtual machine (TEE) • Secure code execution using virtual machines.
  • 12. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 AMD SEV-SNP 12 Process Process OS Hypervisor High-level architecture OS Firmware/Hardware Verifier SNP Guest (Attester) AMD Firmware AMD Hardware ① Challenge Challenge (claims) ② IOCTL request ③ Report (evidence) ④ Send evidence ⑤ Provision data
  • 13. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 RISC-V: general purpose TEEs Keystone • Sanctum is a TEE construction that mimics Intel SGX. • Keystone is a composable framework for TEEs with enclaves comprised of a runtime and an enclave apps. • TEE enforced using a secure monitor and PMP. • Measurements are made by the secure monitor, based on the application code during initialisation. • Remote attestation: similar to Intel SGX. 13 Eapp Process OS Secure monitor Keystone Hardware (PMP) Runtime Enclave Enclave Process Operating system Secure monitor Sanctum Hardware (PMP)
  • 14. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 RISC-V: IoT edge tailored TEEs (1) • TIMBER-V uses memory tagging to instantiate TEEs for small devices. • Measurements are made by Tag root, based on the application code during initialisation. • Remote attestation: Tag root signs the evidence using a MAC (symmetric crypto). 14 Process OS TIMBER-V Hardware Tag root Process
  • 15. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 RISC-V: IoT edge tailored TEEs (2) • LIRA-V works with programs in supervisor and machine RISC-V modes and attest regions of memory. • Measurements are made by the Root of trust and measures at runtime. • Remote attestation: mutual, similarly to the Arm TrustZone’s state-of- the-art. 15 Process Root of trust (ROM) LIRA-V Hardware (PMP) Process Mem
  • 16. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Which TEE is the best fit for me? It depends on the deployment scenarios. 16
  • 17. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 TEEs characteristics Server-grade General purpose IoT Industrial TEEs Many domains Mutual attestation Encrypted DRAM Local attestation Find more criteria in the paper. 17 LIRA-V Sanctum
  • 18. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Future perspective 18
  • 19. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Perspectives for the future: Intel TDX • Intel TDX deploys hardware-isolated virtual machines: Trust Domains (TD). • TDX runs legacy applications on regular OSes, similarly to AMD SEV. • The TDX module isolates the TD thanks to new CPU instructions. • TDX reuses the SGX attestation to support remote attestation: • Initial measurement during TD build process • Can be extended to measure additional data at run-time 19 Regular Virtual Machines Secure Trust Domains TDX module VM TDX-aware VMM Hardware VM TD TD TD VM High-level architecture of Intel TDX
  • 20. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Perspectives for the future: Arm CCA • Arm CCA deploys hardware-isolated virtual machines: Realm VM. • RME is the hardware extension that introduce a new world: the Realm. • Unlike TrustZone, the Realm has shielded memory (encryption + integrity). • CCA provides attestation of the platform & initial state of the realm. 20 TA Process OS Secure monitor High-level architecture of Arm CCA Trusted OS Realm VM Hypervisor RMM Realm VM SPM Realm Realm Management Monitor Secure Partition Manager Normal Secure
  • 21. Ménétrey et al. — Attestation Mechanisms for Trusted Execution Environments Demystified — DAIS ’22 / 21 Thanks for your attention! Takeaway • Remote attestation ensures the genuineness of deployed applications in TEEs. • There are many TEEs, but no “one size fits all” TEE, it depends on the usage. • Industrial solutions have well-documented (and undiscovered?) flaws. Emerging solutions lack hindsight. • New TEEs design tend to be VM-based (AMD SEV, Intel TDX, Arm CCA). 21 Read me online!