Project T-TEE reading list

Here I am starting to collect a list of (mostly) papers that are relevant to Project Open TEE, which is an effort to arrive at a TEEs with acceptable security models for “web3”.

Good for understanding TEEs in general:

  • SoK: Hardware-supported Trusted Execution Environments
    • the main thing I got out of this paper is a nice taxonomy of adversarial models and subproblems in TEE design
    • they also provide a framework to think about different kinds of techniques employed to solve key subproblems.
  • Keystone
    • really clean explanation of how a TEE works at a high level.
  • SGX explained
    • really long and detailed. Better to go looking for something specific than read front to end
  • TDX Demystified
    • Mostly useful to coming to understand how TEEs actually work.
    • found the attestation section useful
    • still had some questions on the hardware
  • Google’s TDX security review
    • lists a bunch of vulnerabilities found in an audit.
    • provides more colour on where keys are stored in hardware

Side Channels:

Fault-based attacks on TEEs

Security verification:

DRAM attack and defense:

Masking

Side Channel Resistance Instruction Sets/Processors
Note, the section above provides the primitives required to build what we find in this section.

Tamper Resistance

Trojans

Irreproducible Keys (Secrecy of Hardware Secrets)

Making TEEs go fast (in case we have to make them too slow to make them secure)

Auditing design files

6 Likes