Do Not Trust Power Management: Challenges and Hints for Securing Future Trusted Execution Environments
CoRR(2024)
Abstract
Over the past few years, several research groups have introduced innovative
hardware designs for Trusted Execution Environments (TEEs), aiming to secure
applications against potentially compromised privileged software, including the
kernel. Since 2017, Tang et al. introduced a new class of software-enabled
hardware attacks, which leverages energy management mechanisms. These attacks
aim at bypassing TEE security guarantees and exposing sensitive information
like cryptographic keys. They have increased in prevalence over the past few
years. Despite that, current RISC-V TEE architectures have yet to incorporate
them into their threat models. Proprietary implementations, such as Arm
TrustZone and Intel SGX, embed countermeasures. However, these countermeasures
are not viable in the long term and hinder the capabilities of energy
management mechanisms. This article presents the first comprehensive knowledge
survey of these attacks, along with an evaluation of literature
countermeasures. Our analysis highlights a substantial security gap between
assumed threat models and the actual ones, presenting considerable threats in
modern systems-on-chip that can undermine even the security guarantees provided
by TEEs. We advocate for the enhancement of the next generation of RISC-V TEEs
to address these attacks within their threat models, and we believe this study
will spur further community efforts in this direction.
MoreTranslated text
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined