SEASON 3 MODULE 6
Trusted Execution Environments, w/ Andrew Miller
In this module, Guillermo Angeris and Andrew Miller, Associate Professor at the University of Illinois, Urbana-Champaign and Junior Product Manager at Teleport Studio, provide a comprehensive overview of Trusted Execution Environments (TEEs), explaining their core principles of hardware-enforced isolation and remote attestation. Andrew covers the trust model involving manufacturers and hosting providers, the architectural differences between process-based (SGX) and VM-based (TDX) TEEs, and gives a detailed walkthrough of using a TEE as a blockchain coprocessor for a private auction. The module concludes by addressing critical security considerations and pitfalls, including side-channel attacks, replay attacks, and the complex challenge of managing persistent state and secure software upgrades.
What you’ll learn:
00:00 Introduction and Session Outline- 04:42 The High-Level Trust Model
- 15:36 Process-Based TEEs (SGX) vs. VM-Based TEEs (TDX)
- 25:10 Control Channel Attacks via Memory Paging
- 33:55 Physical Attacks and the Limits of the Software Threat Model
- 36:22 Turning Legacy Code into Decentralized Applications
- 44:36 What’s in a SGX/TDX Attestation?
- 45:25 Certificate Chain
- 47:48 Hash of Program Binary
- 52:18 Application-Defined Payload
- 55:25 CPU Configuration
- 1:00:40 Architectural Pattern: The TEE as a Blockchain Coprocessor
- 1:11:31 Comparing Privacy Solutions: TEEs vs. ZK, MPC, and FHE
- 1:23:13 Pitfall #1: The Challenge of Secure Upgrades
- 1:30:11 Pitfall #2: Statefulness and Replay Attacks
- 1:34:01 The Evolution of TEEs: From DRM to Confidential Compute
Below is an accompanying reading list:
- Intel Software Guard Extensions (SGX): https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html
- Intel Trust Domain Extensions (TDX): https://www.intel.com/content/www/us/en/developer/tools/trust-domain-extensions/overview.html?wapkw=tdx
- AMD Secure Encrypted Virtualization (SEV): https://www.amd.com/en/developer/sev.html
- Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems https://www.ieee-security.org/TC/SP2015/papers-archived/6949a640.pdf
- AEX-Notify: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for Intel SGX Enclaves | USENIX https://www.usenix.org/conference/usenixsecurity23/presentation/constable
- An Off-Chip Attack on Hardware Enclaves via the Memory Bus https://www.usenix.org/system/files/sec20summer_lee-dayeol_prepub.pdf
- Gramine – a Library OS for Unmodified Applications: https://gramineproject.io/
- Vitalik’s forum post on how TEEs can be part of a Stage 1 rollup – https://ethereum-magicians.org/t/a-simple-l2-security-and-finalization-roadmap/23309
- Reflections on Trusting Trust , by Ken Thompson: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
- Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts, by Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou: https://eprint.iacr.org/2015/675
- Indistinguishability Obfuscation (iO) definition: https://en.wikipedia.org/wiki/Indistinguishability_obfuscation
- Astria Research Day | Upgradeable TEEs by Nerla Jean-Louis of UIUC https://www.youtube.com/watch?v=Z2UKpqiKgJQ
- Bringing Intel SGX PCCS on-chain https://blog.ata.network/bringing-intel-sgx-pccs-on-chain-d5917878bf54
ZK Whiteboard Sessions is an educational series on all things zero knowledge. Presented by ZK Hack.
Get notified on latest module upload by signing up below.