Trusted Execution Environment (TEE)

From CryptoWiki

Revision as of 09:02, 23 January 2022 by 5imp5on (talk | contribs) (1 revision imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Basics

"TEEs, or Trusted Execution Environment cells. While the tech sounds fancy, in reality many Intel-based home computers feature these cells in the form of the Intel SGX. The TEE is an encrypted region of a computer’s processor that can’t be tampered with by any other software or hardware. In theory, TEEs are an amazing solution for trusted computation and blockchain privacy.

In the case of the TEE chips, cryptographic signing methods give us a reasonable guarantee that we’re interacting with a particular TEE enclave, thanks to a process called Remote Attestation. All SGX enclaves feature internal private keys that should be inaccessible to anyone but the TEE itself. These keys are then used to verify the TEE’s proof of execution, so it is absolutely vital that they remain inside the chip.

You can see where this is going: there have been several instances of confirmed vulnerabilities that could leak the keys. Sgaxe is the most famous, but there have been others. Now, this isn’t all as bad as it sounds. The hardware can be patched in most cases, while unpatchable vulnerabilities so far only affect a few specific chips. The attacks have also been purely theoretical so far."