Confidential Computing and Trusted Execution Environment: Challenges, Opportunities, and the Future


Mengyuan Li


Alexandra Henzinger
Confidential Computing, or Trusted Execution Environment (TEE), represents a cutting-edge security feature in advanced server CPUs. This technology provides a shield for cloud tasks, ensuring they are safeguarded against various threats, including attacks from privileged software, physical attackers, and even untrustworthy hypervisors. As the demand for secure private data handling surges, the adoption of Confidential Computing has become widespread across industries. This is evidenced by the adoption of TEE support in the latest server-grade CPUs from major vendors like Intel, AMD, and ARM. Furthermore, leading cloud service providers, such as AWS, Google Cloud, Microsoft Azure, and IBM Cloud, now offer commercial Confidential Computing services. However, despite its increasing popularity, Confidential Computing still faces significant design and security challenges. These include finding the right balance between maintaining strong security and achieving efficient performance, as well as the need to reassess and possibly rebuild the kernel space or hypervisor, which may not be fully trustworthy.

In this talk, I will delve into the design intricacies and potential vulnerabilities associated with Confidential Computing. I will start by discussing the ciphertext side-channel attack, which arises from compromising security for performance. This type of attack can lead to the exposure of execution states or the decryption of sensitive information, even enabling attackers to extract private keys from secure implementations like RSA and ECDSA in the latest OpenSSL library.
Following this, I will discuss the CROSSLINE attack, which shows the dangers of not properly redesigning untrusted hypervisors. This attack exploits the unprotected management of resources like address space identifiers (ASID), threatening the security of confidential VMs protected by AMD Secure Encrypted Virtualization (SEV). This highlights the urgency of reevaluating the role of hypervisors in Confidential Computing. To conclude, I will outline ongoing efforts and future directions in enhancing the security and effectiveness of Confidential Computing, emphasizing the importance of addressing these vulnerabilities and design challenges to advance the field.