Systems and methods for creating a custom trusted execution environment (TEE) for FPGAs with isolated memory and cache in order to protect keys against side-channel attacks.
Background:
FPGAs are commonly used by high-security industries while being particularly vulnerable to side-channel attacks. Intel SGX and Arm TrustZone are two hardware TEE solutions, but our novel technology provides extra secure features that they do not offer. Existing TEEs time-share a processor core with the Rich Execution Environment (REE), making execution less efficient and vulnerable to side-channel attacks.
Technology Overview:
BYOTEE (Build Your Own Trusted Execution Environments) is an infrastructure for building multiple equally secure TEEs by utilizing commodity System-on-Chip (SoC) Field Programmable Gate Arrays (FPGA) devices. The systems and methods provide physically isolated execution environments on-demand, which even hardware debuggers and DMA-enabled devices cannot access. In this design, the TEEs do not share cache and have separated memory regions. All hardware resources for TEEs are physically isolated from the REE.
https://buffalo.technologypublisher.com/files/sites/7484_image.png
Advantages:
Applications:
Intellectual Property Summary:
Provisional patent 63/423,642 filed 11/8/2022.
Stage of Development:
TRL 6
Licensing Status:
Available for license or collaboration.