TEE Solutions

Industry solutions

Embedded systems solutions

  • Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base (Security 2013) [pdf]
  • TyTAN: tiny trust anchor for tiny devices (DAC 2015) [pdf]
  • Trustlite: A security architecture for tiny embedded devices (EuroSys 2014) [pdf]
  • Timber-V: Tag-isolated memory bringing fine-grained enclaves to RISC-V (NDSS 2019) [pdf]

Academic solutions

  • Sanctum: Minimal hardware extensions for strong software isolation (Security 2016) (RISC-V) [pdf]
  • Sanctuary: Arming TrustZone with user-space enclaves (NDSS 2019) [pdf]
  • Keystone: A framework for architecting tees (EuroSys 2019) (RISC-V) [link][pdf]
  • Hex-Five Security: MultiZone Security for RISC-V [link] Free and Open Standard API [pdf]
  • Penglai Enclave: Open-sourced secure and scalable TEE system for RISC-V [link] [pdf]
  • CURE: A Security Architecture with CUstomizable and Resilient Enclaves (Usenix Security 2021) [pdf]
  • Rust SGX SDK [link]
  • WolfSSL with Intel SGX [link]
  • Fortanix - Data-first Multicloud Security [link] [video]

TEE: Software Modernization for Intel SGX

  • Shielding Applications from an Untrusted Cloud with Haven (OSDI 2014) [pdf]
  • SCONE: Secure Linux Containers with Intel SGX (OSDI 2016) [link] [website] [link]
  • Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX (ATC 2017) [pdf] [GitHub]
  • PANOPLY: Low-TCB Linux Applications with SGX Enclaves (NDSS 2017) [pdf]
  • Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGX (ASPLOS 2020) [pdf] [GitHub] [link]
  • An Evaluation of Methods to Port Legacy Code to SGX Enclaves (FSE 2020) [pdf]
  • CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs. (NDSS 2021) [pdf]

TEE: Applications

  • Running Language Interpreters Inside SGX: A Lightweight, Legacy-Compatible Script Code Hardening Approach (AsiaCCS 2019) [pdf]
  • TWINE: An Embedded Trusted Runtime for WebAssembly (ICDE 2021) [pdf]

Attestation Services

  • OPERA: Open Remote Attestation for Intel’s Secure Enclaves (CCS 2019) [pdf]
  • Insecure Until Proven Updated: Analyzing AMD SEV's Remote Attestation (CCS 2019)[pdf]

Attacks on CPU

  • Practical Timing Side-Channel Attacks against Kernel Space ASLR (S&P 2013) [pdf]
  • FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack (Security 2014) [link] [pdf]
  • Last-Level Cache Side-Channel Attacks are Practical (S&P 2015) [link] [pdf]
  • Meltdown: Reading Kernel Memory from User Space (Security 2018) [link] [pdf]
  • Spectre Attacks: Exploiting Speculative Execution (S&P 2019) [pdf]

Attacks on SGX

  • IAGO Attacks: Why the System CallAPI is a Bad Untrusted RPC Interface (ASPLOS 2013) [pdf]
  • SGXIO: Generic Trusted I/O Path for Intel SGX (CODASPY 2017) [pdf]
  • Software Grand Exposure: SGX Cache Attacks Are Practical (WOOT 2017) [pdf]
  • Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution (Security 2018) [link]
  • SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution (EuroS&P 2019) [pdf]
  • A Survey of Published Attacks on Intel SGX (arxiv 2020) [pdf]

Attacks on SEV

  • SEVered: Subverting AMD’s Virtual Machine Encryption (EuroSec 2018) [pdf] [link]
  • CVE-2019-9836 [report] [link] [NVD]
  • SEVerity: Code Injection Attacks against Encrypted Virtual Machines (WOOT 2021) [pdf]
  • undeSErVed trust: Exploiting Permutation-Agnostic Remote Attestation (WOOT 2021) [pdf]


  • The Art, Science, and Engineering of Fuzzing: A Survey (TSE 2018) [pdf]
  • A Systematic Review of Fuzzing Techniques (Computers & Security, 2018) [link] [pdf]
  • IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing (NDSS 2018) [pdf]
  • Fuzzing Intel SGX Enclaves (KUL, 2019) [Github] [Thesis]
  • Emilia: Catching Iago in Legacy Code (NDSS 2021) [pdf]

Source Code Security

  • How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories (NDSS 2019) [pdf]

Secure Multiparty Computation

  • A Pragmatic Introduction to Secure Multi-Party Computation (NOW Publishers, 2021) [pdf]

Hardware Supported Functional Encryption

  • Functional Encryption: Definitions and Challenges (TCC 2011) [pdf]
  • HOP: Hardware makes Obfuscation Practical (NDSS 2017) [link]
  • IRON: Functional Encryption using Intel SGX (CCS 2017) [link] [pdf] [slides]

Indistinguishable Obfuscation

  • Candidate Indistinguishability Obfuscation and Functional Encryption for all circuits (FOCS 2013) [link] [pdf]
  • Indistinguishability Obfuscation from Well-Founded Assumptions (STOC 2021) [link] [pdf] [report]