Background

This page introduces the technology and runtime at the base of the Credora privacy-preserving architecture.

Trusted Execution Environment

A Trusted Execution Environment (TEE) is a dedicated area within the CPU and memory, safeguarded from the rest of the processor through encryption. This ensures that any data stored within the TEE remains inaccessible and unalterable by any external code. Only specially authorized code is allowed to modify data within this protected environment. Attempts to access the TEE go through hardware that checks the permission of the application that made the request, and blocks unauthorized access.

In the domain of confidential computing, there is a clear-cut division between VM-based and Process- based TEEs, whose common goal is ensuring security of data-in-use.

VM-based TEE

VM-based TEEs leverage virtualization technology to create an isolated area of execution. These TEEs, such as Intel TDX and AMD SEV, increase security in virtualized environments. They secure entire virtual machines through hardware-based encryption and isolate them from host systems and other VMs. A VM-based TEE protects against:

• Inter-VM Attacks: Protection against other malicious VMs trying to access or interfere with the secure VM.

• Hypervisor Vulnerabilities: Securing the TEE against vulnerabilities in the hypervisor that might be exploited to gain unauthorized access.

• Hardware Attacks: Protection against physical attacks, including attempts to access data via direct memory access (DMA) or other hardware-level interventions.

The VM-based TEE is still exposed to inter-process attacks and to attacks coming from a compromised OS. Given the sensitivity of the data Credora's infrastructure is calculating on, a Process-based TEE is the right way to go.

Process-based TEE

In Process-based TEEs the isolated area is part of a process address space. This approach is ideal for applications that require a high level of security for specific processes, and it simplifies the customization of existing applications for enhanced protection. These enclaves are designed to be secure from software attacks originating outside the enclave, and also from threats that might compromise the integrity of the broader system, including those with higher privilege levels. TEEs operate by ensuring that processes are isolated in terms of execution and memory. This isolation allows sensitive operations, like cryptographic key management, to be conducted away from the less secure main operating system.

The most prevalent and widely adopted Process-based TEE is Intel Software Guard eXtension (SGX). SGX enables the creation of secure enclaves within the processor, isolating sensitive code and data from the rest of the system thanks to the extension of Intel’s Instruction Set Architecture (ISA).

A Process-based TEE such as SGX is characterized by a stronger threat model with respect to VM-based TEE. In particular, it adds the following additional protection guarantees:

• Inter-Process Attacks: Protecting against other processes on the same machine, including those with higher privilege levels.

• Operating System Compromises: Securing the TEE even if the operating system is compromised or malicious.

Gramine-SGX

Developing applications for SGX require deep re-engineering because the application must be refactored into trusted (within the enclave) and untrusted components. This porting requires careful design to ensure security.

For this reason, over the last few years, the research and industrial communities have increasingly relied on SGX runtimes, which act as intermediate layers and abstract away the complexity of SGX, allowing developers to run applications within SGX enclaves with minimal changes. By using these runtime environments, developers can more easily take advantage of the security benefits of SGX, enabling the deployment of sensitive or critical applications in potentially untrusted environments. There are several runtime environments for Intel SGX (e.g. SCONE, Gramine, Occlum, Anjuna).

Credora adopts the Gramine runtime to protect the real-time data unit and the key management system inside SGX enclaves.

Credora selected Gramine because it is a long-standing, robust runtime, is sponsored by Intel, has a very active community, and last but not least, it is open-source. Thus, its security can be neutrally verified.

Gramine applications rely on a Manifest file. This is an application-specific configuration text file that specifies the environment and resources for running the software inside Gramine-SGX.