Keywords:  Security Engineering and Design,

2020

Keystone: An Open Framework for Architecting TEEs

Dawn Song, Professor, Department of Electrical Engineering and Computer Science, UC Berkeley
Shweta Shivaji Shinde, Postdoctoral Scholar, Department of Electrical Engineering and Computer Science, UC Berkeley
David Kohlbrenner, Postdoctoral Scholar, Department of Electrical Engineering and Computer Science, UC Berkeley

Trusted execution environments (TEEs) are found in a range of devices — from embedded sensors to cloud servers — and encompass a range of cost, power constraints, and security threat model choices. On the other hand, each of the current vendor-specific TEEs makes a fixed set of trade-offs, with little room for customization. Our project, Keystone, is the first open-source framework for building customized TEEs. Keystone uses simple abstractions provided by the hardware, such as memory isolation and a programmable layer underneath untrusted components (e.g., OS). Using these abstractions, Keystone builds reusable TEE core primitives allowing platform-specific modifications and application-specific features. Keystone-based TEEs can be run on unmodified RISC-V hardware, and we have demonstrated the strength of our design with several proof-of-concept benchmark and application integrations. In this project, we propose fully developing case studies where Keystone proves to be suitable for deploying a TEE. Then, we will explore how Keystone can be adapted for a concrete set of devices, workloads, and application complexities.