KingsGuard: Enclave Data Protection Under Real-World TEE Vulnerabilities
This work addresses the critical gap between idealized TEE security models and real-world vulnerabilities for developers and users of secure enclaves.
KingsGuard is a novel TEE design that uses hardware-based data flow tracking to prevent sensitive data leakage from enclaves, achieving a 5.69% performance overhead and 10.8% area overhead on a RISC-V FPGA implementation.
Trusted Execution Environments (TEEs) have emerged as a cornerstone for securing sensitive computations by providing isolated enclaves protected from untrusted software. However, their security guarantees are undermined by vulnerabilities in both the enclave code and the underlying hardware design, which can allow sensitive data to leak despite strong isolation guarantees. This paper presents KINGSGUARD, a novel TEE design that systematically monitors and controls the propagation of sensitive data within an enclave. By enforcing fine-grained data flow tracking and checks in hardware, our approach ensures that sensitive data does not leave the enclave boundary, thus bridging the gap between the idealized threat models of TEEs and their practical realizations. Additionally, to balance security with practical functionality, we introduce controlled declassification at enclave boundaries, allowing intentional release of data to the outside world. Our implementation of KINGSGUARD on a RISC-V processor has a 10.8% hardware area overhead when synthesized on FPGA and a 5.69% performance overhead.