SIDE-CHANNEL VULNERABILITIES IN TRUSTED EXECUTION ENVIRONMENTS (TEES): A MICROARCHITECTURAL ANALYSIS
Subjects/Theme:
Trusted Execution Environment (TEE), Side-Channel Attacks, Microarchitecture, Intel SGX, ARM TrustZone, AMD SEV, Cache Attacks, Speculative Execution, Timing Attacks, Secure EnclavesDescription
Security and Privacy in AI Systems,
Edited By: Dr. Sunita Chaudhary, Dr. Joydeb Patra
ISBN (978-81-685212-9-2)
Trusted Execution Environments (TEEs) have emerged as a critical hardware-based security solution designed to protect sensitive computations and data from unauthorized access, even in the presence of a compromised operating system. Technologies such as Intel SGX, ARM TrustZone, and AMD SEV are widely deployed across cloud computing, mobile devices, and edge systems. Despite their strong isolation guarantees, TEEs remain vulnerable to side-channel attacks, which exploit microarchitectural features such as caches, branch predictors, and speculative execution units to infer sensitive information. This paper presents a comprehensive microarchitectural analysis of side-channel vulnerabilities in TEEs, focusing on cache-based attacks, timing attacks, speculative execution attacks (e.g., Spectre and Meltdown), and page-fault-based side channels. We analyze how attackers can bypass hardware isolation by leveraging shared resources and subtle execution patterns. Furthermore, the paper evaluates the effectiveness of existing countermeasures, including cache partitioning, constant-time programming, hardware modifications, and runtime detection techniques. The study identifies key limitations in current defenses and proposes future research directions for designing resilient TEE architectures. Our findings highlight that while TEEs provide strong security primitives, microarchitectural leakage remains a fundamental challenge requiring holistic hardware-software co-design solutions.
