Keystone is an open-source project for building trusted execution environments (TEE) with secure hardware enclaves, based on the RISC-V architecture. Our goal is to build a secure and trustworthy open-source secure hardware enclave, accessible to everyone in industry and academia.
Why do we need secure hardware enclaves?
Secure computation is a powerful abstraction, protecting the integrity and confidentiality of computations over confidential data. While there are already many applications for secure computing, it will continue to grow in importance. First, the shift towards cloud computing has driven high demand for security in the cloud, because it requires all of the data computation and storage to take place on remote machines. Second, there is a growing need to compute over private data from multiple sources. For example, mutually distrusting organizations may want to train collaborative machine learning models over confidential data.
One way to enable secure computation is to use crypto-based techniques such as homomorphic encryption and multi-party computation. However, state-of-the-art techniques in this domain are many orders of magnitude slower than native computation, limiting their practical applications.
Secure hardware enclaves provide another solution to secure computation with little or no performance overhead over native computation. Hardware enclaves enable computation over confidential data, providing strong isolation from other applications, the operating system, and the host. The secure enclave can also attest to the correct execution of a program to a remote party. Because secure enclaves has low performance overhead, they enable secure computation with a wide range of real-world applications.
Why should it be open-source?
Although many TEEs have been proposed by both industry (e.g., Intel SGX) and academia (e.g., Sanctum), no full-stack implementation has been open-sourced for use. We started the Keystone project to fill this gap. Commercial TEEs often take advantage of security by obscurity; most parts of the designs (especially the hardware stack) are not open-sourced and remain undocumented. Most security guarantees of commercial TEEs rely on trusting the design, implementation, and supply-chain management of hardware vendors.
Keystone follows the philosophy of open security. While there is no industry agreement on the “right solution” for everything, we believe open-source design allows the community to more effectively share insights, improve designs, and iterate on problems towards the goal of secure hardware enclaves.
Here are the list of goals of Keystone project:
- Chain of Trust
- Secure boot
- Remote attestation
- Secure key provisioning
- Memory Isolation
- Physical memory protection
- Page table isolation
- Defense against Physical Attack
- Memory encryption
- Memory address bus encryption
- Defense against Side-channel Attack
- Formal Verification
- RISC-V QEMU simulation
- FPGA-based deployment (FireSim)
- Tape out to chip
- Secure supply-chain management
Workshop on Inter-Disciplinary Research Challenges in Computer Systems (An NSF-Sponsored Community Vision Workshop Co-located with ASPLOS’2018)
S. Karandikar, H. Mao, D. Kim, D. Biancolin, A. Amid, D. Lee, N. Pemberton, E. Amaro, C. Schmidt, A. Chopra, Q. Huang, K. Kovacs, B. Nikolic, R. Katz, J. Bachrach, K. Asanovic
International Symposium on Computer Architecture (ISCA), 2018
P. Subramanyan, R. Sinha, I. Lebedev, S. Devadas and S. Seshia
Computer and Communication Security Conference (CCS), 2017
V. Costan, I. Lebedev, S. Devadas
USENIX Security Symposium, 2016
- Keystone v0.1 is released and Keystone is open-sourced.
- Keystone v0.1 runs on FPGA-based (FireSim), qemu, and the HiFive Unleashed development board.
Keystone is now available at https://github.com/keystone-enclave
leading researchers and practitioners from Google, Facebook, Microsoft, Intel, ARM, UC Berkeley, MIT, UT Austin, Si-Five, Oasis Labs, and many others came together on building open source secure enclave
Dawn Song gave a keynote about the open-source secure enclave at ASPLOS'18 NSF Workshop!
Dayeol Lee UC Berkeley
David Kohlbrenner UC Berkeley
Krste Asanovic UC Berkeley
Dawn Song UC Berkeley
Ilia Lebedev MIT
Srini Devadas MIT
Sagar Karandikar UC Berkeley
Albert Ou UC Berkeley