Trusted Computing

Trusted Computing leverages dedicated hardware mechanisms to enforce software integrity and protect sensitive data, even in the presence of a compromised operating system or hypervisor. Central to this approach are Trusted Execution Environments (TEEs), isolated execution contexts within a processor where security-critical operations can run with strong confidentiality and integrity guarantees, independent of the surrounding software stack. TEEs have become a foundational building block across domains ranging from cloud computing to mobile platforms. In cloud computing, TEEs enable tenants to process sensitive workloads on shared infrastructure without trusting the cloud provider. Major platforms such as Azure Confidential Computing rely on hardware-backed isolation to deliver this guarantee. On mobile devices, TEEs underpin important security functions including biometric authentication, secure key storage, and mobile payments; both Android (via Arm TrustZone and the emerging Arm Confidential Compute Architecture) and iOS (via the Secure Enclave) depend on these mechanisms. TEEs also serve as trust anchors in decentralized systems, enabling privacy-preserving smart contracts and lightweight blockchain clients that can verify transactions without exposing user data. As computation increasingly moves to untrusted or shared environments, the security of trusted execution environments becomes increasingly relevant.

Our research in this area spans the analysis and design of trusted computing architectures. On the offensive side, we investigate microarchitectural side channels that undermine the isolation guarantees of deployed TEEs such as Intel SGX and Arm TrustZone. For instance, we demonstrated that control-flow leakage through the CPU frontend and probabilistic interrupt counting present viable attack vectors against certain TEEs. On the constructive side, we design new TEE architectures that provide stronger isolation primitives, including secure interrupt handling for normal-world enclaves on Arm and disaggregated trust models through composite enclave designs.

Selected Publications

Nicolas Dutly, Friederike Groschupp, Ivan Puddu, Kari Kostiainen, Srdjan Capkun
AEX-NStep: Probabilistic Interrupt Counting Attacks on Intel SGX
IEEE Symposium on Security and Privacy (S&P), 2026

Friederike Groschupp, Mark Kuhne, Moritz Schneider, Ivan Puddu, Shweta Shinde, Srdjan Capkun
It’s TEEtime: Secure Interrupt Isolation for Normal-world Enclaves on Arm
IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES), 2026

Moritz Schneider, Daniele Lain, Ivan Puddu, Nicolas Dutly, Srdjan Capkun
Breaking Bad: How Compilers Break Constant-Time Implementations
ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2025

Ivan Puddu, Moritz Schneider, Daniele Lain, Stefano Boschetto, Srdjan Capkun
On (the Lack of) Code Confidentiality in Trusted Execution Environments
IEEE Symposium on Security and Privacy (S&P), 2024

Moritz Schneider, Aritra Dhar, Ivan Puddu, Kari Kostiainen, Srdjan Capkun
Composite Enclaves: Towards Disaggregated Trusted Execution
IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES), 2021

Ivan Puddu, Moritz Schneider, Miro Haller, Srdjan Capkun
Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend
USENIX Security Symposium, 2021

Aritra Dhar, Ivan Puddu, Kari Kostiainen, Srdjan Capkun
ProximiTEE: Hardened SGX Attestation by Proximity Verification
ACM Conference on Data and Application Security and Privacy (CODASPY), 2020

Aritra Dhar, Enis Ulqinaku, Kari Kostiainen, Srdjan Capkun
ProtectIOn: Root-of-Trust for IO in Compromised Platforms
Network and Distributed System Security Symposium (NDSS), 2020

Ferdinand Brasser, Srdjan Capkun, Alexandra Dmitrienko, Tommaso Frassetto, Kari Kostiainen, Ahmad-Reza Sadeghi
DR.SGX: Automated and Adjustable Side-Channel Protection for SGX Using Data Location Randomization
Annual Computer Security Applications Conference (ACSAC), 2019

Sinisa Matetic, Karl Wust, Moritz Schneider, Kari Kostiainen, Ghassan Karame, Srdjan Capkun
ITE: Bitcoin Lightweight Client Privacy using Trusted Execution
USENIX Security Symposium, 2019

Sinisa Matetic, Moritz Schneider, Andrew Miller, Ari Juels, Srdjan Capkun
DelegaTEE: Brokered Delegation Using Trusted Execution Environments
USENIX Security Symposium, 2018

Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, Srdjan Capkun
ROTE: Rollback Protection for Trusted Execution
USENIX Security Symposium, 2017