In 2016, Intel introduced a new instruction set called the Intel SGX. The main engine of this new product was cloud computing, and the architecture developed by Intel allows users to run any program in a protected way, called an enclave. When this feature is enabled, the running program is protected by hardware from a number of attacks, including attacks from the operating system or other applications running on the same station.
ARM has developed a similar technology called the ARM Trust Zone, and the solution proposed by AMD is called the AMD Platform Security Processor.
Starting from these methods of creating a secure environment for the execution of applications, we started the implementation of the SABOTORE project, a project through which we aimed to protect data at the time of execution.
Specifically, when the user operates on an infected computer, any keystrokes can be observed by the attacker before reaching protected mode. Similarly, data stored on dedicated devices or data from the network will first go through the compromised operating system and then be processed in protected mode. Because of this problem, there is no guarantee that the data is correct and that it has not been altered by an attacker.
In the SABOTORE project we built a dedicated hardware device that would provide a secure communication channel between a USB device and the TEE protected environment.