Send email Copy Email Address

Poster: TGX: Secure SGX enclave management using TPM


Intel SGX provides a trusted execution environment on commodity computing platforms. Recent micro-architectural attacks like Spectre, Meltdown, or Foreshadow, however, raise doubts about the promised isolation of SGX-protected code and data, including some of the necessary cryptographic operations and credentials, e.g., for attestation. In this poster we present TGX, a combination of SGX and TPM working together to provide stronger isolation of crucial cryptographic operations of SGX and a way to circumvent microarchitectural attacks against SGX. TGX enables SGX to move its signing and verification mechanism from processor to TPM making the security sensitive information never available outside TPM, removing, for instance, the possibilities of stealing them from L1 cache. In particular, TGX should motivate that SGX and TPM can form a beneficial symbiosis.

Conference / Medium

NDSS Symposium 2019

Date published


Date last modified

2022-10-12 20:05:47