Publication:
T3E: A Practical Solution to Trusted Time in Secure Enclaves
| cris.virtual.department | #PLACEHOLDER_PARENT_METADATA_VALUE# | |
| cris.virtual.orcid | #PLACEHOLDER_PARENT_METADATA_VALUE# | |
| cris.virtualsource.department | 988e3aad-2b23-47a1-9bad-2a76c4565652 | |
| cris.virtualsource.orcid | 988e3aad-2b23-47a1-9bad-2a76c4565652 | |
| dc.contributor.author | Hamidy, Gilang Mentari | |
| dc.contributor.author | Philippaerts, Pieter | |
| dc.contributor.author | Joosen, Wouter | |
| dc.date.accessioned | 2026-05-05T09:23:16Z | |
| dc.date.available | 2026-05-05T09:23:16Z | |
| dc.date.createdwos | 2025-09-12 | |
| dc.date.issued | 2023 | |
| dc.description.abstract | Time is used in secure systems to validate security properties. Consequently, it is vital to protect the integrity of time information. Intel SGX enables building secure applications inside a Trusted Execution Environment (TEE), called an enclave, isolated from the untrusted OS. However, accessing time information from the enclave remains challenging as the OS controls the system time. Previous versions of the SGX SDK provided the sgx_get_trusted_time function as an alternative to OS time. However, Intel removed the API in 2020, without providing an alternative. This paper examines trusted time challenges in SGX and presents TPM-based Trusted Time Extensions (T3E), a novel solution that builds on readily available hardware. T3E leverages TPM functionality to provide trusted time services in enclaves while protecting against common attacks. It offers better time granularity and lower latency than Intel’s sgx_get_trusted_time implementation. Unlike related work, it does not rely on deprecated features or hardware/firmware modifications. | |
| dc.description.wosFundingText | This research is partially funded by the Research Fund KU Leuven, and by the Flemish Research Program Cybersecurity. The authors thank all reviewers, who provided constructive feedback to improve our paper. In addition, the first author would like to also thank Dody Suhendra from Sandhiguna for triggering the discussion leading to this research question. | |
| dc.identifier.doi | 10.1007/978-3-031-39828-5_17 | |
| dc.identifier.isbn | 978-3-031-39827-8 | |
| dc.identifier.issn | 0302-9743 | |
| dc.identifier.uri | https://imec-publications.be/handle/20.500.12860/59330 | |
| dc.language.iso | eng | |
| dc.provenance.editstepuser | greet.vanhoof@imec.be | |
| dc.publisher | SPRINGER INTERNATIONAL PUBLISHING AG | |
| dc.source.beginpage | 305 | |
| dc.source.conference | Network and System Security - NSS | |
| dc.source.conferencedate | 2023-08-14 | |
| dc.source.conferencelocation | Canterbury | |
| dc.source.endpage | 326 | |
| dc.source.journal | NETWORK AND SYSTEM SECURITY, NSS 2023 | |
| dc.source.numberofpages | 22 | |
| dc.title | T3E: A Practical Solution to Trusted Time in Secure Enclaves | |
| dc.type | Proceedings paper | |
| dspace.entity.type | Publication | |
| imec.internal.crawledAt | 2025-10-22 | |
| imec.internal.source | crawler | |
| Files | ||
| Publication available in collections: |