Hope that you'd be glad to add a star if you think this list is helpful!
Academic Conference Collections: Link
- Runtime Framework
- Remote Attestation (RA) and Secure Channels
- Crypto
- Language Frameworks
- Blockchains
- Machine Learning
- Common Libraries
- Applications
- Network
- Data Analytics
- Private Search
- Key and Password Management
- Encrypted Databases and Key-value Stores
- Distributed Systems
- Profiling
- Performance
- Compatibility
- Defenses
- Attacks
- Beyond SGX Enclave Projects
- Other TEEs
Microsoft Confidential Consortium Framework: https://github.com/microsoft/CCF
Ant Financial Occlum: https://github.com/occlum/occlum
Next-Generation Occlum, optimized for Intel SGX 2.0: https://github.com/occlum/ngo
Enarx: Confidential Computing with WebAssembly: https://github.com/enarx/enarx
KubeTEE TFF: https://github.com/SOFAEnclave/trusted-function-framework
Fortanix Enclave Development Platform: https://github.com/fortanix/rust-sgx
Scontain: https://github.com/scontain
MarbleRun: https://github.com/edgelesssys/marblerun
Apache Teaclave: https://github.com/apache/incubator-teaclave
Google Asylo: https://github.com/google/asylo
Porpoise: A tool to port commodity application to Intel SGX: https://github.com/iisc-cssl/porpoise
Mystikos: Tools and runtime for launching unmodified container images in Trusted Execution Environments: https://github.com/deislabs/mystikos
Gramine Library OS with Intel SGX Support (formerly Graphene): https://github.com/gramineproject/gramine
GX-LKL: Library OS for running Linux applications inside SGX enclaves: https://github.com/lsds/sgx-lkl
Ratel: Dynamic Binary Translation with SGX Enclaves: https://github.com/ratel-enclave/ratel
Panoply: Low-TCB Linux Applications with SGX Enclaves: https://github.com/shwetasshinde24/Panoply
Container: Protected Container Runtime for Confidential Computing: https://github.com/alibaba/inclavare-containers
Edgeless RT: SDK for TEEs/SGX based on Open Enclave with Go support: https://github.com/edgelesssys/edgelessrt
MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties (USENIX Security 2022): https://github.com/donnod/linux-sgx-mage
Microsoft Azure Attestation service (MAA) for Attesting Trusted Execution Environments (TEEs): https://github.com/Azure-Samples/microsoft-azure-attestation
Linux SGX remote attestation example including the communication with IAS: https://github.com/svartkanin/linux-sgx-remoteattestation
OpenID Connect Via Enclave: https://github.com/DanielShteinbok/spring-oidc-conclave-authentication
Intel Security Libraries for Data Center (Intel SecL-DC): https://github.com/intel-secl/intel-secl SGX Caching Service SGX Quote Verification Service SGX Host Verification Service SGX Hub SGX Agent
SGX Quote Verification Service, cloud-nativized: https://github.com/pw4ever/isecl-sqvs
OPERA: Open Remote Attestation for Intel's Secure Enclaves: https://github.com/Calctopia-OpenSource/opera
Intel end-to-end RA: https://github.com/intel/sgx-ra-sample
Data Center Attestation Primitives (DCAP): https://github.com/intel/SGXDataCenterAttestationPrimitives
RA-based TLS: https://github.com/cloud-security-research/sgx-ra-tls
IBM simplified RA without accessing IAS too frequently: https://github.com/IBM/sgx-trust-management
Azure Attestation SGX Certification Cache: https://github.com/Microsoft/Azure-DCAP-Client
Enclave Mutual Attestation Library: https://github.com/AntonioDan/SGX_Enclave_Mutual_Attestation_Library
Enclavised OpenSSL (Intel Official): https://github.com/intel/intel-sgx-ssl
Enclavised LibreSSL: https://github.com/lsds/TaLoS
Enclavised mbedTLS: https://github.com/bl4ck5un/mbedtls-SGX
Enclavised WolfSSL: https://github.com/wolfSSL/wolfssl-examples
SGX-OpenSSL (SGX-Tor Project): https://github.com/sparkly9399/SGX-OpenSSL
Rust:
WebAssembly:
-
Wasm interpreter in Rust: https://github.com/mesalock-linux/wasmi-sgx
-
Twine: An Embedded Trusted Runtime for WebAssembly: https://github.com/jamesmenetrey/unine-twine
-
WebAssembly Micro Runtime (WAMR): https://github.com/bytecodealliance/wasm-micro-runtime
Python:
-
MesaPy: A Memory-Safe Python Implementation based on PyPy: https://github.com/mesalock-linux/mesapy
-
Python binder for SGX SDK: https://github.com/adombeck/python-sgx
Golang:
-
EGo: a framework for building confidential apps in Go: https://github.com/edgelesssys/ego
-
Golang: https://github.com/intel/GrapheneSGX-Golang-Support-and-Enhancement
-
Golang binder: https://github.com/rupc/go-with-intel-sgx
-
GOTEE: Secured Routines using SGX: https://github.com/epfl-dcsl/gotee
JavaScript: https://github.com/evervault/node-secureworker
C#: https://github.com/Liaojinghui/A_C-Sharp_Project_With_SGX
Lua: https://github.com/vschiavoni/SecureStreams-DEBS17
Erlang: https://github.com/Erlang-Enclave-Thesis/sgx-erlang-extension
C/C++ (Intel Official): https://github.com/intel/linux-sgx
PSec: Programming Language for Creating Secure Distributed Systems leveraging Intel SGX: https://github.com/ShivKushwah/PSec
Oasis Network: Performant and Confidentiality-Preserving Smart Contracts + Blockchains: https://github.com/oasisprotocol/oasis-core
MobileCoin: Private payments for mobile devices: https://github.com/mobilecoinfoundation/mobilecoin
Integritee off-chain worker and sidechain validateer: https://github.com/integritee-network/worker
Ternoa's Blockchain to support the secure creation and transfer of Capsules: https://github.com/capsule-corp-ternoa/chain
Automata Network: Web 3.0 Realized with Tracless Privacy and Seamless Compatibility: https://github.com/automata-network/automata
Phala Blockchain: a blockchain-based confidential computing cloud: https://github.com/Phala-Network/phala-blockchain
sWorker: Crust MPoW-based Offchain Storage inside TEE Enclaves: https://github.com/crustio/crust-sworker
Teechain: A Secure Payment Network with Asynchronous Blockchain Access: https://github.com/lsds/Teechain
Anonify: A blockchain-Agnostic Execution Environment with Privacy and Auditability: https://github.com/LayerXcom/anonify
Hyperledger: Confidentiality-Preserving, Off-Chain Smart Contracts:
https://github.com/hyperledger-labs/private-data-objects
https://github.com/hyperledger/fabric-private-chaincode
substraTEE: Trusted Off-Chain Compute Framework for Substrate Blockchains: https://github.com/scs/substraTEE
eEVM: Enclave EVM as Ethereum Virtual Machine: https://github.com/Microsoft/eEVM
BitCoin Mixer: https://github.com/BitObscuro/Obscuro
Proof of Luck for IPFS: https://github.com/luckychain/lucky
Town Crier: An Authenticated Data Feed For Smart Contracts: https://github.com/bl4ck5un/Town-Crier
Ledger BOLOS Enclave: https://github.com/LedgerHQ/bolos-enclave
SOTER: Guarding Black-box Inference for General Neural Networks at the Edge (ATC 2022): https://github.com/hku-systems/SOTER
BigDL Privacy Preserving Machine Learning: https://github.com/intel-analytics/BigDL
BlindAI: Fast, accessible and privacy friendly AI deployment: https://github.com/mithril-security/blindai
Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies: https://github.com/intel/confidential-computing-zoo
Pytorch with SGX solution: https://github.com/intel/sgx-pytorch
Enclave Hardening for Private ML (GBDT Learning + Differential Privacy): https://github.com/loretanr/dp-gbdt
Tensorflow Lite For Intel SGX: https://github.com/Jumpst3r/tensorflow-lite-sgx
An trusted and lite version of OpenCV based on Intel SGX: https://github.com/xymeng16/opencv_lite_sgx
Open Enclave port of the ONNX runtime for confidential inferencing on Azure Confidential Computing: https://github.com/microsoft/onnxruntime-openenclave
Secure Aggregation for Federated Learning: https://github.com/mc2-project/secure-aggregation
Secure Collaborative Training and Inference for XGBoost: https://github.com/mc2-project/secure-xgboost
Confidential Computing of Machine Learning using Intel SGX: https://github.com/prasadkjose/confidential-ml-sgx
MesaTEE GBDT-RS: A Fast and Secure GBDT library: https://github.com/mesalock-linux/gbdt-rs
TF-Trusted: Run TensorFlow Models in Secure Enclaves: https://github.com/capeprivacy/tf-trusted
Bioinformatic Interpreter with Intel SGX: https://github.com/hello31337/BI-SGX
Accountable Deep Learning: https://github.com/arefasvadi/SGX-ADL
Open Deep Learning Compiler Stack: TVM in Intel SGX Example
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware (ICLR 2019) https://github.com/ftramer/slalom
EnclaveML: a framework for tokenized federated learning: https://github.com/jamslevy/enclaveML
Plinius: Secure ML model training with Intel SGX and PM for fault tolerance: https://github.com/anonymous-xh/plinius
SGX-Darknet: SGX compatible ML library: https://github.com/anonymous-xh/sgx-dnet
VRF-enhanced random number source running inside enclaves: https://github.com/smartbch/enclave-vrf
A trusted libjpeg on Intel SGX: https://github.com/xymeng16/libtjpeg
Zlib Data Compression Library inside SGX Enclaves: https://github.com/ffosilva/zlib-sgx
Enclaved-FE: enable applications using Fentec Functional Encryption libraries (CiFEr, GoFE) in Intel SGX: https://github.com/cryptohackathon/enclaved-FE
Libsodium AES-NI based AES-256-GCM: https://github.com/Maxul/SGX-AES-256
Secure and Lightweight Deduplicated Storage via Shielded Deduplication-Before-Encryption (ATC 2022): https://github.com/yzr95924/DEBE
Verifiable Election: https://github.com/davidgmorais/verifiable-election
Rex: SGX decentralized recommender (IEEE IPDPS 2022): https://github.com/rafaelppires/rex
Loading SGX enclave from DLL on Windows 10 64-bit: https://github.com/nadiaivc/Load-SGX-enclave-from-DLL
SRX – SGX Recovery Extension: https://github.com/andrade/srx
Hidden anonymization with SGX-based mixes: https://github.com/oEscal/sgx-based-mix-networks
Black-Scholes-Merton computation in Intel SGX: https://github.com/sbellem/sgx-bsm
Accelerating Encrypted Deduplication via SGX (ATC 2021): https://github.com/jingwei87/sgxdedup
SGX-based Genome Variants Search: https://github.com/ndokmai/sgx-genome-variants-search
SMac: Secure Genotype Imputation in Intel SGX: https://github.com/ndokmai/sgx-genotype-imputation
SGXKaller: Private Contact Discovery Service: https://github.com/Arslan8/SGXKaller
Achieving Reconciliation between Privacy Preservation and Auditability For File Hosting (Intel SGX + IPFS + Hyperledger Fabric): https://github.com/wuliangshun/SGX-base-File-Hosting
bwa-sgx-scone: a parallel privacy preserved BWA(DNA sequence alignment) solution using Intel SGX and SCONE: https://github.com/dsc-sgx/bwa-sgx-scone
Veracruz: privacy-preserving collaborative compute: https://github.com/veracruz-project/veracruz
C3PO: providing security functions for Open Mobile Evolved Core (OMEC): https://github.com/omec-project/c3po
SafeTrace: Privacy Preserving Voluntary COVID-19 Self-Reporting Platform for Contact Tracing: https://github.com/enigmampc/SafeTrace
Hardware Secure Crypto Wallet for Ethereum and SKALE: https://github.com/skalenetwork/sgxwallet
Private Contact Discovery Service for Signal: https://github.com/signalapp/ContactDiscoveryService
Trustworthy and Accountable Function-as-a-Service: https://github.com/SSGAalto/sfaas
Securing Storage Encryption: https://github.com/ayeks/TresorSGX
Bento: Safely Bringing Network Function Virtualization to Tor (SIGCOMM 2021): https://github.com/breakerspace/bento
Nginx-SGX: SGX-ready Nginx open source server: https://github.com/enclaive/enclaive-docker-nginx-sgx
Hidden anonymization with SGX-based mix-networks: https://github.com/oEscal/sgx-based-mix-networks
ZeroCache: a Cloud-Oriented Middlebox for Network Confidential Computing: https://github.com/Maxul/zerocache
SnowHaze VPN Zero-Knowledge Verification: https://github.com/snowhaze/zka-sgx
MACSec: Secure Network Interface with SGX: https://github.com/fkirc/secure-network-interface-with-sgx
SENG: SGX-Enforced Network Gateway (USENIX Security 2020): https://github.com/sengsgx/sengsgx
SGX + CDN (USENIX Security 2020): https://github.com/smherwig/phoenix
ConsenSGX: Scaling Anonymous Communications Networks with Trusted Execution Environments (PETS 2019): https://github.com/sshsshy/ConsenSGX
SGX + Snort Intrusion Detection System: https://github.com/cloud-security-research/sgx-ids
SafeBricks: Shielding Network Functions in the Cloud (NSDI 2018): https://github.com/YangZhou1997/SafeBricks
SGX + Tor (NSDI 2017): https://github.com/kaist-ina/SGX-Tor
SGX + Web Crawler: https://github.com/ShengHow95/simple-selenium-sgx-crawler
MC2: A Platform for Secure Analytics and Machine Learning: https://github.com/mc2-project/mc2
Opaque: An encrypted data analytics platform (NSDI 2017): https://github.com/mc2-project/opaque-sql
Ryoan: A distributed sandbox for untrusted computation on secret data (OSDI 2016): https://github.com/ut-osa/ryoan
Confidential Analytics on Azure SGX VM's with Apache Spark and SCONE: https://github.com/mdrakiburrahman/sgx-pyspark-sql-demo
BiORAM-SGX: A Practical Privacy-Preserving Data Analysis for Personal Genome by Intel SGX: https://github.com/cBioLab/BiORAM-SGX
Snoopy: Surpassing the Scalability Bottleneck of Oblivious Storage (SOSP 2021): https://github.com/ucbrise/snoopy
DeSearch: a decentralized search engine with verifiable dataflow (OSDI 2021): https://github.com/SJTU-IPADS/DeSearch
mc-oblivious: Oblivious RAM inside of Intel SGX enclaves: https://github.com/mobilecoinofficial/mc-oblivious
ZeroTrace: Oblivious Memory Primitives from Intel SGX (NDSS 2018): https://github.com/sshsshy/ZeroTrace
X-Search: Revisiting Private Web Search using Intel SGX (Middleware 2017): https://github.com/Sand-jrd/SGX-Search
Private Information Retrieval: https://github.com/patrickwang96/BO-PIR-SGX
Private SSE Schemes: https://github.com/MonashCybersecurityLab/SGXSSE
POSUP: Oblivious Search and Update Platform with SGX: https://github.com/thanghoang/POSUP
A Secure, Efficient and Scalable Query Framework for Outsourcing Data: https://github.com/fishermano/QShield
BISEN: Boolean Isolated Searchable Encryption: https://github.com/bernymac/BISEN
Conclave Pass: Password Manager implemented using Conclave Cloud: https://github.com/R3Conclave/ccl-sample-conclavepass
eHSM (SGX Enclave Based Hardware Security Module): https://github.com/intel/ehsm
Trusted Certificate Service for Kubernetes Platform: https://github.com/intel/trusted-certificate-issuer
lockbox: Key Share Management in SGX Secure Enclaves: https://github.com/commerceblock/lockbox
Password manager supporting the login where the credentials are stored securely in an enclave: https://github.com/enclaive/sgx-login
Key-Manager for Faasm (a high-performance stateful serverless runtime): https://github.com/faasm/keymanager
SGX Enabled OpenStack Barbican Key Management System: https://github.com/cloud-security-research/sgx-kms
A server with SGX enclave that stores private keys and performs crypto operations upon requests: https://github.com/cloud-key-store/keystore
Protecting Web Passwords using Trusted Execution Environments: https://github.com/SafeKeeper
Channel ID Private Key Protection: https://github.com/google/channel-id-enclave
Avocado: a secure distributed in-memory key-value store (USENIX ATC 2021): https://github.com/mbailleu/avocado
StealthDB: an encrypted database from intel sgx with small trusted computing base (PETS 2019): https://github.com/cryptograph/stealthdb
Database intended for Blockchain: https://github.com/kaimast/credb
Protect in-memory sqlite, not .db file encryption: https://github.com/yerzhan7/SGX_SQLite
STANlite: an in-memory database engine for SGX-enabled secure data processing: https://github.com/ibr-ds/STANlite
Trusted in-memory key-value stores (EuroSys 2019): https://github.com/cocoppang/ShieldStore
Protect Audit-Log via Sqlite (EuroSys 2018): https://github.com/lsds/LibSEAL
SecDATAVIEW: A Secure Big Data Workflow Management System for Heterogeneous Computing Environments: https://github.com/shiyonglu/SecDATAVIEW
Oak: Meaningful Control of Data in Distributed Systems: https://github.com/project-oak/oak
Memory Sharing Library for Intel SGX Card: https://github.com/cloud-security-research/memsharing-sgxcard
Kubernetes Device Plugin for Intel SGX: https://github.com/AliyunContainerService/sgx-device-plugin
Intel Software Guard Extensions (SGX) device plugin for Kubernetes: https://github.com/intel/intel-device-plugins-for-kubernetes/tree/main/cmd/sgx_plugin
SGX-Aware Container Orchestrator: https://github.com/sebva/sgx-orchestrator
ZooKeeper: https://github.com/sereca/SecureKeeper
VM-Migration: https://github.com/SSGAalto/sgx-migration
P2P: https://bitbucket.org/P2PUsingSGX/p2pusingsgx
Raft: https://github.com/LuminousXLB/EnclaveRaft
TEEMon: A continuous performance monitoring framework for TEEs (Middleware 2020): https://github.com/rcrane/TEEMon
sgxtop and sgxstat utilities for monitoring SGX driver statistics: https://github.com/fortanix/sgxtop
Report statistics of E/Ocalls, EPC Paging: https://github.com/ibr-ds/sgx-perf
Stress benchmark: https://github.com/sebva/stress-sgx
nbench benchmark: https://github.com/utds3lab/sgx-nbench
LMbench benchmark: https://github.com/vsecurity-research/sgx-bench
Linux SGX benchmarks (on encrypted buffer transfer): https://github.com/eliadt/sgx_benchmarks
Simple memory benchmarking of Intel SGX: https://github.com/lsds/sgx-membench
rkt-io Library OS for running Linux applications inside of Intel SGX enclaves (EuroSys 2021): https://github.com/Mic92/rkt-io
Flume: a blazingly fast multi-producer, multi-consumer channel: https://github.com/occlum/flume
User-level paging: https://github.com/acsl-technion/eleos
Switch-less: https://github.com/oweisse/hot-calls
SGXTuner: a distributed tuning system for enclaves: https://github.com/dzobbe/sgxtuner
Actor model for better Enclave IPC: https://github.com/ibr-ds/EActors
HyperEnclave: An Open and Cross-platform Trusted Execution Environment (ATC 2022): https://github.com/HyperEnclave
vSGX: Virtualizing SGX Enclaves on AMD SEV (Oakland 2022): https://github.com/OSUSecLab/vSGX
Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks (USENIX Security 2022): https://github.com/iaik/minefield
SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing (USENIX Security 2022): https://github.com/uni-due-syssec/sgxfuzz
Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX (USENIX Security 2022): https://github.com/IAIK/LVI-NULLify
SGXRay: Automated Vulnerability Finding in SGX Enclave Applications: https://github.com/baidu/sgxray
Collection of tools to perform memory analysis of machine SGX-enabled: https://github.com/tregua87/sgx-forensic
Open Enclave specific security automation projects (CodeQL static analysis, Fuzzing and binary analysis): https://github.com/openenclave/openenclave-security
Auditee: a Tool to verify the reproducibility of SGX enclave builds: https://github.com/sbellem/auditee
Tamarin Models (Formal Verification) for State Continuity of Enclave Programs: https://github.com/OSUSecLab/SGX-Enclave-Formal-Verification
A Java flow analysis tool for SGX data sensitivity: https://github.com/SOF3/enclavlow
SGXL: Using 2MB large pages to mitigate page-based side-channels: https://github.com/csl-iisc/SGXL
Obfuscuro: A Commodity Obfuscation Engine for Intel SGX (NDSS 2019): https://github.com/adilahmad17/Obfuscuro
CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves (ATC 2019): https://github.com/acsl-technion/cosmix
Citadel: Trusted Reference Monitors for Linux using Intel SGX Enclaves: https://github.com/HarriBellThomas/citadel
SGX Branch Shadowing Mitigation: https://github.com/SSGAalto/sgx-branch-shadowing-mitigation
Enclave Protected Code Loader: https://github.com/intel/linux-sgx-pcl
A code confidentiality framework for Intel SGX: https://github.com/utds3lab/sgxelide
Deflection (CAT-SGX): Practical and Efficient in-Enclave Verification of Privacy Compliance: https://github.com/StanPlatinum/cat-sgx
Behavior-based Program Partitioning for Security Enclaves: https://github.com/anahitH/program-partitioning-for-security-enclaves
Address space layout randomization (ASLR): https://github.com/jaebaek/SGX-Shield
Hardware transactional memory (TSX): https://github.com/sslab-gatech/t-sgx
Compiler-based boundary check: https://github.com/tudinfse/sgxbounds
Linear/SQRT/Path ORAM: https://github.com/maanrachid/SGXORAM
SO2 ORAM: https://github.com/hiroki-chen/SGXOram
Building Distributed Enclave Applications with Sancus and SGX: https://github.com/sancus-pma/tutorial-dsn18
Fidelius: Protecting User Secrets from Compromised Browsers: https://github.com/SabaEskandarian/Fidelius
SmashEx: Smashing SGX Enclaves Using Exceptions (CCS 2021)
https://github.com/cimcs/poc-exploits-of-smashex
Interface-Based Side Channel Attack Against Intel SGX (INFOCOM 2022)
https://github.com/sgx-interface-side-channel/sgx-interface-side-channel
Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend (USENIX Security 2021)
https://github.com/dn0sar/frontal_poc
VoltPillager: Hardware-based fault injection attacks against IntelSGX Enclaves using the SVID voltage scaling interface (USENIX Security 2021)
https://github.com/zt-chen/voltpillager
TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves (USENIX Security 2020)
https://github.com/uni-due-syssec/teerex-exploits
Faulty Point Unit: ABI Poisoning Attacks on Intel SGX (ACSAC 2020)
https://github.com/fritzalder/faulty-point-unit
COIN Attacks: on Insecurity of Enclave Untrusted Interfaces in SGX (ASPLOS 2020)
https://github.com/mustakcsecuet/COIN-Attacks
Plundervolt: Software-based Fault Injection Attacks against Intel SGX (Oakland 2020)
https://github.com/KitMurdock/plundervolt
SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution (EuroS&P 2019)
https://github.com/OSUSecLab/SgxPectre
Spectre Attacks: Exploiting Speculative Execution (Oakland 2019)
https://github.com/lsds/spectre-attack-sgx
RIDL: Rogue In-Flight Data Load (Oakland 2019)
ZombieLoad: Cross-Privilege-Boundary Data Sampling (CCS 2019)
https://github.com/IAIK/ZombieLoad
SGX-ROP: Practical Enclave Malware with Intel SGX (DIMVA 2019)
https://github.com/sgxrop/sgxrop
MicroScope: enabling microarchitectural replay attacks (ISCA 2019)
https://github.com/dskarlatos/MicroScope
Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic (CCS 2018)
https://github.com/jovanbulck/nemesis
Tutorial: Uncovering and mitigating side-channel leakage in Intel SGX enclaves (SPACE 2018)
https://github.com/jovanbulck/sgx-tutorial-space18
SGX-Step: A practical attack framework for precise enclave execution control (SysTEX 2017)
https://github.com/jovanbulck/sgx-step
Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution (USENIX Security 2017)
https://github.com/jovanbulck/sgx-pte
SGX-Bomb: Locking Down the Processor via Rowhammer Attack (SysTEX 2017)
https://github.com/sslab-gatech/sgx-bomb
SGX-Timing: Cache Attacks on Intel SGX (EuroSec 2017)
https://github.com/m1ghtym0/sgx-timing
TwinVisor: Hardware-isolated Confidential Virtual Machines for ARM (SOSP 2021): https://github.com/TwinVisor
Penglai-Enclave: Open-sourced secure and scalable TEE system for RISC-V (OSDI 2021): https://github.com/Penglai-Enclave/Penglai-Enclave
IBM OpenPOWER Protected Execution Facility (EuroSys 2021): https://github.com/open-power/ultravisor
Keystone: An Open-Source Secure Enclave Framework for RISC-V Processors (EuroSys 2020): https://github.com/keystone-enclave/keystone
MultiZone Security TEE for RISC-V processors: https://github.com/hex-five/multizone-sdk
AWS Nitro Enclaves: CPU and memory isolation for Amazon EC2 instances using Nitro Hypervisor: https://github.com/aws/aws-nitro-enclaves-cli
A Lightweight Trusted Execution Environment for Secure IoT Devices: https://github.com/sancus-tee
AMD SEV-SNP: https://github.com/AMDESE/sev-guest
AMD SEV-SNP measurement: https://github.com/IBM/sev-snp-measure
Kata Containers: https://github.com/kata-containers/kata-containers
Key Broker Server for SEV(-ES): https://github.com/confidential-containers/simple-kbs
Intel TDX: https://github.com/intel/tdx-tools
TD-shim: Confidential Containers Shim Firmware: https://github.com/confidential-containers/td-shim