Typical computing devices may rely on software agents, such as anti-malware agents, for security. However, it is difficult to keep up with the increasing number of malware attacks on users' devices. To combat the malware threat, there is a trend to protect security sensitive software by running it inside a Trusted Execution Environment (TEE). TEEs provide a sterile environment that can protect secrets even when other parts of the system are compromised. Examples of TEEs include Intel® Software Guard Extensions (Intel® SGX), secure virtual machines (VMs), and a converged security engine (CSE). The TEE, while useful to protect secrets within the TEE, may not protect I/O data such as user and sensor data that is communicated into and/or out of the secure “container.” The security requirements for trusted I/O vary per use case and device, and involve flavors and combinations of confidentiality, integrity, liveliness, and replay protection.
On a personal computer platform, securing I/O has several complexities. To protect I/O for a given usage, many input devices may need to be secured because the platform often has multiple devices of the same category connected via different I/O controllers, and a user may dynamically select any one of the connected devices during use. For example, when inputting text, the user may choose to use an embedded keyboard, a USB keyboard, or a Bluetooth (BT) keyboard. The user may also use a touch screen to input data. This means all keyboards and touch input may need to be secured for a usage that requires secure text input. Additionally, I/O devices may be used by secure applications and by regular applications, which means that those devices may be required to switch dynamically from being protected to being in the clear and vice versa.
Hardware cryptographic trusted I/O (TIO) provides a hardware architecture to protect I/O data for TEEs such as SGX secure enclaves, virtual machine monitors (VMMs), and other TEEs. Hardware cryptographic TIO provides a mechanism to protect the I/O data using a central cryptographic engine (CE) in the direct memory access (DMA) path between the I/O device and the memory, thereby protecting the I/O data as it moves on or off the package.