Keystone is an open framework for building customizable trusted execution environments (TEEs) based on RISC-V for various platforms and use cases. Instead of building a single instance of TEE hardware, Keystone provides security primitives, which can be composed by the software framework. The enclave developer and the platform provider can customize the TEE in order to meet their threat models or platform configurations. The Keystone project aims to build an open standard for TEEs by providing a generic and formally-verified interface for a wide range of devices. We envision that every hardware can have a secure TEE with almost no additional cost. In this talk, we will discuss the current state and future directions of the project.
Speakers: Dayeol Lee