TME-Box: Scalable In-Process Isolation through Intel TME-MK Memory Encryption
Martin Unterguggenberger
Network and Distributed System Security (NDSS) Symposium 2025 · Day 2 · Confidential Computing 1
In the realm of modern cloud computing, the relentless pursuit of performance and efficiency has driven a shift from heavyweight process isolation to more lightweight, in-process sandboxes. While this approach offers significant performance benefits, it inherently introduces security risks, particularly memory safety errors that can lead to the leakage of sensitive data, such as cryptographic keys or authentication tokens. Historical vulnerabilities like Heartbleed and Cloudbleed serve as stark reminders of these dangers. "TME-Box: Scalable In-Process Isolation through Intel TME-MK Memory Encryption," presented by Martin Unterguggenberger at the NDSS Symposium, directly addresses this critical challenge.
AI review
Solid systems security research that finds genuinely clever repurposing of a hardware primitive most people associate with confidential computing, not intra-process sandboxing. The cache-line granularity through page aliasing is the kind of insight that makes you stop and re-read it — TME-MK's authenticated encryption MACs are per-cache-line, not per-page, and exploiting that gap to get sub-page isolation without new hardware is legitimately non-obvious. Overheads are credible and the threat model (Heartbleed-class bugs in co-tenant in-process workers) is realistic and pressing.