BliMe: Verifiably Secure Outsourced Computation with Hardware-Enforced Taint Tracking. (arXiv:2204.09649v2 [cs.CR] UPDATED)

We present Blinded Memory (BliMe), a way to realize efficient and secure
outsourced computation. BliMe consists of a novel and minimal set of ISA
extensions that uses taint tracking to ensure the confidentiality of sensitive
(client) data even in the presence of server malware, run-time attacks, and
side-channel attacks.

To secure outsourced computation, the BliMe extensions can be used together
with an attestable, fixed-function trusted execution environment (TEE) and an
encryption engine that provides atomic decrypt-and-taint and
encrypt-and-untaint operations. The …

computation hardware tracking