The Challenge of Protecting Data in Use

While encryption is effective at securing data at rest on a hard drive or in transit across a network, it offers no protection for data actively being processed. This is where secure enclaves, also known as Trusted Execution Environments (TEEs), have become critical. These hardware-based solutions allow cloud providers to perform computations—such as AI model training or data analysis—on sensitive information without having access to the unencrypted data itself. A TEE creates an isolated environment on the processor, separating the cloud provider who runs the hardware from the customer who controls the data. It can even generate a signed attestation, cryptographically proving that the customer’s intended code was executed.

New Attack Undermines Hardware Trust

A recently disclosed attack, dubbed TEE.fail, fundamentally challenges this security model by defeating the latest TEE protections from all three major chipmakers. Researchers demonstrated a low-cost and low-complexity attack that requires compromising the operating system kernel and placing a small hardware device between a memory chip and the motherboard. The entire process takes only a few minutes to complete.

Unlike previous attacks that were limited to systems with DDR4 memory, TEE.fail is effective against modern DDR5 memory, making it a direct threat to the newest generation of CPUs and their secure enclaves. The most alarming aspect of this vulnerability is that it leverages physical access to the machine. Since secure enclaves are specifically designed to protect against malicious actors with physical access in a data center, the TEE.fail attack strikes at the core promise of confidential computing.

Source: https://www.schneier.com/blog/archives/2025/11/new-attacks-against-secure-enclaves.html