Paper 2019/001

Sanctorum: A lightweight security monitor for secure enclaves

Ilia Lebedev, Kyle Hogan, Jules Drean, David Kohlbrenner, Dayeol Lee, Krste Asanović, Dawn Song, and Srinivas Devadas


Enclaves have emerged as a particularly compelling primitive to implement trusted execution environments: strongly isolated sensitive user-mode processes in a largely untrusted software environment. While the threat models employed by various enclave systems differ, the high-level guarantees they offer are essentially the same: attestation of an enclave’s initial state, as well as a guarantee of enclave integrity and privacy in the presence of an adversary. This work describes Sanctorum, a small trusted code base (TCB), consisting of a generic enclave-capable system, which is sufficient to implement secure enclaves akin to the primitive offered by Intel’s SGX. While enclaves may be implemented via unconditionally trusted hardware and microcode, as it is the case in SGX, we employ a smaller TCB principally consisting of authenticated, privileged software, which may be replaced or patched as needed. Sanctorum implements a formally verified specification for generic enclaves on an in-order multiprocessor system meeting baseline security requirements, e.g., the MIT Sanctum processor and the Keystone enclave framework. Sanctorum requires trustworthy hardware including a random number generator, a private cryptographic key pair derived via a secure bootstrapping protocol, and a robust isolation primitive to safeguard sensitive information. Sanctorum’s threat model is informed by the threat model of the isolation primitive, and is suitable for adding enclaves to a variety of processor systems.

Available format(s)
Publication info
Published elsewhere. Design, Automation and Test in Europe 2019
trusted executionenclavesecure processor
Contact author(s)
ilebedev @ mit edu
2019-01-09: received
Short URL
Creative Commons Attribution


      author = {Ilia Lebedev and Kyle Hogan and Jules Drean and David Kohlbrenner and Dayeol Lee and Krste Asanović and Dawn Song and Srinivas Devadas},
      title = {Sanctorum: A lightweight security monitor for secure enclaves},
      howpublished = {Cryptology ePrint Archive, Paper 2019/001},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.