HyperEnclave: An Open and Cross‑Platform Trusted Execution Environment

Trusted Execution Environment (TEE) is a mainstream privacy‑computing technology, but existing products often suffer from hardware‑binding, limited portability, CPU‑vendor‑controlled roots of trust, and inflexible execution modes.

The USENIX ATC 2022 conference recently accepted a paper titled “HyperEnclave: An Open and Cross‑platform Trusted Execution Environment” from Ant Privacy Computing, which was presented at the conference.

HyperEnclave’s design leverages widely supported virtualization technologies to construct a secure boundary and builds its root of trust on TPM, enabling support for major CPU architectures such as Hygon, AMD, and Intel, thereby avoiding dependence on a specific hardware platform.

To address typical TEE application characteristics, HyperEnclave provides three enclave execution modes that better accommodate compute‑intensive, I/O‑intensive, memory‑intensive, and exception‑handling‑intensive workloads; it also maintains compatibility with the mainstream TEE development ecosystem, allowing existing TEE applications to migrate with little or no code changes.

Performance testing of TEE workloads shows that HyperEnclave delivers strong performance on compute‑intensive (NBench), memory‑intensive (SQLite), I/O‑intensive (lighttpd), and mixed (Redis) workloads, outperforming other TEE products at comparable security levels.

HyperEnclave is the core technology of Ant’s privacy‑computing appliance; during the 2021 World Internet Conference, Ant Group launched the first commercial privacy‑computing appliance, AntChain MoS. The solution has been opened to the industry through collaborations, providing a secure, financial‑grade TEE offering.

USENIX ATC, a CCF‑recommended A‑class conference, has received 393 submissions this year, accepting 64 papers (16.28% acceptance rate), underscoring its prestige.

Since the beginning of the year, Ant Privacy Computing has had multiple papers accepted at top international conferences such as WWW 2022, AAAI 2022, IJCAI 2022, FCCM 2022, and IEEE S&P 2023, covering topics like differential privacy, privacy‑preserving computation, secure set intersection, and multi‑party secure computation.