HCC: 100 Gbps AES-GCM Encrypted Inline DMA Transfers Between SGX Enclave and FPGA Accelerator

This paper describes a Heterogeneous Confidential Computing (HCC) system composed of a CPU Trusted Computing Environment and a hardware accelerator. We implement two AES-GCM hardware engines with high-bandwidth and low-latency that are designed for end-to-end encryption of DMA transfers. Our solution minimizes changes to the hardware platform and to the application and SW stack. We prototyped and report the performance of protected image classification with proposed encrypted-DMA on an Intel Arria-10 FPGA.