ChaosINTC: A Secure Interrupt Management Mechanism against Interrupt-based Attacks on TEE

For Trusted Execution Environment (TEE), interrupt-based side-channel attacks are becoming significant threats. Malicious supervisors use interrupts to perform single-step side-channel attacks or to improve the accuracy of existing side-channel attacks. This paper proposes a secure interrupt handle mechanism dedicated to TEE, named ChaosINTC. (1) To prevent frequent interrupts, a dynamic interrupt response delay mechanism delays the interrupt delivery with a variable time. (2) To prevent maliciously modifying ISRs, an interrupt handler protecting mechanism performs isolation and integrity checking. We deployed ChaosINTC on an open-source RISC-V core and evaluated its performance via FPGA. Our design provides strong security with marginal hardware and performance costs.