Secure Computing Enclaves Using FPGAs

M. E.S. Elrabaa*, M. Al-Asli, M. Abu-Amara

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

4 Scopus citations


A new scheme for securing users' data and applications in public clouds and data centers using Field Programmable Gate Arrays (FPGAs) has been developed. This scheme incorporates all necessary protocols, hardware, and software components to provide protection against many known potential attacks including internal attacks. It achieves perfect forward secrecy, provides FPGA authentication and integrity checks, and securely establishes a symmetric session key between the user and the FPGA. A complete prototype has been implemented to show the feasibility of the proposed scheme with current FPGAs. Experimental results showed that an FPGA-based compute node can be set up in a cloud in 3.36s; 12.6 times faster than booting a medium-size conventional Virtual Machine (VM) on the same cloud. Based on the average global Internet speed, the time it takes to set up the FPGA-based machine from anywhere in the world was estimated to be 15s. Also, running an experimental secure image processing application on the FPGA took 50 percent less time than running the same application on a conventional state-of-The art processor (without a secure container).

Original languageEnglish
Article number8789445
Pages (from-to)593-604
Number of pages12
JournalIEEE Transactions on Dependable and Secure Computing
Issue number2
StatePublished - 1 Mar 2021

Bibliographical note

Publisher Copyright:
© 2004-2012 IEEE.


  • Cryptographic protocols and algorithms
  • FPGAs
  • hardware security
  • key management
  • secure cloud computing

ASJC Scopus subject areas

  • Computer Science (all)
  • Electrical and Electronic Engineering


Dive into the research topics of 'Secure Computing Enclaves Using FPGAs'. Together they form a unique fingerprint.

Cite this