TEEs and other cryptographic primitives
TEE | ZK | MPC | FHE | |
---|---|---|---|---|
Core Concept | Hardware-based secure enclave within a processor that isolates and protects data and code during execution, even from the host system | Enables one party to prove that a computation was performed correctly without revealing any additional information | Allows multiple parties to collaboratively compute a function over their inputs while keeping those inputs private from each other. | Allows computation directly on encrypted data without needing to decrypt it |
Trust Assumptions | Include the integrity of the hardware and software components, the secure boot process that ensures only authorized code runs, and the isolation mechanisms that prevent unauthorized access to sensitive data and operations within the TEE | Include the hardness of certain mathematical problems (e.g., integer factorization), correctness of proof systems, trusted setups (if applicable) | Rely on the parties following the protocol correctly, the presence of a threshold number of honest participants, and the cryptographic security of the underlying primitives against adversaries within specified computational or collusion bounds. | include the belief in the mathematical soundness of the underlying cryptographic algorithms, the security of the key management processes, and the integrity of the computational environment where the encrypted data is processed, ensuring that no information is leaked during computation |
Use Cases | Secure key management, confidential data processing, secure machine learning, blockchain scalability, etc. | Privacy-preserving authentication, secure blockchain transactions, regulatory compliance without data exposure, verifiable computation, etc. | MPC allows multiple parties to compute functions over their private inputs without revealing those inputs to each other, and is particularly suitable for privacy-preserving collaborative data analysis and secure collaborative computation | FHE enables computation on encrypted datasets without decryption and is suitable for secure and privacy-preserving data analytics, secure data processing |
Limitation(s) | Manufacturer dependency Vulnerable to physical and side-channel attacks | High computational cost Challenges in achieving efficiency and scalability for large-scale applications | High communication overhead Complexity scales with number of participants | High computational overhead Slow performance Challenges in achieving practical efficiency for large-scale or real-time computations on encrypted data |