Enforcing Attestable Workflows across Untrusted Networks

Abstract

Confidential high-performance computing orchestrates workloads across federated domains, yet existing frameworks rely on high-overhead user-space library operating systems or assume single-host execution. We propose , an architecture federating Trusted Execution Environments via a split Trusted Computing Base (TCB) design. It couples a hardware-isolated Control Plane executing Mutually Attested Key Exchange () with a measured guest-resident extended Berkeley Packet Filter (eBPF) Data Plane. By anchoring cryptographic key release to hardware measurements and executing enforcement in the kernel, \ achieves native-speed encrypted routing. Empirical evaluation demonstrates a steady-state enforcement cost of 6\,μs per packet, imposing a 13--15\,μs absolute latency overhead. On distributed pipelines, \ incurs just a 6.1\% execution penalty over plaintext baselines, bypassing the 62\% penalty of user-space counterparts. The system initializes a 100-node cluster in under 1.5 seconds, providing an efficient confidential interconnect for long-running workflows.