Fidelius - Protecting User Secrets from Compromised Browsers

Explore a groundbreaking architecture for protecting sensitive user data during web browsing sessions, even in the presence of a fully compromised browser and operating system. Learn about Fidelius, a system that leverages trusted hardware enclaves integrated into browsers to safeguard user secrets. Discover how this innovative approach addresses challenges in providing browser protection in malicious environments, offering support for form data integrity and privacy, secure JavaScript execution, XMLHttpRequests, and protected web storage. Examine the protocols developed for secure interactions between the enclave and various components, including the browser, keyboard, and display. Gain insights into the user interface considerations that ensure a consistent and simple experience for both developers and users. Understand the implementation of the first open-source system providing a trusted path from input/output peripherals to a hardware enclave without relying on additional hypervisor security assumptions. Evaluate Fidelius's performance overhead and its impact on page load times and user interactions for secured pages.