A Direct attested channel
TEE-Terminated TLS
Your app opens a normal HTTPS connection, but the TLS private key is held inside the
attested TEE. Network devices and load balancers may forward the encrypted connection;
they must not terminate it.
A verifier checks a cryptographic binding between the hardware report and the key used
by the live TLS endpoint. A normal browser padlock proves the domain identity, not that
the corresponding private key lives inside a TEE.
Your app Prompt encrypted by TLS
→ Network / load balancer Forwards ciphertext and sees metadata
→ Attested TEE TLS key, first plaintext, model execution
- Gateway access
- Cannot read the prompt when TLS is passed through
- Client change
- Usually standard HTTPS plus attestation verification
- Critical proof
- The live TLS endpoint key is bound to a fresh valid quote
B Payload protected through the gateway
Attested Application E2EE
Your app first verifies a public encryption key from the attested TEE. It encrypts the
prompt to that key before sending the request through the ordinary HTTPS API.
The gateway may terminate outer TLS, authenticate the account, bill the request, and route it.
It sees ciphertext instead of the protected prompt. If the client accepts an unverified key
from that gateway, the gateway can substitute its own key and the E2EE claim fails.
Your app Verifies attestation, encrypts payload
→ HTTPS API gateway TLS ends; E2EE payload remains encrypted
→ Attested TEE E2EE key, first plaintext, model execution
- Gateway access
- Sees routing metadata and ciphertext, not protected content
- Client change
- Requires an SDK or application encryption protocol
- Critical proof
- The E2EE key, freshness, request, and response bind correctly
C Backend protection only
TEE-only Gateway
Your HTTPS connection ends at a conventional API gateway. The gateway decrypts the
request and sends it to a TEE backend, often over another protected connection.
The gateway can read the prompt. The TEE may protect model execution from
the backend host or cloud administrator, but it does not protect prompts from the API
operator, gateway logs, or a compromised gateway.
Your app Prompt encrypted by TLS
→ HTTPS API gateway TLS key and first plaintext
→ TEE backend Receives prompt for model execution
- Gateway access
- Can read and potentially log the prompt and response
- Client change
- Works with ordinary HTTPS clients
- Critical limitation
- No cryptographic client-to-TEE content boundary