Stanford University

Protecting User Secrets from Compromised Browsers


Users regularly enter sensitive data, such as passwords, credit card numbers, or tax information, into the browser window. While modern browsers provide powerful client-side privacy measures to protect this data, none of these defenses prevent a browser compromised by malware from stealing it. Fidelius is a new architecture that uses trusted hardware enclaves integrated into the browser to enable protection of user secrets during web browsing sessions, even if the entire underlying browser and OS are fully controlled by a malicious attacker.

As part of this project, we develop the first open source system that provides a trusted path from input and output peripherals to a hardware enclave with no reliance on additional hypervisor security assumptions. These components may be of independent interest and useful to future projects.



Saba Eskandarian, Stanford University
Jonathan Cogan, Stanford University
Sawyer Birnbaum, Stanford University
Peh Chang Wei Brandon, Stanford University
Dillon Franke, Stanford University
Forest Fraser, Stanford University
Gaspar Garcia, Jr., Stanford University
Eric Gong, Stanford University
Hung T. Nguyen, Stanford University
Taresh K. Sethi, Stanford University
Vishal Subbiah, Stanford University
Michael Backes, CISPA Helmholtz Center i.G.
Giancarlo Pellegrino, Stanford/CISPA
Dan Boneh, Stanford University